urlscan.io logo urlscan.io
SecurityTrails logo

www.xgcartoon.com Open in urlscan Pro
169.150.222.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Submission: On November 05 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 7 countries across 32 domains to perform 185 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 169.150.222.217 60068 (CDN77 ^_^)
12 142.250.185.161 15169 (GOOGLE)
1 104.20.218.77 13335 (CLOUDFLAR...)
5 172.67.42.11 13335 (CLOUDFLAR...)
17 142.250.186.98 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
8 142.250.185.97 15169 (GOOGLE)
23 142.250.185.129 15169 (GOOGLE)
35 142.250.186.130 15169 (GOOGLE)
7 216.58.212.130 15169 (GOOGLE)
8 37.157.5.132 198622 (ADFORM)
4 37.157.6.235 198622 (ADFORM)
2 5.9.97.176 24940 (HETZNER-AS)
8 172.217.18.2 15169 (GOOGLE)
6 142.250.185.132 15169 (GOOGLE)
1 6 138.201.63.116 24940 (HETZNER-AS)
3 16 142.250.186.162 15169 (GOOGLE)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
3 178.63.52.121 24940 (HETZNER-AS)
4 7 23.212.218.19 16625 (AKAMAI-AS)
2 149.126.4.39 47302 (CYON)
2 54.36.108.3 16276 (OVH)
1 4 138.201.63.157 24940 (HETZNER-AS)
1 104.18.186.224 ()
1 3.124.180.80 ()
1 178.250.1.9 ()
2 2 35.227.252.103 ()
4 4 64.74.236.31 ()
2 2 185.64.190.78 ()
1 1 54.165.78.186 ()
1 1 18.239.94.92 ()
1 2 52.95.126.138 ()
1 2 51.89.9.251 ()
2 2 18.196.149.165 ()
1 1 3.209.243.77 ()
1 174.137.133.49 ()
1 1 124.146.153.164 ()
1 1 82.145.213.8 ()
1 1 35.214.223.54 ()
1 142.250.184.234 ()
1 104.19.241.24 ()
185 32
5    169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com
www.xgcartoon.com
12    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
cdn.ampproject.org
1    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
c.statcounter.com
5    172.67.42.11 (United States)

ASN13335 (CLOUDFLARENET, US)
static-a.xgcartoon.com
17    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
8    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
23    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
tpc.googlesyndication.com
35    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
7    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
www.googletagservices.com
8    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
4    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    5.9.97.176 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.176.97.9.5.clients.your-server.de
tm.ad-srv.net
8    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
googleads.g.doubleclick.net
6    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
6    138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
ad.ad-srv.net
ad4.ad-srv.net
16    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de
hal9000.redintelligence.net
7    23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com
www.awin1.com
2    149.126.4.39 (Switzerland)

ASN47302 (CYON, CH)
PTR: s030.cyon.net
smartphoto-media.com
2    54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu
cdn.contentspread.net
4    138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de
hal90007.redintelligence.net
1    104.18.186.224 (None, )

ASN- ()
www.conrad.ch
1    3.124.180.80 (None, )

ASN- ()
t23.intelliad.de
1    178.250.1.9 (None, )

ASN- ()
dis.criteo.com
2    35.227.252.103 (None, )

ASN- ()
rtb.openx.net
4    64.74.236.31 (None, )

ASN- ()
b1sync.zemanta.com
2    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
1    54.165.78.186 (None, )

ASN- ()
sync.srv.stackadapt.com
1    18.239.94.92 (None, )

ASN- ()
s.ad.smaato.net
2    52.95.126.138 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    51.89.9.251 (None, )

ASN- ()
onetag-sys.com
2    18.196.149.165 (None, )

ASN- ()
pm.w55c.net
1    3.209.243.77 (None, )

ASN- ()
fksnk.com
1    174.137.133.49 (None, )

ASN- ()
dsp.adkernel.com
1    124.146.153.164 (None, )

ASN- ()
tg.socdm.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    35.214.223.54 (None, )

ASN- ()
csync.loopme.me
1    142.250.184.234 (None, )

ASN- ()
fonts.googleapis.com
1    104.19.241.24 (None, )

ASN- ()
ct.conrad.ch
Apex Domain
Subdomains		 Transfer
66 googlesyndication.com
056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
884 KB
41 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
291 KB
12 adform.net
track.adform.net — Cisco Umbrella Rank: 4256
s1.adform.net — Cisco Umbrella Rank: 9253
78 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
252 KB
10 xgcartoon.com
www.xgcartoon.com
static-a.xgcartoon.com — Cisco Umbrella Rank: 999053
350 KB
8 ad-srv.net
tm.ad-srv.net — Cisco Umbrella Rank: 89525
ad.ad-srv.net — Cisco Umbrella Rank: 50659
ad4.ad-srv.net — Cisco Umbrella Rank: 373396
12 KB
7 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
4 KB
7 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal90007.redintelligence.net — Cisco Umbrella Rank: 241653
151 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
416 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
4 zemanta.com
b1sync.zemanta.com
2 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
2 KB
2 w55c.net
pm.w55c.net
2 KB
2 onetag-sys.com
onetag-sys.com
905 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com
2 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 openx.net
rtb.openx.net
656 B
2 conrad.ch
www.conrad.ch
ct.conrad.ch
2 KB
2 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 88526
2 KB
2 smartphoto-media.com
smartphoto-media.com
114 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 loopme.me
csync.loopme.me
415 B
1 opera.com
t.adx.opera.com
671 B
1 socdm.com
tg.socdm.com
1 KB
1 adkernel.com
dsp.adkernel.com
233 B
1 fksnk.com
fksnk.com
611 B
1 smaato.net
s.ad.smaato.net
472 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 criteo.com
dis.criteo.com
363 B
1 intelliad.de
t23.intelliad.de
556 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
256 B
1 statcounter.com
c.statcounter.com — Cisco Umbrella Rank: 9937
470 B
185 32
Domain Requested by
35 pagead2.googlesyndication.com 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
www.xgcartoon.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
23 tpc.googlesyndication.com 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.xgcartoon.com
pagead2.googlesyndication.com
17 securepubads.g.doubleclick.net cdn.ampproject.org
www.xgcartoon.com
056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
16 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
www.xgcartoon.com
e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
12 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
8 track.adform.net 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
s1.adform.net
googleads.g.doubleclick.net
7 www.awin1.com 4 redirects ad.ad-srv.net
hal90007.redintelligence.net
7 www.googletagservices.com 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 www.google.com e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
6 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com cdn.ampproject.org
5 static-a.xgcartoon.com www.xgcartoon.com
5 www.xgcartoon.com www.xgcartoon.com
cdn.ampproject.org
4 b1sync.zemanta.com 4 redirects
4 hal90007.redintelligence.net 1 redirects e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
hal90007.redintelligence.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 s1.adform.net track.adform.net
s1.adform.net
3 ad4.ad-srv.net ad.ad-srv.net
3 hal9000.redintelligence.net e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
hal90007.redintelligence.net
3 ad.ad-srv.net 1 redirects tm.ad-srv.net
2 pm.w55c.net 2 redirects
2 onetag-sys.com 1 redirects googleads.g.doubleclick.net
2 aax-eu.amazon-adsystem.com 1 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 cdn.contentspread.net ad.ad-srv.net
2 smartphoto-media.com ad.ad-srv.net
2 tm.ad-srv.net www.xgcartoon.com
2 e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ct.conrad.ch hal90007.redintelligence.net
1 fonts.googleapis.com hal90007.redintelligence.net
1 csync.loopme.me 1 redirects
1 t.adx.opera.com 1 redirects
1 tg.socdm.com 1 redirects
1 dsp.adkernel.com e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
1 fksnk.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 t23.intelliad.de e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
1 www.conrad.ch hal90007.redintelligence.net
1 region1.google-analytics.com cdn.ampproject.org
1 c.statcounter.com www.xgcartoon.com
185 43

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G4		 2023-09-24 -
2024-10-25		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
xgcartoon.com
GTS CA 1P5		 2023-09-18 -
2023-12-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
ad-srv.net
R3		 2023-10-20 -
2024-01-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
contentspread.net
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
www.conrad.ch
Cloudflare Inc ECC CA-3		 2023-03-17 -
2024-03-16		 a year crt.sh
*.intelliad.de
Thawte TLS RSA CA G1		 2023-07-31 -
2024-08-30		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 32 frames:

Primary Page: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Frame ID: E747418D709C668C77D2A9C4B83D27D6
Requests: 38 HTTP requests in this frame

Frame: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: B4329650F967E7E26514C4257F1CDF05
Requests: 13 HTTP requests in this frame

Frame: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: F9DFEEE6C60F1015B4534549BB0736D0
Requests: 10 HTTP requests in this frame

Frame: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 30E06A554C4FE6E1453699D40AE93EB4
Requests: 11 HTTP requests in this frame

Frame: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 06463265FAB7C88C37C39B64E96E03F0
Requests: 14 HTTP requests in this frame

Frame: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: B29D8B2CDB20AD0CA44D4B6F98B09747
Requests: 11 HTTP requests in this frame

Frame: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F8D0D1B37A91031EFF869DA2E45EAE84
Requests: 1 HTTP requests in this frame

Frame: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0A837A1263E93AABD3AF733F06E031E0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: 0072EC30C6EDF5E66D99F2FA3EFB6E6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj_5IjGATAB&v=APEucNX57oFkC6-9ZhGwvkigKRAdqXyM3Rjx9fZnFqc-AF2lUrdLumC7GcB01psXBonDi_-Qfg1p16fHI1TES3SsdQlEfV_BPA
Frame ID: 8DB52A2A16BB5E93833D2E7A4D6CA057
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699223004051&bpp=230&bdt=543&idt=375&shv=r20231101&mjsv=m202311010101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3299638836&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079346%2C44795921%2C44807048%2C44807337%2C44807454%2C31078301%2C31079423%2C44807749&oid=2&pvsid=1039536337409970&tmod=2111886243&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.s8bsasmbzibm&fsb=1&dtd=387
Frame ID: 090A4F4DEFBA8F0BD5B71B2CE0F9C5F9
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Frame ID: E07E1AB4B320E730B53A6360ED0F9867
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699223004055&bpp=304&bdt=447&idt=1629&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=291770968&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078238%2C31079345%2C44807048%2C44807336%2C44807455%2C44807464%2C31078297%2C31079424%2C31079356&oid=2&pvsid=2133168225622034&tmod=1914168057&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.r6di40knebms&fsb=1&dtd=1641
Frame ID: 4878F71D5B3291D0C7A300501F05FA70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&adk=1812271804&adf=3279755401&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699223004360&bpp=1&bdt=753&idt=1343&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&is_amp=1&prev_slotnames=3654094576&nras=1&correlator=3653&frm=24&ife=2&pv=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=291770968&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078238%2C31079345%2C44807048%2C44807336%2C44807455%2C44807464%2C31078297%2C31079424&oid=2&pvsid=2133168225622034&tmod=1914168057&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.55qp6hgm75kf&fsb=1&dtd=1347
Frame ID: 82C8DFB30617F3DB9C9A605E4A5AF936
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Frame ID: FFCFCE680AC7F79816C544F474376DEA
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A55180330DA43EE2DF0BF2644D4309A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32637D23880796FBE811BE8893C0C6EA
Requests: 2 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2367340&v=15168&q=361106&r=783431&pv=1&pref2=15168&pref1=65024700161225004452298012499004&gdpr=&gdpr_consent=
Frame ID: 826CC60E910E3E8C1B014E67EFFB4C2E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6B36D3475CF6F95AE796116351FA5348
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BCF37CC2218A27305B1177BC3AC28C4B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F98D12761089B68C0D3FF12699B07013
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4C6EA19D7C0C7FFEED69E5717811B985
Requests: 9 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?awc=11467_414915_1699223007_f11172e0-7c29-11ee-bbbe-22643cd2ee20&insert=AW&gdpr=&gdpr_consent=
Frame ID: 4234124BF77D55662FC0DCC1B34669CC
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=97587700171643604438442012499007&pv=1
Frame ID: BC0B4EE2B8EF7A53DB5DA2F50EA5EA43
Requests: 1 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=97587700171643604438442012499007&a=a86069e2
Frame ID: 93D5647D9024123C245C899F8D782ECF
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1B658993519E734B7C5606EFC0523EA1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B60ED51CB09ADE0A4BD3A2301DDEF9D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 271187DDC06FEDD0A707E046CB329F9A
Requests: 2 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=4489914974391026548&rnd=24513&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCOqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aW6UEThZQJWANpVSWajcqNFOzNg%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w%3Bcrtbdata%3D4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUUy1IRHUoYmOiwowaHd4FRca32qweLNn5_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJSh_lHyf-ArNGXdygC87cYRawzfeVLsd8MegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D
Frame ID: 27EB5615718CE903B8D03336A48B8336
Requests: 6 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2451979&v=15168&q=367416&r=783431&pv=1&pref2=15168&pref1=92167600161228304452298012499004&gdpr=&gdpr_consent=
Frame ID: E77D5817ED2FFEB2CDCD84824546200D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 329423F67C8369C8A5F0E6D431FE8D84
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A7207B3E49AF2AF7F7923146F87926A6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🍣天諭 第2季【國語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

185
Requests

89 %
HTTPS

0 %
IPv6

32
Domains

43
Subdomains

32
IPs

7
Countries

2559 kB
Transfer

6368 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94
  • https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D HTTP 302
  • https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcRbyhjRLUdoZCtSC1T57M&google_cver=1
Request Chain 103
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUgV3vUZzSUt7iETHCpwGAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcRbyhjRLUdoZCtSC1T57M&google_cver=1
Request Chain 106
  • https://www.awin1.com/cshow.php?s=2367340&v=15168&q=361106&r=783431&pv=0&pref2=15168&pref1=65024700161225004452298012499004&gdpr=&gdpr_consent= HTTP 302
  • https://smartphoto-media.com/banner/campaign/nc-general-1-de-728x90-px.jpg
Request Chain 115
  • https://hal90007.redintelligence.net/request.php?zone=r4yapv8fhxky&nw=20&renderingType=javascript&namespace=94904d63fd&subid=&uid=83a10f5e89b13b29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHstS2xVIZbbGO5H9x_AP1K6I8AqRwdCbacv2g5LcD_AuEAEg08vOMGD1_bqBmATIAQmpAircdGgTAbI-qAMByAObBKoE5gFP0NS_R6Y5AsNi7ssPFj9KGwE7xwj1b7VWUuVECL8Aq4AZgISoYJABAFSIs8lVAsb5Av8mLBP4shYn16Da3T4gxXwoO9ZLg2m8JX1XVmATBTUdsj3xDRpCivG8_VS39cyLppr23t38QLAwnstV7gMHnHd7JZmlf17pR_uGdPgNS-IMEl5w8S-7rEdB6Rw-UNs1AQBUm64vx42u_taHTVSBBtIjy9Y8T29pA80mGCWUXKZCs4T0Zc-PJ93VijQz59mDSKwNDnlrEvYP6qS5hFX2A8-4H8FAtXc6GQcs4WHNAw-QbtteuMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSOINEwihmK788q2CAxWR_hEIHVQXAq6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSKQDICaaNgKrzCtf3JhNepCavs3YHqoqhUR3-5hy-WYlfLRnXnKgETD63GAE%26sig%3DAOD64_1Kmm4UCV2cTDYMzpwo1cdiNiufhA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-AQ0Wl0ETUTOYMZqts8DgxNJ0mD9aPWBO3kGSlS_bcsYG1QxQbT9cM53VzxzxXWbYkwhBQEpo8oRzGnTY0bbb46BUulKdvbsTikFZfxdN4WYL886m1J73j5WVX2yzrpQ1PF7kGan2ral1QfSTCuVtxD-XmF-UKwEohm-Ak4QKceo-Y0_-w%26cry%3D1%26dbm_d%3DAKAmf-DnEVo6zzextnO-7zy6xTWLc0SD5FX9nqVMtlAEGJSTXy-4bQtFN98qUZ5KM30cldMlboMbh_exLXAMhHXhkjD8V5p-45685xG_YyMVD_LpIEfEVcHFNuaiHuUtYk_fQouZZ2bYc-QC02oBra9eBQCcAwPWbgnhhTM7jLKquxHnvHeoSMWq6gs3fYDETkCZ9M8d2l8zZ-HThnipfA5RsvwCKu5DTjcEfBrjlsfHwNeQbZaFEUyFIBQBYvKuPw81W8QePfQHAxE0oNCHBj4k4fbBOpuYnyLLbGhBL2OQNoe169tTZVqk5UGH3YHUXCfRw6teVAG1_t5qGhqE-0eP-t5RDkTlT4tvX7yZXAHyB6s10ZTp5uLdMZuRdRcnkYBOIdoCPhU1lkggu9_aI7tr-ANaLAKTJ2R506FmkNvdxRMutK2Q9Q9Sn0fiP-bBXYdBxzPAbBiLxaPTGpUtotQjsLaO4Py5V1SFA1UtATKwTyfQ9VgYf-_bgrFk6QIhAyT159IecD-nLwIVMMde9DisCHrW5FPhdWz96AID8KYm7sVF2RJeAl4ZZxi1iHeDwnQ_l3txB4mnPuLXSSKKAYYkSrgzr5qySA%26adurl%3D&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3329995787286&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
  • https://hal90007.redintelligence.net/request.php?zone=r4yapv8fhxky&nw=20&renderingType=javascript&namespace=94904d63fd&subid=&uid=83a10f5e89b13b29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHstS2xVIZbbGO5H9x_AP1K6I8AqRwdCbacv2g5LcD_AuEAEg08vOMGD1_bqBmATIAQmpAircdGgTAbI-qAMByAObBKoE5gFP0NS_R6Y5AsNi7ssPFj9KGwE7xwj1b7VWUuVECL8Aq4AZgISoYJABAFSIs8lVAsb5Av8mLBP4shYn16Da3T4gxXwoO9ZLg2m8JX1XVmATBTUdsj3xDRpCivG8_VS39cyLppr23t38QLAwnstV7gMHnHd7JZmlf17pR_uGdPgNS-IMEl5w8S-7rEdB6Rw-UNs1AQBUm64vx42u_taHTVSBBtIjy9Y8T29pA80mGCWUXKZCs4T0Zc-PJ93VijQz59mDSKwNDnlrEvYP6qS5hFX2A8-4H8FAtXc6GQcs4WHNAw-QbtteuMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSOINEwihmK788q2CAxWR_hEIHVQXAq6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSKQDICaaNgKrzCtf3JhNepCavs3YHqoqhUR3-5hy-WYlfLRnXnKgETD63GAE%26sig%3DAOD64_1Kmm4UCV2cTDYMzpwo1cdiNiufhA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-AQ0Wl0ETUTOYMZqts8DgxNJ0mD9aPWBO3kGSlS_bcsYG1QxQbT9cM53VzxzxXWbYkwhBQEpo8oRzGnTY0bbb46BUulKdvbsTikFZfxdN4WYL886m1J73j5WVX2yzrpQ1PF7kGan2ral1QfSTCuVtxD-XmF-UKwEohm-Ak4QKceo-Y0_-w%26cry%3D1%26dbm_d%3DAKAmf-DnEVo6zzextnO-7zy6xTWLc0SD5FX9nqVMtlAEGJSTXy-4bQtFN98qUZ5KM30cldMlboMbh_exLXAMhHXhkjD8V5p-45685xG_YyMVD_LpIEfEVcHFNuaiHuUtYk_fQouZZ2bYc-QC02oBra9eBQCcAwPWbgnhhTM7jLKquxHnvHeoSMWq6gs3fYDETkCZ9M8d2l8zZ-HThnipfA5RsvwCKu5DTjcEfBrjlsfHwNeQbZaFEUyFIBQBYvKuPw81W8QePfQHAxE0oNCHBj4k4fbBOpuYnyLLbGhBL2OQNoe169tTZVqk5UGH3YHUXCfRw6teVAG1_t5qGhqE-0eP-t5RDkTlT4tvX7yZXAHyB6s10ZTp5uLdMZuRdRcnkYBOIdoCPhU1lkggu9_aI7tr-ANaLAKTJ2R506FmkNvdxRMutK2Q9Q9Sn0fiP-bBXYdBxzPAbBiLxaPTGpUtotQjsLaO4Py5V1SFA1UtATKwTyfQ9VgYf-_bgrFk6QIhAyT159IecD-nLwIVMMde9DisCHrW5FPhdWz96AID8KYm7sVF2RJeAl4ZZxi1iHeDwnQ_l3txB4mnPuLXSSKKAYYkSrgzr5qySA%26adurl%3D&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3329995787286&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Request Chain 141
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=97587700171643604438442012499007&pv=1 HTTP 302
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1699223007_f11172e0-7c29-11ee-bbbe-22643cd2ee20&insert=AW&gdpr=&gdpr_consent=
Request Chain 150
  • https://rtb.openx.net/sync/dds?google_gid=CAESEHhuBY3oG3ru2wqtl9vUqoY&google_cver=1&google_push=AXcoOmQTSR5OYLj0-H93d-22Iyr1A_MXtyn8fKRsNLAo6YKKVXsr88UJvi6mZEuvY5OG3NSOoHf1sgITMObLUqh1KuPLfLPXrUTDYA HTTP 302
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEHhuBY3oG3ru2wqtl9vUqoY&google_push=AXcoOmQTSR5OYLj0-H93d-22Iyr1A_MXtyn8fKRsNLAo6YKKVXsr88UJvi6mZEuvY5OG3NSOoHf1sgITMObLUqh1KuPLfLPXrUTDYA&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQTSR5OYLj0-H93d-22Iyr1A_MXtyn8fKRsNLAo6YKKVXsr88UJvi6mZEuvY5OG3NSOoHf1sgITMObLUqh1KuPLfLPXrUTDYA&google_hm=njfnuYLtyHoTscSpROOjbg==
Request Chain 151
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA4xylsWZP8GLpvB2hIZUTE&google_cver=1&google_push=AXcoOmS4_R7sxhFT_lGAmBGBwuRYtfuuIjqk6AgAAsEXkCImBLuNVNu1IGW72VqXWQWH0A61OYUu4y331pcGqWuNTPx2cDwOE_PGGA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA4xylsWZP8GLpvB2hIZUTE&google_push=AXcoOmS4_R7sxhFT_lGAmBGBwuRYtfuuIjqk6AgAAsEXkCImBLuNVNu1IGW72VqXWQWH0A61OYUu4y331pcGqWuNTPx2cDwOE_PGGA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS4_R7sxhFT_lGAmBGBwuRYtfuuIjqk6AgAAsEXkCImBLuNVNu1IGW72VqXWQWH0A61OYUu4y331pcGqWuNTPx2cDwOE_PGGA&google_hm=eGxZa0diTjAwRnhHRzh0MjFLTXg=
Request Chain 152
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOwSaAugPGoAVSZtqJFG9r0&google_cver=1&google_push=AXcoOmSkIBvH5fQjbOaXb2YVLLGlOdqZq-mWGOdMmqpsbJ1hmgxWiwgG2ntKKy2M4th0NLXTC4YNey_4FHH3cXFex6hIyWXVIBLChg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOwSaAugPGoAVSZtqJFG9r0&google_cver=1&google_push=AXcoOmSkIBvH5fQjbOaXb2YVLLGlOdqZq-mWGOdMmqpsbJ1hmgxWiwgG2ntKKy2M4th0NLXTC4YNey_4FHH3cXFex6hIyWXVIBLChg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WHUUiGkSRlWSL0UQd4CyiQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSkIBvH5fQjbOaXb2YVLLGlOdqZq-mWGOdMmqpsbJ1hmgxWiwgG2ntKKy2M4th0NLXTC4YNey_4FHH3cXFex6hIyWXVIBLChg
Request Chain 153
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHGPqRJFyTaSgQvzlGtOHdI&google_cver=1&google_push=AXcoOmSZcjYKRQnHXYZQRn2McC9AtZvt6Dc6l94M48yb4pK8ywsNpyeEV7RXxsyquXUu_bqqHJqW14BDy2EPiqdBEtIWiIfUS_hC1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=-QQpk96bXoxTR5l_qlEixlOWOa4&google_push=AXcoOmSZcjYKRQnHXYZQRn2McC9AtZvt6Dc6l94M48yb4pK8ywsNpyeEV7RXxsyquXUu_bqqHJqW14BDy2EPiqdBEtIWiIfUS_hC1A
Request Chain 154
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJTCFsTayX1DC_zYFGA3Aa0&google_cver=1&google_push=AXcoOmRWJYBOD9D-v606xPZ1fSRKgHRvghvwUGG4NlxdFus_bFZ-WCOJr1UnUZ_nCEgFyhFbnYG1fa6f0QKIrlRuJolNUdY18jC58w HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=66f6331dbe&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=66f6331dbe&gdpr=0&gdpr_consent=&dcc=t
Request Chain 155
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBjCZjpSZkaMk-hooU9RFnk&google_cver=1&google_push=AXcoOmRJcGoZE9tkIeRhlZi9MoUWvqPgLh7Gl9XAA5IGDjahcbJ_yFSwt0441PK6Ze9XMoMtgahTxMw9QmU6g9ZEQ5Psy7rkNRPxow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi6GVcm8zDfv_N2nGuebtKSAzHEAxIIqilg&google_push=AXcoOmRJcGoZE9tkIeRhlZi9MoUWvqPgLh7Gl9XAA5IGDjahcbJ_yFSwt0441PK6Ze9XMoMtgahTxMw9QmU6g9ZEQ5Psy7rkNRPxow HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 157
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHKhC2UW4BEjsSRlhx3GLxU&google_cver=1&google_push=AXcoOmR2tvVZ-VZheBbrBEhIOIdeYyg_49Bbmdu_04qRP6FIhCnZRsw2VsqUA6075GHfQoa-MTfP-T5ZYzjVo6tRnDFt6fdTJJfX HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHKhC2UW4BEjsSRlhx3GLxU&google_cver=1&google_push=AXcoOmR2tvVZ-VZheBbrBEhIOIdeYyg_49Bbmdu_04qRP6FIhCnZRsw2VsqUA6075GHfQoa-MTfP-T5ZYzjVo6tRnDFt6fdTJJfX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVAyQVhIOXcxUVpMd0g1&google_gid=CAESEHKhC2UW4BEjsSRlhx3GLxU&google_cver=1&google_push=AXcoOmR2tvVZ-VZheBbrBEhIOIdeYyg_49Bbmdu_04qRP6FIhCnZRsw2VsqUA6075GHfQoa-MTfP-T5ZYzjVo6tRnDFt6fdTJJfX
Request Chain 158
  • https://fksnk.com/cs/google?google_gid=CAESEDq1HgepRkNfINLbKQEL8DQ&google_cver=1&google_push=AXcoOmR07mn7egHGIQQbQiQI2GCaInOBAwUOwTNZPS1dq6JQjw2VFZtvcbkYrLObs9NRDBVRhg55gphkvWnpPxFqzc9zTNpmeid7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODAxM0U2QTM5RUM1QzBBOQ==
Request Chain 159
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA4xylsWZP8GLpvB2hIZUTE&google_cver=1&google_push=AXcoOmSfQks5MAI2F38R4oMc8w9G5Fgmnoa9sr0oN8fMfIfAv2SGSQ59AzD6gNrlxsyh5ekz1NUD9cUTXa6ugSuCeQHPxEiBOkLIjQ HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA4xylsWZP8GLpvB2hIZUTE&google_push=AXcoOmSfQks5MAI2F38R4oMc8w9G5Fgmnoa9sr0oN8fMfIfAv2SGSQ59AzD6gNrlxsyh5ekz1NUD9cUTXa6ugSuCeQHPxEiBOkLIjQ&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSfQks5MAI2F38R4oMc8w9G5Fgmnoa9sr0oN8fMfIfAv2SGSQ59AzD6gNrlxsyh5ekz1NUD9cUTXa6ugSuCeQHPxEiBOkLIjQ&google_hm=eGxZa0diTjAwRnhHRzh0MjFLTXg=
Request Chain 161
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEJMNYrp4wZySkrpQpNKTxa8&google_cver=1&google_push=AXcoOmQmw2oJge8q6542UVVXv8uNL4DdCAC0fNBc7ptoQiAhH-ODa3PymEQwPdK4zI4Uj5CcIT-tkMZtw479i23y0CZZWp9xk_KQ1w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQmw2oJge8q6542UVVXv8uNL4DdCAC0fNBc7ptoQiAhH-ODa3PymEQwPdK4zI4Uj5CcIT-tkMZtw479i23y0CZZWp9xk_KQ1w&google_hm=WlVnVjRjQ284WG9BQVBDOXJnVUFBQUFB
Request Chain 162
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRxioDdMRymoOYqHo0IJ74m0c4UI6FdcEmJobqxbnbbxAUVH7mm56rVztznXiYP1ha0kcGgP_WX0a_cv0MuId1VSi3ShXDKWfY&google_gid=CAESEDA5Ns-PzPTeUI7b0cOPvjQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDA5Ns-PzPTeUI7b0cOPvjQ&google_hm=T1BVNjc5NGIxYzE5ZDk0NDFjNDgxYjNkYzRiOGUyZTMxN2Q&google_nid=opera_norway_as&google_push=AXcoOmRxioDdMRymoOYqHo0IJ74m0c4UI6FdcEmJobqxbnbbxAUVH7mm56rVztznXiYP1ha0kcGgP_WX0a_cv0MuId1VSi3ShXDKWfY
Request Chain 163
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEA39Mc2EMDzkHNJkKCDnW1E&google_cver=1&google_push=AXcoOmTX4LdDjovdPohNnviKSPLuPs25MgzM4_MRCU7E-dRqosOP-JHllBI8UioKeXvxACY36i5d-Irchs9JpUQ0RgpivXh96iHJcLM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=46ae3460-e94e-4e54-a978-8aec0e05826d&google_cver=1&google_gid=CAESEA39Mc2EMDzkHNJkKCDnW1E&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTX4LdDjovdPohNnviKSPLuPs25MgzM4_MRCU7E-dRqosOP-JHllBI8UioKeXvxACY36i5d-Irchs9JpUQ0RgpivXh96iHJcLM&gdpr=${GDPR}
Request Chain 166
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=97587700171643604438442012499007&pv=0 HTTP 302
  • https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Request Chain 175
  • https://www.awin1.com/cshow.php?s=2451979&v=15168&q=367416&r=783431&pv=0&pref2=15168&pref1=92167600161228304452298012499004&gdpr=&gdpr_consent= HTTP 302
  • https://smartphoto-media.com/banner/campaign/general-1-de-728x90-px.png

185 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tianyu_di2jiguoyu-shenleping
www.xgcartoon.com/detail/ 		79 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ceaa50f1a4316ba5429f30846da674961998f39c3f71470c40cfc3c7389b1082

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 05 Nov 2023 22:23:20 GMT
etag
"13ae1-HSC1AfEzGYuG9qdpif8xt0b42Fc"
expires
Sun, 05 Nov 2023 22:24:20 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 22:23:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73131
x-xss-protection
0
server
sffe
etag
"8cd1ce497f4c5169"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Nov 2023 22:23:21 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
95ceb163af22ecb4ed905a6fe5640bdcb154bc5ca7f823c95829db5b467b50b2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 22:23:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23125
x-xss-protection
0
server
sffe
etag
"321a8a2e321127f9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Nov 2023 22:23:21 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
5362b061983a3dec0baedadae28c6d9e9f66e20ef90ba320d685a8b235f265e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 22:23:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
sffe
etag
"3b61813235d76964"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Nov 2023 22:23:21 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
e2d90ec3418d19aa3b77e76054eb71b0fd006122c432bff404a326638e618c64
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 22:23:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14995
x-xss-protection
0
server
sffe
etag
"ab43075a93144b3f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Nov 2023 22:23:21 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
39dd759ff5c50fb31d083cdeae81b5285589827cb3c879ed9fe8feed7dd08f45
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 22:23:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15372
x-xss-protection
0
server
sffe
etag
"3ed1b2df45f63101"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Nov 2023 22:23:21 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
2f5c46e1d404df5a4c0813d11cbb826a9c17727aacff600308c27f2fd3c892a4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 22:23:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4733
x-xss-protection
0
server
sffe
etag
"ed220d8c0d8aaf6b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Nov 2023 22:23:21 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
c2e430617e3c3499b05d805e8efff4ff506476de56642b1afd2e151e5832383c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 22:23:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10353
x-xss-protection
0
server
sffe
etag
"57f39d55bac17a27"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Nov 2023 22:23:21 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
759d98cf1d61c19a6a5ded8a4e97755d72a8f24ad9cf0879b5f6a712e77f55ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 22:23:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32263
x-xss-protection
0
server
sffe
etag
"3040d9cf2f8c9f18"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Nov 2023 22:23:21 GMT
/
c.statcounter.com/12916097/0/c55d9f9f/1/ 		49 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray
8218802c48c966bd-AMS
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT
logo.png
www.xgcartoon.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:20 GMT
last-modified
Sun, 28 Aug 2022 14:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"3473-182e4ca3706"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
13427
expires
Sun, 05 Nov 2023 22:26:20 GMT
tianyu_di2jiguoyu-shenleping.jpg
static-a.xgcartoon.com/cover/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/tianyu_di2jiguoyu-shenleping.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b76c158c6005abd6c54167ce658b347eefbfffc9b1f902f8e689c95191849a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Nov 2022 01:47:37 GMT
server
cloudflare
etag
"D4A9FBE886ABDEFE936E07D9F34DBA71"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8218803208b21d8a-FRA
content-length
165464
expires
Wed, 08 Nov 2023 22:23:23 GMT
play.png
www.xgcartoon.com/img/ 		470 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:21 GMT
last-modified
Wed, 17 Aug 2022 11:09:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1d6-182ab7e5700"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
470
expires
Sun, 05 Nov 2023 22:26:21 GMT
star.png
www.xgcartoon.com/img/ 		424 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:21 GMT
last-modified
Wed, 17 Aug 2022 11:09:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1a8-182ab7e37c0"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
424
expires
Sun, 05 Nov 2023 22:26:21 GMT
shanzhangzhuonongdegaomutongxue_di2jiriyu-shanbenchongyilang.jpg
static-a.xgcartoon.com/cover/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/shanzhangzhuonongdegaomutongxue_di2jiriyu-shanbenchongyilang.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e8742ae03925d79d84a260c0e1ea2219b2500d91b9d4f588125bb3961bd5539

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:22 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 08:12:58 GMT
server
cloudflare
etag
"A6260AA1FC130A7B080F5B3A9D480673"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8218803208b61d8a-FRA
content-length
81031
expires
Wed, 08 Nov 2023 18:31:11 GMT
mokashaonvyingbaibianxiaoyingmoshuka-clamp_chupingongsi.jpg
static-a.xgcartoon.com/cover/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/mokashaonvyingbaibianxiaoyingmoshuka-clamp_chupingongsi.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1f32842fecd33e4e3e6cbe234cb62f4f360b7be9547beab6a340c154a2309f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:22 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 25 Sep 2022 07:07:49 GMT
server
cloudflare
etag
"88A1FBEA71BF0E11D2A674ABBE1EE562"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8218803208b41d8a-FRA
content-length
10481
expires
Mon, 06 Nov 2023 12:23:00 GMT
sanguoyanyi3dguoyu-luoguanzhong.jpg
static-a.xgcartoon.com/cover/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/sanguoyanyi3dguoyu-luoguanzhong.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
218260ffe3c50d6fb7690b0dc21265bdf6446ed1af49dda7ce3c717c74ad19bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:22 GMT
cf-cache-status
HIT
last-modified
Wed, 17 May 2023 02:34:11 GMT
server
cloudflare
etag
"A2EC61E7DAFF5E5650B30A8D6645DA24"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8218803208b81d8a-FRA
content-length
53713
expires
Wed, 08 Nov 2023 18:12:39 GMT
ouhuoxueyuan_di3jiguoyu-mucunlongyi.jpg
static-a.xgcartoon.com/cover/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/ouhuoxueyuan_di3jiguoyu-mucunlongyi.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df02a2ed1c31d76b24404bd12fc04847ed246c2e23e1bc94bbcf1eeb7755c88e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:22 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 07 Nov 2022 00:21:30 GMT
server
cloudflare
etag
"7F26CA8428BC9AA233C76E5440313AFF"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8218803208b71d8a-FRA
content-length
11745
expires
Wed, 08 Nov 2023 01:23:40 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:15 GMT
age
446826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"4ca4ccf1afd64d82"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:15 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		953 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		792 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		440 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		394 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		227 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		154 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		237 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
256306bb295af55f0fd7de58d88db2952523220c4a2a3a5ad02aa9a5572b4a17
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:15 GMT
age
446826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63665
x-xss-protection
0
server
sffe
etag
"cd3354c7460b11b0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:15 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:15 GMT
age
446826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3941
x-xss-protection
0
server
sffe
etag
"aef77be21ea5e253"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:15 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310201815000&d_imp=1&c=2003653&ga_cid=amp-HKXPk2yxaVemTDryFYTUdw&ga_hid=3653&dt=1699223002042&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Ftianyu_di2jiguoyu-shenleping&bdt=1246&dtd=21&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b51bfbff380d78710f7164001073a002536c4f865b0c58d08e12b0f4b4c94556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:22 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13583
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CL3l2PvyrYIDFa8DVQgdzrEEoQ
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027453313
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 05 Nov 2023 22:23:22 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310201815000&d_imp=1&c=2003653&ga_cid=amp-HKXPk2yxaVemTDryFYTUdw&ga_hid=3653&dt=1699223002042&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Ftianyu_di2jiguoyu-shenleping&bdt=1246&dtd=24&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f546c150ea872329080fe814d8019b691237b61c8ec23e5a24cae3e1c8033cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
120x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13580
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CMKA2fvyrYIDFcIdVQgdPvsLoA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138351399062
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 05 Nov 2023 22:23:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310201815000&d_imp=1&c=2003653&ga_cid=amp-HKXPk2yxaVemTDryFYTUdw&ga_hid=3653&dt=1699223002043&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Ftianyu_di2jiguoyu-shenleping&bdt=1247&dtd=25&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a64bf3d071c4f93d3cddf4559f949a9680e9078cdb21bedb988498518a126510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:22 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
300x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23842
x-xss-protection
0
google-lineitem-id
6350518020
x-qqid
CP3f2PvyrYIDFUqC3godCEEFlA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138441312652
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 05 Nov 2023 22:23:22 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310201815000&d_imp=1&c=2003653&ga_cid=amp-HKXPk2yxaVemTDryFYTUdw&ga_hid=3653&dt=1699223002043&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Ftianyu_di2jiguoyu-shenleping&bdt=1247&dtd=26&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b5fcc301de183d6189abb88d0b048dd908b59fa13b6d51d316bf35b9c007d0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
300x250
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13573
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CJb-2PvyrYIDFVJK4Aod8fECGw
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027454513
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 05 Nov 2023 22:23:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310201815000&d_imp=1&c=2003653&ga_cid=amp-HKXPk2yxaVemTDryFYTUdw&ga_hid=3653&dt=1699223002043&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Ftianyu_di2jiguoyu-shenleping&bdt=1247&dtd=27&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f3e1c69bdbdac4ee79e459b0bfd68fd8e3fcf42bc8f1c9cabf3ff6e5a7199a9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
728x90
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13830
x-xss-protection
0
google-lineitem-id
-1
x-qqid
COrv8PvyrYIDFQUO4AodVe8HeQ
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 05 Nov 2023 22:23:23 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012310201815000/v0/analytics-vendors/ 		2 KB
980 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:07 GMT
age
446835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"19292b0beef12704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:07 GMT
ga4.json
www.xgcartoon.com/js/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
AMP-Same-Origin
true
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:22 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 10:49:40 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"11d8-187c255423d"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cache-control
max-age=180
accept-ranges
bytes
expires
Sun, 05 Nov 2023 22:26:22 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=3653&cid=amp-HKXPk2yxaVemTDryFYTUdw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Ftianyu_di2jiguoyu-shenleping&dr=&dt=%F0%9F%8D%A3%E5%A4%A9%E8%AB%AD%20%E7%AC%AC2%E5%AD%A3%E3%80%90%E5%9C%8B%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1699223003&sct=1&seg=1&_et=1000&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B432 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:23 GMT
expires
Mon, 04 Nov 2024 22:23:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F9DF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:23 GMT
expires
Mon, 04 Nov 2024 22:23:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 30E0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:23 GMT
expires
Mon, 04 Nov 2024 22:23:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0646 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:23 GMT
expires
Mon, 04 Nov 2024 22:23:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B432 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:44:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
9505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Nov 2024 19:44:58 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B432 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
143146d5ac4dcd5406648a08e604a252793bb691029ff559a78bf36d083adca0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10196
x-xss-protection
0
server
cafe
etag
6899765862966811484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B432 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F9DF 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
14756aabfacf30057674a848ca8142e04a19471a50d328357b38f186ad644081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
server
cafe
etag
963 / 19666 / m202310310101 / config-hash: 7101305502720886139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F9DF 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F9DF 		0
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfm7A_BQdk2YaxRl2G4RkZ3xMAeN1-4w2F143sHvRbGdgx2Ph9mY6ZBlSveLorgX55Dqb6pEZr-bx5n8OgWtEDExCA4bbMMILITuCowG55JL8bqYLDy22UW60zGTCCYjBJL7g4WnAx-NKjaGTRnPpwSMGsZfUyda51E2RwwRUQO_yoFgLVFF5AjmNRyaUCR0lSUvAbytlAThaVBmHqY6Fds60f5UJNgVf5UreXv37tPe1iaGdh7cHIff2CaFF5YK6HHULGvPBGBr7IZ7aqZc3BLUVDCs9WR6UNAbgZbDBwQPjqgj7uEjeBgu8oT4maXISyv_fZfdz0tGRWsJX9EfjG3vOuA0Cu_n0OBq8fjfI6tOmeIAJQG_m7K0V51b2yG-Qtr3vyjYok&sai=AMfl-YTmkeonv21WwEnL2IvXo9BhJQtGgW3B9UNizAgRKCJ-HjNJtiGok0crjJ93FQ0dj-dAUZVFQqL1eO4esNI&sig=Cg0ArKJSzKg8wZKJYNncEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 22:23:23 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 30E0 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:44:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
9505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Nov 2024 19:44:58 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 30E0 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
077b3381c651cdc445e75305bab92a28ddc1b937895c022a05a0ad2912106fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10054
x-xss-protection
0
server
cafe
etag
1324813504002426102
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30E0 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
/
track.adform.net/adfscript/ Frame 0646 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=54110886;rtbwp=ZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ;rtbdata=Q55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA&client=ca-pub-5884294479391638&adurl=
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6d8c4ab8f33e86389b164b4376cf44158d8a5f5df945f4c56a6927edcd37033f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1692
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0646 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
35213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0646 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
11003
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0646 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:44:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
9505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Nov 2024 19:44:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0646 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
container.html
056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B29D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:23 GMT
expires
Mon, 04 Nov 2024 22:23:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B29D 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f87c2c495dfe75b5e3e63dcf69faa5ea9c541ce518b6b244eafd3f0085ba082a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10257
x-xss-protection
0
server
cafe
etag
14435432854700215374
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B29D 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B29D 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshmhuwIyTGSJ3VKj2w40Bfa9hu82XYcrmmiV6P76tnHjXtHE-pFZKZUI35TnaDfTcCTugHKzeRVGSF66eA3yhHjoHSJSzC3HtNuRxyxKbQEONnCALwZFv4hNOYrZG0jM_z8N-a6keAUQkF06mrkZzhqx6HUr7m6go0BBKe-S3GtxuB5OuJXIwkjR07YFevmblUak5W8lB1sF8xYw3DJGbOKCEVqLNcxNw4Xh6gJLxp-Qo57Pzc4ADb6p3rikIAEioLTQ1uVgP_Wv5O1u8oJOov3sDyn0eB2Lhetqw89DcN9DhcUKzEt4SqiHL5HnclY4CyddAta34Hyg344gY-fwJ3GG9zMhWIdmU5LFettpCdDk9HfVdDFap9QhbRl-9h_tHrD5w&sai=AMfl-YSWzNMx2wc6Tp5t2vLjT2xR37PS65YufgIu-BYiGVNuRR-FahgSAvpxd_2VxI8n0gtu5Bgn79J0c2dPQ9Q&sig=Cg0ArKJSzMLuYo-J_d6AEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ Frame F9DF 		425 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11997
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136288
x-xss-protection
0
server
cafe
etag
17302374607849014435
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 04 Nov 2024 19:03:26 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 0646 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54110886;rtbwp=ZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ;rtbdata=Q55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA&client=ca-pub-5884294479391638&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame F9DF 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1909025794573421&correlator=3866535126100312&eid=31079380%2C21065725&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_mob_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600%7C300x100%7C300x250%7C300x600&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com&abxe=1&dt=1699223003888&adxs=-12245933&adys=-12245933&biw=300&bih=1200&scr_x=0&scr_y=0&ucis=xvgdx27w2fz3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Ftianyu_di2jiguoyu-shenleping&loc=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&dlt=1699223003507&idt=335&prev_scp=in2w_key9001%3D1%26in2w_key%3D3%26in2w_key2%3Dnope%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D3%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1&adks=1516593466&frm=24
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d8f6689ab7feabaedffa7257fd9a62a04fead2c4e3a873a2c8917ab96ca1d58e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12400
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:23 GMT
expires
Mon, 04 Nov 2024 22:23:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B432 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn1q864ugmzdDl14JCUulu50WbUowqGdIclyi2SAzvJN01mYGtPxGKl9Ktahe02sWalheNALaayQIf13sxw4Y793bHNRGf64Vo3sbxThhyfGSt3c-I-_vHSwk_2nHZQDNAQN7fIvpu7ocfK4QXZbhRPVc4lwrMDsQVvRhhQgbuPvbBBuRDF4K1oLuhH3J6P7eokdfjUG6IcbVYha4y7EfzjLVQEfW5OeiRXJCvcSWDtwks_aQAqCW-2_53OBtdRIbsjONt2DiQ5U8Cp-CCrOgWF6lH5qoyq3MP0sOjYyW2pdtjB0uUOhMgEyzT8iMIx_kxajQ2POO5Nf69xCcE5KpMip8-e38yMpXgSea0_JcwXVCymVpvkxqe2THm8EGZlrUZaVc&sai=AMfl-YRS1rkiiLPgWzt7TE4_9NRV5L-IoYr6W-f_AIbQfPsKRGt4xoVKtA4l_O27LafoDxriEmQZHrZTzUHO4Ac&sig=Cg0ArKJSzPqyVyllWa29EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B432 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6be60f9ff5c2fc31b6e2034aeb2fdd285aea67d5d5aa1b446bbba1ecf1e015d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51859
x-xss-protection
0
server
cafe
etag
9426479215381474238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 30E0 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSy7rEjqPm5y3ou73R30imp_sRF7aBgBtyO0mwOkH-zgenb8sAoX051gtDUMzsIRs0hoUQoxyBS-vXX5EUjJxZ6PB6Iuz9p8simpjw-ufg9hlYEa9gC-ZYi1Q6kSjQ-k3fue_mj5RJw1iqllZsNqYaHSf2S1tgtN1UGL3C1EPRjvGCKlUwOPJcbNBB7kw9vPqKAxPqT-rH8HDmJVBlCfJuAsAqiEEZcwXxnBg2_aL9X3hyrP4AUxel8MJ0oL2C9YwD0tDie8Wyq9BcR2R-VPAR2p2f0LcWtUw-b_p3Xwsn2-gz4Hl_2bEl2DMDreV_2hQdzPCwzkc2nKsMk_N8J8iHQXxYy3xFKuZrjfPjRaBSYbSfxwaFLm1g3j62ANOFvb4qzg&sai=AMfl-YSHsK-KyOIr4jJ5tALPNQ4J2T-2skQSQxgmTOF8WCa5lDOfn7FhQYJQSDCA55oAjpL-NAXBrjPKbtGmZ7M&sig=Cg0ArKJSzLoHZtPbmezQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 30E0 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
389e4f1ff89f753742beb025716b65e12a44787e2e6ff0f4b3294b1635b3c0be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52106
x-xss-protection
0
server
cafe
etag
8984579100012150479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B29D 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
75ca465d4c8ba825da25f5af38b31d784a3850dce7144d4add73df1349eb0b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52074
x-xss-protection
0
server
cafe
etag
8702458206801041635
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
truncated
/ Frame B432 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfc0b47f9e22a2139f61e7a46c93d14c209b829a5e188969de107573296d40d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/adfserve/ Frame 0646 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=54110886;rtbwp=ZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ;rtbdata=Q55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA&client=ca-pub-5884294479391638&adurl=;js=1;adfxid=1x;7223;set=en-US|en-US|1600X1200|0|750|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9653fe42d47d1d471f3e1677c892c70fdac605e45d395544b6a24c27c92cc8e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3405
expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ Frame F9DF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
2478465ebdde44e47e7fc4d25cd5c2077981d09deca6b31c83ab7872a51c8684
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12341
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F9DF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQjB572XDv51jnKjdT2SGmGTvhuQdDDgaCdMK-ZgtqmHAAQDwxiwPGG2-XgoZczCHGGccpkxlV4nkptOTyZPm2NDjkYG2yrBApze6tkG-zkZ7Gr6L8QHHJskT_MeGMTHLnvofRg3wtalePtsSVN9BqNknLWKZSHuWEjaJX8tt1oAUtuJ5C04qAuSPYzGNLcjXQCl3ZbUQAIN9cJFtemZwIHg7z2kshw_IXuA6PB6Hhf4OdhDLFVj51yGGmK6YDxlCSFdtjVOVKIWgBaUQOUWRKinx3EHUZoLcoloHNyfZpjWXE0eh_bYj1n-1rOHOKGqj4jnOR755Sb47LFjbe7h2zwDT-agM6ZboL3LG6xEyPwr4puYWAzHIuXFT7oyzeLa0Zo6XPUONQ9LU&sai=AMfl-YRqG72aqlM6HOKIFyBI3fvrZO1pLEaXz0WIspcCKbRfjp_anzHe8Gsw40_VdFXD34qQYeaCC1owkbr3O2A&sig=Cg0ArKJSzEnXFxD3JJS_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 22:23:25 GMT
truncated
/ Frame B29D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eef55b9245fcae1e36be0d219cac8e117217048f899acc915781e29d651fc5c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bd4e7bcd7e.html
tm.ad-srv.net/tm/a/container/html/ Frame 0646 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=aa2fa19adb&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=www.xgcartoon.com&eVRDB=xgcartoon.com&eVAI=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.9.97.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.176.97.9.5.clients.your-server.de
Software
nginx /
Resource Hash
ecdb9f6bf0519534b3288c7436167b5be97fe035efdcd54a5e3f46392c7a167d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 22:23:24 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Expires
0
/
track.adform.net/csimpr/ Frame 0646 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=54110886&csi=60pWKtdYpDZ2ytB-UZ_IpUOQPrDOHIr1RPeMKuGqSArrygPkIxxfk2GwT1-a-qjOKjbKOuLDGjgjbr_RtR7-w2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
truncated
/ Frame 0646 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e918d3762f6bcd4bc7669e3961bf26cf6ad8c769e5c29026ceb96d98365ae975

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ThirdParty
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 0646 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
73bf38e360808e83c5e94f6089326848f56880e84dc21c7ab1cc538e6f2b83c4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:10:00 GMT
container.html
e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A83 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:23 GMT
expires
Mon, 04 Nov 2024 22:23:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/ Frame 30E0 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079423
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e8c2610483ad8dfa9a594de9b4ef93c9f8b609049e39f53ce0bb54beb7c5c8b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138529
x-xss-protection
0
server
cafe
etag
12594099735446454159
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 0072 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
19227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:02:58 GMT
etag
251720774729838433
expires
Sun, 19 Nov 2023 17:02:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ Frame B432 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ee8f461f86f1dbbfa105111d19fc9ceba508d8f2da478e458e1178727037ae4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138212
x-xss-protection
0
server
cafe
etag
6110233283322758489
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ Frame B29D 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9c4deb0ddf7a22ecdd92db3a78ad5ff8807f20cf05c8e38ba78de2c1d16c154f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138448
x-xss-protection
0
server
cafe
etag
10929873207141054446
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8DB5 		478 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj_5IjGATAB&v=APEucNX57oFkC6-9ZhGwvkigKRAdqXyM3Rjx9fZnFqc-AF2lUrdLumC7GcB01psXBonDi_-Qfg1p16fHI1TES3SsdQlEfV_BPA
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0A83 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A83 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DkgOH2zGX5VdVuRDLGDQXjsix0wgfjlmvtN1QkzopuLoEyONvSrlxwXM-HiKNuD2R7srOYpwHwHAVMTPC6GZ4nCtvW2oDlOYQcGeg_7b44dAjQQ1Q
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A83 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6496466057992344520&x=1&ct=77
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0A83 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
35214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0A83 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
11004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
l
www.google.com/ads/measurement/ Frame 0A83 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvBav_JqBX3ApgId7__0QK1snjTNWuuQ9pOwLUHEOAD9NSVDOPApFnNlG12dYqvBHWJzKn49tQ5JDEPhl7recRAAJ_Fg
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0A83 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:24 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 090A 		603 B
109 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699223004051&bpp=230&bdt=543&idt=375&shv=r20231101&mjsv=m202311010101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3299638836&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079346%2C44795921%2C44807048%2C44807337%2C44807454%2C31078301%2C31079423%2C44807749&oid=2&pvsid=1039536337409970&tmod=2111886243&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.s8bsasmbzibm&fsb=1&dtd=387
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A83 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4893681659072&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A83 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4893681659072&version=m202309260101&ct=77&x=1&cor=6496466057992345000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0A83 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bo7dCMdCGKWO4AsL2ySWbyQkQ-YCX8fUA6dWyi2FrUv6vv6KU5Gwe_pUpiKUFWzqorb3IcR0KkGesjP3gbljx3v1Y51cptNUu2bSX0wIX-2ASgfx7fHyXQmY9KVXBsoFLv821M5dQuE-XMrTnxQbs67mXlycQYTPfFNFjS1ZFtFIyOUxk&cry=1&dbm_d=AKAmf-Dr-zYvntaqFbnJzagmSaYDSfbAuV88mzHOiH2sh91f7mhrClDg7Uo0D7SGL3-T8Og3wbjNmllaRcsdmgyJhVZvrpCTPonaeUZEouGijdisMe6yqwo5LnOOt1fmB0JpUQQjJ2b-m8KDiI0UvMkx4EzzxkQnBtoOScipmxup-WPCtenVbdVy985IO6snTNE_61TmvVYrVHMPJPAuum9TYfiZx7dRuMQtYlYnsbFkUherSb6CDmfBdPbgqXc8cBolR91wYaA9mRw90LIEmT80KBPSwsZVNSC6D2J5DjwIMM5_c9bmveBtbhLb5sMoRQm7U3LmFL3si8JFOtV5XtQsjjKgOCT3CoOYIiHU7Rv2l0LZWlwiJUKAQ2P1tiGPE0AqebGaT93MbqTWlYUVIdbE8HQjoe_CrqgOTDtFWvLve6Qj3cH67Iaya4L-hbtf3ISGeXahKXepmW5VRh-x9hi6Pe6L2qt0x3grzlOnvrZnqqml7sWjbtfOjYNJS8-1hj_Ej9F3jWWFnZXCRdmbTgId5FNiOUqWb72CCNoy5QQyTM2x--idMOUEUtlktaF0HCYpE92Lit6_iFtvFGg2Q7LcKIJnkb4vPrV8AgCDPwWhlDhquiC2Lh0t5Zk8hMG7IvVLQwWP8fQeQX7iO_lxxEsT63gWMsO2nheqS5v2WavnNzdUAAQaP3-CoAjlSV791FDOToit7swDAQP4WgV22p_nZT8FK8exPrhkHSwk9D-8PrMnGRFFG0Yr3hNQEkQpSv5Vhcn2_Q0d7X3tJRxo3SHtM3kiXtNpYhtTkLZR3w5t5eeh7I6DJvaOZVXIbr_3Dp0mErRx3xfW-lFbwQSypPp25vZfTS0qxdU5OQNRDe5LBxhbtlu8pgdM__OklbSag0t0rp7IbhlLDI_OeuQ3oIHZU2aP8pPZGf9AsfzxsypaDV0j_VCsxBKGxyZENuqaoxmCtlDcgPWIldjH4rv15i0TsrgefwuKVcoMKP3MZygDbUomD00U3gwtm_WFKXTSrmFARCVCoFhjR38n83DnOAIOCp-bNoGtbbYpdR3McKpnDVZAMyu1YqQkKkZ4sveL3ghmPRLAPYTk8XIqOqQn8I_necYnQsS6O8sHFCUtzPsDi-lvmn_vAtWz9kYI0iriXeRO84W2G73zE0yV6JLr9KDpQcRKpF4dXTybHjPn9kUl_u0WfMAxOKLhccGlkTq6ZmNcAM-qhTb2CghxxcIn-b3guXwwz6PEPBeccNziTZay3VK7dSzNs6ybeh1jDrfy7W90uB7CfKWrS5MsoBAvSMk7fexc6RDGUn9vkPtBU7HloVuQnUiMuVSgP6Va0N13EvtCX1tro9GqGtyYj1LqFHv5TxZcpuqgauEtMJM9ZE8FvSCN4kl79nGj4dYmbdRfMyI6Sl_cOROAJqx2cD9frcDyvk_hvJ7If4wuKYHtKr4t1QZMwdelyJSxUmSQbVuYCDJmaEoTGqOMqADlgnRqgF6R19SbwQdAwJBA7pYE55N3Kwudq3Al8l6AK4ypKSGiYZa2LEQHs07cDhAWjQ8LgmLkJgQ8aYsoC4t0EnBUSIu415GG24xbKpDyLvGkiInaac1FtBvyD5BFuVRfkQ9I0KnAe_R2xXSRnv4S6NkU3JYA7uuf3CXj9o6DV5kKV6hfoTYY0RczKXhwF544-Ccj-uruQ4m_wRy4YBY6WmTieMsX7TcsZPdPcru3lcPectla0qLFMp-rxW45_QDR_IQtQLaHrYoMWq1W1ENvIPgtlOfD_XGie-BY21lbc-FNAg42HSUKxTZEHk1EX2d_RYwNmPG98MripYqDYunjaH6KYd6jhf6LpOM7RlCiJCAj7tQ3wkKVuIONZoH7x_2D1v749BN6TyiJRxuQBAXV8Ho1_LqrzqNIaROE0vOiBkCN-iGsqtOOGvOVg4VUPWrNkhFolhHizGyf4D3PfmVbiS4AU0YCEua1MDF5cVyRvQGK0TrwDep-UNupqiCm1VUJab0OoPc65pst6MzZ2AtvHlEbX-lkFim6nXeUGHZl-LNA_gGXp77IioUgw2GLf0uLXGnP8N8AEZeTso0ad6850s-Wen96ReEYq_FIOjY86-QHfXPZfIv2im9cBACPVl0E0SgU2uWaXeheZoMl9S5Jlb3-OFKEeA4THASmuTdUpHhWOgWu0lEKKUt7FD1J5Qk4R4sECX9oldsTfotme6zsnm9MgcYPmlGkyEbwUmkMSDhn4gouWr93Zn2sMhzcNluxW9cnUyULy1CJh2WI7M1ibRzP21R7McYPLzcRzciOlcDk3BZD8x6G_fQlJhqn8js8UqL_KrjhDl8C5PMlWFoulATKN_095bwbYzT-a3FDia2qBIoW8JjSM3xUmsps0T7FIa3WW0eOHefxuFqv6wW6CxsAPC0y39V2kctCHuDI79mJet-7xNM3Ax583RGHsTVmBpaVFWTj9l9nCrH072SGSg1e00nmZdsBKEJpLYnWYPMqt4hYpzdG8o6G4nwdU_hRRQQ157MG-1z4taY0mYlsQX3pEN-ThEI5lqbDdpY_k6PnU7eEhXmNo5ClC0lVTM-HXpKWrnxQLwQbRV4aHreSKwFvQEJ-7-duYeh9FmjAFYt-L6Mi1SkjuQPHzLIL2L2jOF2UY7zSiDBvsLrqaUTOW0gkfigITf6AL_OK--fNAPQB_2VJxk5R0QTUQ3X3y6St6iPZBHE9-A8Jvilz5-jIispLmawI7jLrAhC07Pbmv622cH1dSHz0Nq4WXdyLbagRZiMdb9nyAm8xN0I5Gb8CdEVdQKb29zYbC-xd2LU84ImuCZJ_GUWxVRUDDjP0rxdeWIRdRl_B4awNYZQ_7f4JC_rlgaSxrOQhSd4nKBj1uEn2gN4t5rLCjBLXuG6BWnnT2oATGCbpyPX9FefQ9kiJSXPC0NJG8fkzIAbI3NKcQthWOwWpYVGfrYjLgnKCULodtzm6ynB6M2zUz7ntiwmLFeYTUXf_y-Q7PLE6heGDjCqT3H5QEeN0iciQxJlz5QVsRZQzSjbPLbCTMXS6bkPUKqAAm8S2m0R2XHFjRZIEGyjvTFEbN73lQ1ZZ_iESw1FZO5WjCi7OHF9xN73nKc0Ej-1jRs61qB_ddWGtF_t9wxYW1OWrLm34b2URxiDwHr8jUIml19dLR4S0JBiUXAxZwAKUOq9pEmUr4gkYzX4VH4YQ4gpF-uFQYkHY7NMyuAmEiLqcRkxokfiZRePZj7shKDKFwMLzk-zMzf7Wi59nj2bE1lFi2Y48cAUxbmLORR_9iL_uA-0c9aS8Y0bGoHEBTO1NEcVbQQfyZBZ0J2Tl5rF-C5zz8MRYXd5boGiQBFoc9C3Zxyy_BKuZ4-qpP6FM288OUyVGuoJYgpufX2eu3di2OA5yf0ygFZvVGjC5sQbahkt2vJwRk74ewtiH4HNtscJ1MeH4uX9bfI6VjECj2-nBBsey2bic4c7cWTeX9_rB-cbhC7ZQhBpr-sh4gNW7ChAn-UwgZoE2Vl7yIwDmx381D-c0ahXQdJ-pTTLc77CckXXp5cqOrb_5MAMgilIFCDx5yGk6RgyV0RhiPMYVYEFR9Ns2YC2kimbeX-H4YLTMEwyWbD2p7yiQqc60ZtjPqaeTkPFime1BMPsAX83JEv8JzcNYwTDwV1nYPe0mfNWQsgfeVztPefx_08BhilD1A5AZLVZk8SVpfU8iQ2zhOAmf56_SDlktZSlPI5oSQuQwqTPNVyE6eSzkz9x85F55bZe4FJyPDpzIUgtUxcg&cid=CAQSKQDICaaNgKrzCtf3JhNepCavs3YHqoqhUR3-5hy-WYlfLRnXnKgETD63GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=6496466057992345000&adk=627576174&idt=87&cac=0&dtd=21
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
b253d09da81db0d9b9a8d170758dbc8dda22459bff3cd2c9e14e93661b7d1967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12551
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
ad.ad-srv.net/ Frame E07E
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%...
  • https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Requested by
Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=aa2fa19adb&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=www.xgcartoon.com&eVRDB=xgcartoon.com&eVAI=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
24ecabd425cc447b91cca6abe2c7548c76f6d4fd48c74b8eb70a12ecde9ea458

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1591
Content-Type
text/html; charset=utf-8
Date
Sun, 05 Nov 2023 22:23:25 GMT
Expires
Sun, 05 Nov 2023 22:23:25 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
65024700161225004452298012499004

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 05 Nov 2023 22:23:25 GMT
Expires
Sun, 05 Nov 2023 22:23:25 +0100
Location
request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
ads
googleads.g.doubleclick.net/pagead/ Frame 4878 		603 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699223004055&bpp=304&bdt=447&idt=1629&shv=r20231101&mjsv=m202311020101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=291770968&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078238%2C31079345%2C44807048%2C44807336%2C44807455%2C44807464%2C31078297%2C31079424%2C31079356&oid=2&pvsid=2133168225622034&tmod=1914168057&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.r6di40knebms&fsb=1&dtd=1641
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 82C8 		0
46 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&adk=1812271804&adf=3279755401&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699223004360&bpp=1&bdt=753&idt=1343&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&is_amp=1&prev_slotnames=3654094576&nras=1&correlator=3653&frm=24&ife=2&pv=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=291770968&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078238%2C31079345%2C44807048%2C44807336%2C44807455%2C44807464%2C31078297%2C31079424&oid=2&pvsid=2133168225622034&tmod=1914168057&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.55qp6hgm75kf&fsb=1&dtd=1347
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FFCF 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
50bc1a3beec73a1828b3b21774373b5e1642b5209c3679e7bee068c7cbbbb815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15849
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F9DF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 22:23:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A551 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
183240
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:29:25 GMT
expires
Sat, 02 Nov 2024 19:29:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3263 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
42a3d7a8440415c60e4266eb3ebab0ccae567cc08ef178fef12cf5f2162442b5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2Bc-lv81mbqP0ll_7ggbWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2Bc-lv81mbqP0ll_7ggbWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:25 GMT
expires
Sun, 05 Nov 2023 22:23:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 8DB5 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj_5IjGATAB&v=APEucNX57oFkC6-9ZhGwvkigKRAdqXyM3Rjx9fZnFqc-AF2lUrdLumC7GcB01psXBonDi_-Qfg1p16fHI1TES3SsdQlEfV_BPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8DB5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcRbyhjRLUdoZCtSC1T57M&google_cver=1
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcRbyhjRLUdoZCtSC1T57M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj_5IjGATAB&v=APEucNX57oFkC6-9ZhGwvkigKRAdqXyM3Rjx9fZnFqc-AF2lUrdLumC7GcB01psXBonDi_-Qfg1p16fHI1TES3SsdQlEfV_BPA
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AI7X9vC1r5cC2BsmHYOj6zZ8J64%2F2cx4Z%2FjX4D8PVLfotWlvmpElspsSBoG3jUmR8HiHbsBaLOdbinMILSyzVkYCDRGolDLu6WzZx1ZM5znUl1dgsGYbXdzrgpw8ryul6liCWT7uQwuOxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8218804cac0701fc-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcRbyhjRLUdoZCtSC1T57M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8DB5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUgV3vUZzSUt7iETHCpwGAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcRbyhjRLUdoZCtSC1T57M&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcRbyhjRLUdoZCtSC1T57M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj_5IjGATAB&v=APEucNX57oFkC6-9ZhGwvkigKRAdqXyM3Rjx9fZnFqc-AF2lUrdLumC7GcB01psXBonDi_-Qfg1p16fHI1TES3SsdQlEfV_BPA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HR7vIxIjklF8Q93sVdrCD2Bb3v87VfE8tHAsdFYuAKKmonuWVA4YOU4ys2GmVfG63o%2FBZDzaagGzhA%2BhGyPczRoaztfNlQv3z2BKV1aNZx0r3an4%2BR15TiWUo9Z8dFdElQICzYOSGm9ciA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8218804d8e4101db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcRbyhjRLUdoZCtSC1T57M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0A83 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bo7dCMdCGKWO4AsL2ySWbyQkQ-YCX8fUA6dWyi2FrUv6vv6KU5Gwe_pUpiKUFWzqorb3IcR0KkGesjP3gbljx3v1Y51cptNUu2bSX0wIX-2ASgfx7fHyXQmY9KVXBsoFLv821M5dQuE-XMrTnxQbs67mXlycQYTPfFNFjS1ZFtFIyOUxk&cry=1&dbm_d=AKAmf-Dr-zYvntaqFbnJzagmSaYDSfbAuV88mzHOiH2sh91f7mhrClDg7Uo0D7SGL3-T8Og3wbjNmllaRcsdmgyJhVZvrpCTPonaeUZEouGijdisMe6yqwo5LnOOt1fmB0JpUQQjJ2b-m8KDiI0UvMkx4EzzxkQnBtoOScipmxup-WPCtenVbdVy985IO6snTNE_61TmvVYrVHMPJPAuum9TYfiZx7dRuMQtYlYnsbFkUherSb6CDmfBdPbgqXc8cBolR91wYaA9mRw90LIEmT80KBPSwsZVNSC6D2J5DjwIMM5_c9bmveBtbhLb5sMoRQm7U3LmFL3si8JFOtV5XtQsjjKgOCT3CoOYIiHU7Rv2l0LZWlwiJUKAQ2P1tiGPE0AqebGaT93MbqTWlYUVIdbE8HQjoe_CrqgOTDtFWvLve6Qj3cH67Iaya4L-hbtf3ISGeXahKXepmW5VRh-x9hi6Pe6L2qt0x3grzlOnvrZnqqml7sWjbtfOjYNJS8-1hj_Ej9F3jWWFnZXCRdmbTgId5FNiOUqWb72CCNoy5QQyTM2x--idMOUEUtlktaF0HCYpE92Lit6_iFtvFGg2Q7LcKIJnkb4vPrV8AgCDPwWhlDhquiC2Lh0t5Zk8hMG7IvVLQwWP8fQeQX7iO_lxxEsT63gWMsO2nheqS5v2WavnNzdUAAQaP3-CoAjlSV791FDOToit7swDAQP4WgV22p_nZT8FK8exPrhkHSwk9D-8PrMnGRFFG0Yr3hNQEkQpSv5Vhcn2_Q0d7X3tJRxo3SHtM3kiXtNpYhtTkLZR3w5t5eeh7I6DJvaOZVXIbr_3Dp0mErRx3xfW-lFbwQSypPp25vZfTS0qxdU5OQNRDe5LBxhbtlu8pgdM__OklbSag0t0rp7IbhlLDI_OeuQ3oIHZU2aP8pPZGf9AsfzxsypaDV0j_VCsxBKGxyZENuqaoxmCtlDcgPWIldjH4rv15i0TsrgefwuKVcoMKP3MZygDbUomD00U3gwtm_WFKXTSrmFARCVCoFhjR38n83DnOAIOCp-bNoGtbbYpdR3McKpnDVZAMyu1YqQkKkZ4sveL3ghmPRLAPYTk8XIqOqQn8I_necYnQsS6O8sHFCUtzPsDi-lvmn_vAtWz9kYI0iriXeRO84W2G73zE0yV6JLr9KDpQcRKpF4dXTybHjPn9kUl_u0WfMAxOKLhccGlkTq6ZmNcAM-qhTb2CghxxcIn-b3guXwwz6PEPBeccNziTZay3VK7dSzNs6ybeh1jDrfy7W90uB7CfKWrS5MsoBAvSMk7fexc6RDGUn9vkPtBU7HloVuQnUiMuVSgP6Va0N13EvtCX1tro9GqGtyYj1LqFHv5TxZcpuqgauEtMJM9ZE8FvSCN4kl79nGj4dYmbdRfMyI6Sl_cOROAJqx2cD9frcDyvk_hvJ7If4wuKYHtKr4t1QZMwdelyJSxUmSQbVuYCDJmaEoTGqOMqADlgnRqgF6R19SbwQdAwJBA7pYE55N3Kwudq3Al8l6AK4ypKSGiYZa2LEQHs07cDhAWjQ8LgmLkJgQ8aYsoC4t0EnBUSIu415GG24xbKpDyLvGkiInaac1FtBvyD5BFuVRfkQ9I0KnAe_R2xXSRnv4S6NkU3JYA7uuf3CXj9o6DV5kKV6hfoTYY0RczKXhwF544-Ccj-uruQ4m_wRy4YBY6WmTieMsX7TcsZPdPcru3lcPectla0qLFMp-rxW45_QDR_IQtQLaHrYoMWq1W1ENvIPgtlOfD_XGie-BY21lbc-FNAg42HSUKxTZEHk1EX2d_RYwNmPG98MripYqDYunjaH6KYd6jhf6LpOM7RlCiJCAj7tQ3wkKVuIONZoH7x_2D1v749BN6TyiJRxuQBAXV8Ho1_LqrzqNIaROE0vOiBkCN-iGsqtOOGvOVg4VUPWrNkhFolhHizGyf4D3PfmVbiS4AU0YCEua1MDF5cVyRvQGK0TrwDep-UNupqiCm1VUJab0OoPc65pst6MzZ2AtvHlEbX-lkFim6nXeUGHZl-LNA_gGXp77IioUgw2GLf0uLXGnP8N8AEZeTso0ad6850s-Wen96ReEYq_FIOjY86-QHfXPZfIv2im9cBACPVl0E0SgU2uWaXeheZoMl9S5Jlb3-OFKEeA4THASmuTdUpHhWOgWu0lEKKUt7FD1J5Qk4R4sECX9oldsTfotme6zsnm9MgcYPmlGkyEbwUmkMSDhn4gouWr93Zn2sMhzcNluxW9cnUyULy1CJh2WI7M1ibRzP21R7McYPLzcRzciOlcDk3BZD8x6G_fQlJhqn8js8UqL_KrjhDl8C5PMlWFoulATKN_095bwbYzT-a3FDia2qBIoW8JjSM3xUmsps0T7FIa3WW0eOHefxuFqv6wW6CxsAPC0y39V2kctCHuDI79mJet-7xNM3Ax583RGHsTVmBpaVFWTj9l9nCrH072SGSg1e00nmZdsBKEJpLYnWYPMqt4hYpzdG8o6G4nwdU_hRRQQ157MG-1z4taY0mYlsQX3pEN-ThEI5lqbDdpY_k6PnU7eEhXmNo5ClC0lVTM-HXpKWrnxQLwQbRV4aHreSKwFvQEJ-7-duYeh9FmjAFYt-L6Mi1SkjuQPHzLIL2L2jOF2UY7zSiDBvsLrqaUTOW0gkfigITf6AL_OK--fNAPQB_2VJxk5R0QTUQ3X3y6St6iPZBHE9-A8Jvilz5-jIispLmawI7jLrAhC07Pbmv622cH1dSHz0Nq4WXdyLbagRZiMdb9nyAm8xN0I5Gb8CdEVdQKb29zYbC-xd2LU84ImuCZJ_GUWxVRUDDjP0rxdeWIRdRl_B4awNYZQ_7f4JC_rlgaSxrOQhSd4nKBj1uEn2gN4t5rLCjBLXuG6BWnnT2oATGCbpyPX9FefQ9kiJSXPC0NJG8fkzIAbI3NKcQthWOwWpYVGfrYjLgnKCULodtzm6ynB6M2zUz7ntiwmLFeYTUXf_y-Q7PLE6heGDjCqT3H5QEeN0iciQxJlz5QVsRZQzSjbPLbCTMXS6bkPUKqAAm8S2m0R2XHFjRZIEGyjvTFEbN73lQ1ZZ_iESw1FZO5WjCi7OHF9xN73nKc0Ej-1jRs61qB_ddWGtF_t9wxYW1OWrLm34b2URxiDwHr8jUIml19dLR4S0JBiUXAxZwAKUOq9pEmUr4gkYzX4VH4YQ4gpF-uFQYkHY7NMyuAmEiLqcRkxokfiZRePZj7shKDKFwMLzk-zMzf7Wi59nj2bE1lFi2Y48cAUxbmLORR_9iL_uA-0c9aS8Y0bGoHEBTO1NEcVbQQfyZBZ0J2Tl5rF-C5zz8MRYXd5boGiQBFoc9C3Zxyy_BKuZ4-qpP6FM288OUyVGuoJYgpufX2eu3di2OA5yf0ygFZvVGjC5sQbahkt2vJwRk74ewtiH4HNtscJ1MeH4uX9bfI6VjECj2-nBBsey2bic4c7cWTeX9_rB-cbhC7ZQhBpr-sh4gNW7ChAn-UwgZoE2Vl7yIwDmx381D-c0ahXQdJ-pTTLc77CckXXp5cqOrb_5MAMgilIFCDx5yGk6RgyV0RhiPMYVYEFR9Ns2YC2kimbeX-H4YLTMEwyWbD2p7yiQqc60ZtjPqaeTkPFime1BMPsAX83JEv8JzcNYwTDwV1nYPe0mfNWQsgfeVztPefx_08BhilD1A5AZLVZk8SVpfU8iQ2zhOAmf56_SDlktZSlPI5oSQuQwqTPNVyE6eSzkz9x85F55bZe4FJyPDpzIUgtUxcg&cid=CAQSKQDICaaNgKrzCtf3JhNepCavs3YHqoqhUR3-5hy-WYlfLRnXnKgETD63GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=6496466057992345000&adk=627576174&idt=87&cac=0&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
331259
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
r4yapv8fhxky
hal9000.redintelligence.net/zone/ Frame 0A83 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/r4yapv8fhxky?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHstS2xVIZbbGO5H9x_AP1K6I8AqRwdCbacv2g5LcD_AuEAEg08vOMGD1_bqBmATIAQmpAircdGgTAbI-qAMByAObBKoE5gFP0NS_R6Y5AsNi7ssPFj9KGwE7xwj1b7VWUuVECL8Aq4AZgISoYJABAFSIs8lVAsb5Av8mLBP4shYn16Da3T4gxXwoO9ZLg2m8JX1XVmATBTUdsj3xDRpCivG8_VS39cyLppr23t38QLAwnstV7gMHnHd7JZmlf17pR_uGdPgNS-IMEl5w8S-7rEdB6Rw-UNs1AQBUm64vx42u_taHTVSBBtIjy9Y8T29pA80mGCWUXKZCs4T0Zc-PJ93VijQz59mDSKwNDnlrEvYP6qS5hFX2A8-4H8FAtXc6GQcs4WHNAw-QbtteuMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSOINEwihmK788q2CAxWR_hEIHVQXAq6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSKQDICaaNgKrzCtf3JhNepCavs3YHqoqhUR3-5hy-WYlfLRnXnKgETD63GAE%26sig%3DAOD64_1Kmm4UCV2cTDYMzpwo1cdiNiufhA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-AQ0Wl0ETUTOYMZqts8DgxNJ0mD9aPWBO3kGSlS_bcsYG1QxQbT9cM53VzxzxXWbYkwhBQEpo8oRzGnTY0bbb46BUulKdvbsTikFZfxdN4WYL886m1J73j5WVX2yzrpQ1PF7kGan2ral1QfSTCuVtxD-XmF-UKwEohm-Ak4QKceo-Y0_-w%26cry%3D1%26dbm_d%3DAKAmf-DnEVo6zzextnO-7zy6xTWLc0SD5FX9nqVMtlAEGJSTXy-4bQtFN98qUZ5KM30cldMlboMbh_exLXAMhHXhkjD8V5p-45685xG_YyMVD_LpIEfEVcHFNuaiHuUtYk_fQouZZ2bYc-QC02oBra9eBQCcAwPWbgnhhTM7jLKquxHnvHeoSMWq6gs3fYDETkCZ9M8d2l8zZ-HThnipfA5RsvwCKu5DTjcEfBrjlsfHwNeQbZaFEUyFIBQBYvKuPw81W8QePfQHAxE0oNCHBj4k4fbBOpuYnyLLbGhBL2OQNoe169tTZVqk5UGH3YHUXCfRw6teVAG1_t5qGhqE-0eP-t5RDkTlT4tvX7yZXAHyB6s10ZTp5uLdMZuRdRcnkYBOIdoCPhU1lkggu9_aI7tr-ANaLAKTJ2R506FmkNvdxRMutK2Q9Q9Sn0fiP-bBXYdBxzPAbBiLxaPTGpUtotQjsLaO4Py5V1SFA1UtATKwTyfQ9VgYf-_bgrFk6QIhAyT159IecD-nLwIVMMde9DisCHrW5FPhdWz96AID8KYm7sVF2RJeAl4ZZxi1iHeDwnQ_l3txB4mnPuLXSSKKAYYkSrgzr5qySA%26adurl%3D
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
fef81a7e94094d9347717157bc35b7ce499af0d2869daa2f01dac7c9c3a606da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 22:23:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4150
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
nc-general-1-de-728x90-px.jpg
smartphoto-media.com/banner/campaign/ Frame E07E
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2367340&v=15168&q=361106&r=783431&pv=0&pref2=15168&pref1=65024700161225004452298012499004&gdpr=&gdpr_consent=
  • https://smartphoto-media.com/banner/campaign/nc-general-1-de-728x90-px.jpg
21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartphoto-media.com/banner/campaign/nc-general-1-de-728x90-px.jpg
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
H2
Server
149.126.4.39 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
s030.cyon.net
Software
/
Resource Hash
96adb0ae229f20b819192b787901eb778488a32082beaa842897a31920238de1
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:27 GMT
strict-transport-security
max-age=3600
last-modified
Fri, 03 Jun 2022 09:04:52 GMT
etag
"5555-6299ceb4-d21c87ac6a034148;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
21845
expires
Sun, 12 Nov 2023 22:23:27 GMT

Redirect headers

Date
Sun, 05 Nov 2023 22:23:26 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://smartphoto-media.com/banner/campaign/nc-general-1-de-728x90-px.jpg
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
viewability
ad4.ad-srv.net/ Frame E07E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.ad-srv.net/viewability?s=65024700161225004452298012499004&a=3fd816d5&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 22:23:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
cshow.php
www.awin1.com/ Frame 826C 		43 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2367340&v=15168&q=361106&r=783431&pv=1&pref2=15168&pref1=65024700161225004452298012499004&gdpr=&gdpr_consent=
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-218-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ad.ad-srv.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 05 Nov 2023 22:23:26 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
truncated
/ Frame E07E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/cynamics/tools/js/ Frame E07E 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.xgcartoon.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=7768140673131468826&rnd=4996&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCjdXo2hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSbAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOASGhi-sbX99dEbRUIgSyffHdxHsAdCxTHvKLW-Q7aZq_eGfSvqpjiAbgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3GoYW-zhsRfaQ1aOT--PfRHkFkwA%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV2gAOjWoK4A4FAAfvVVdoZ9QEls2iexW0kQ%3Bcrtbdata%3DQ55X9_mV70lSFh2odicZSh08dR022EsgTnWg8JNnMspWD9Fs7nn9w9iLpEnGj0OBB0Zv1VhWI66jQjkEcAarnv1dh9ljS_Ag_TfZaA4hoaYXYs-VUTVuuBNpRtYqVUuU2IvdoMKjpRhFW8v_Yc1g1si6pFHSRG9zzJala5NC8Gikq7X7oIfE1VIvvtr09TE0cEA5m2DYuled9Cla4x4hGd6-i_obfT1Fz9dGHJFSJ_LoLv9iyGtxpnfSVFfRQbpB0%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUD6JR5BZjXEDPyfmpf5G8tps9e9_yk_Oi3oQk3iGKKOdTyE2X7DdMrk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N1TDb71cr4Rb1hYChxOFzdM2r1vsBlsjoimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 22:23:26 GMT
Last-Modified
Tue, 03 May 2016 20:55:13 GMT
Server
nginx
ETag
"57291031-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
sodar
pagead2.googlesyndication.com/pagead/ Frame 3263 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310310101&jk=1909025794573421&rc=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame A551 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 20:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
8477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 20:02:09 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6B36 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
223746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 08:14:20 GMT
expires
Sat, 02 Nov 2024 08:14:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 6B36 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 20:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
8477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 20:02:09 GMT
request.php
hal90007.redintelligence.net/ Frame 0A83
Redirect Chain
  • https://hal90007.redintelligence.net/request.php?zone=r4yapv8fhxky&nw=20&renderingType=javascript&namespace=94904d63fd&subid=&uid=83a10f5e89b13b29&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90007.redintelligence.net/request.php?zone=r4yapv8fhxky&nw=20&renderingType=javascript&namespace=94904d63fd&subid=&uid=83a10f5e89b13b29&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request.php?zone=r4yapv8fhxky&nw=20&renderingType=javascript&namespace=94904d63fd&subid=&uid=83a10f5e89b13b29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHstS2xVIZbbGO5H9x_AP1K6I8AqRwdCbacv2g5LcD_AuEAEg08vOMGD1_bqBmATIAQmpAircdGgTAbI-qAMByAObBKoE5gFP0NS_R6Y5AsNi7ssPFj9KGwE7xwj1b7VWUuVECL8Aq4AZgISoYJABAFSIs8lVAsb5Av8mLBP4shYn16Da3T4gxXwoO9ZLg2m8JX1XVmATBTUdsj3xDRpCivG8_VS39cyLppr23t38QLAwnstV7gMHnHd7JZmlf17pR_uGdPgNS-IMEl5w8S-7rEdB6Rw-UNs1AQBUm64vx42u_taHTVSBBtIjy9Y8T29pA80mGCWUXKZCs4T0Zc-PJ93VijQz59mDSKwNDnlrEvYP6qS5hFX2A8-4H8FAtXc6GQcs4WHNAw-QbtteuMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSOINEwihmK788q2CAxWR_hEIHVQXAq6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSKQDICaaNgKrzCtf3JhNepCavs3YHqoqhUR3-5hy-WYlfLRnXnKgETD63GAE%26sig%3DAOD64_1Kmm4UCV2cTDYMzpwo1cdiNiufhA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-AQ0Wl0ETUTOYMZqts8DgxNJ0mD9aPWBO3kGSlS_bcsYG1QxQbT9cM53VzxzxXWbYkwhBQEpo8oRzGnTY0bbb46BUulKdvbsTikFZfxdN4WYL886m1J73j5WVX2yzrpQ1PF7kGan2ral1QfSTCuVtxD-XmF-UKwEohm-Ak4QKceo-Y0_-w%26cry%3D1%26dbm_d%3DAKAmf-DnEVo6zzextnO-7zy6xTWLc0SD5FX9nqVMtlAEGJSTXy-4bQtFN98qUZ5KM30cldMlboMbh_exLXAMhHXhkjD8V5p-45685xG_YyMVD_LpIEfEVcHFNuaiHuUtYk_fQouZZ2bYc-QC02oBra9eBQCcAwPWbgnhhTM7jLKquxHnvHeoSMWq6gs3fYDETkCZ9M8d2l8zZ-HThnipfA5RsvwCKu5DTjcEfBrjlsfHwNeQbZaFEUyFIBQBYvKuPw81W8QePfQHAxE0oNCHBj4k4fbBOpuYnyLLbGhBL2OQNoe169tTZVqk5UGH3YHUXCfRw6teVAG1_t5qGhqE-0eP-t5RDkTlT4tvX7yZXAHyB6s10ZTp5uLdMZuRdRcnkYBOIdoCPhU1lkggu9_aI7tr-ANaLAKTJ2R506FmkNvdxRMutK2Q9Q9Sn0fiP-bBXYdBxzPAbBiLxaPTGpUtotQjsLaO4Py5V1SFA1UtATKwTyfQ9VgYf-_bgrFk6QIhAyT159IecD-nLwIVMMde9DisCHrW5FPhdWz96AID8KYm7sVF2RJeAl4ZZxi1iHeDwnQ_l3txB4mnPuLXSSKKAYYkSrgzr5qySA%26adurl%3D&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3329995787286&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8494573502f6cf8a376a7a1f0f3f19832f4d57dcb18347d69f9fd6046a042349

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 22:23:27 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
97587700171643604438442012499007
Connection
close
Content-Length
863
Expires
Sun, 05 Nov 2023 22:23:27 +0100

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 22:23:26 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=r4yapv8fhxky&nw=20&renderingType=javascript&namespace=94904d63fd&subid=&uid=83a10f5e89b13b29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHstS2xVIZbbGO5H9x_AP1K6I8AqRwdCbacv2g5LcD_AuEAEg08vOMGD1_bqBmATIAQmpAircdGgTAbI-qAMByAObBKoE5gFP0NS_R6Y5AsNi7ssPFj9KGwE7xwj1b7VWUuVECL8Aq4AZgISoYJABAFSIs8lVAsb5Av8mLBP4shYn16Da3T4gxXwoO9ZLg2m8JX1XVmATBTUdsj3xDRpCivG8_VS39cyLppr23t38QLAwnstV7gMHnHd7JZmlf17pR_uGdPgNS-IMEl5w8S-7rEdB6Rw-UNs1AQBUm64vx42u_taHTVSBBtIjy9Y8T29pA80mGCWUXKZCs4T0Zc-PJ93VijQz59mDSKwNDnlrEvYP6qS5hFX2A8-4H8FAtXc6GQcs4WHNAw-QbtteuMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSOINEwihmK788q2CAxWR_hEIHVQXAq6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSKQDICaaNgKrzCtf3JhNepCavs3YHqoqhUR3-5hy-WYlfLRnXnKgETD63GAE%26sig%3DAOD64_1Kmm4UCV2cTDYMzpwo1cdiNiufhA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-AQ0Wl0ETUTOYMZqts8DgxNJ0mD9aPWBO3kGSlS_bcsYG1QxQbT9cM53VzxzxXWbYkwhBQEpo8oRzGnTY0bbb46BUulKdvbsTikFZfxdN4WYL886m1J73j5WVX2yzrpQ1PF7kGan2ral1QfSTCuVtxD-XmF-UKwEohm-Ak4QKceo-Y0_-w%26cry%3D1%26dbm_d%3DAKAmf-DnEVo6zzextnO-7zy6xTWLc0SD5FX9nqVMtlAEGJSTXy-4bQtFN98qUZ5KM30cldMlboMbh_exLXAMhHXhkjD8V5p-45685xG_YyMVD_LpIEfEVcHFNuaiHuUtYk_fQouZZ2bYc-QC02oBra9eBQCcAwPWbgnhhTM7jLKquxHnvHeoSMWq6gs3fYDETkCZ9M8d2l8zZ-HThnipfA5RsvwCKu5DTjcEfBrjlsfHwNeQbZaFEUyFIBQBYvKuPw81W8QePfQHAxE0oNCHBj4k4fbBOpuYnyLLbGhBL2OQNoe169tTZVqk5UGH3YHUXCfRw6teVAG1_t5qGhqE-0eP-t5RDkTlT4tvX7yZXAHyB6s10ZTp5uLdMZuRdRcnkYBOIdoCPhU1lkggu9_aI7tr-ANaLAKTJ2R506FmkNvdxRMutK2Q9Q9Sn0fiP-bBXYdBxzPAbBiLxaPTGpUtotQjsLaO4Py5V1SFA1UtATKwTyfQ9VgYf-_bgrFk6QIhAyT159IecD-nLwIVMMde9DisCHrW5FPhdWz96AID8KYm7sVF2RJeAl4ZZxi1iHeDwnQ_l3txB4mnPuLXSSKKAYYkSrgzr5qySA%26adurl%3D&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3329995787286&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sun, 05 Nov 2023 22:23:26 +0100
generate_204
tpc.googlesyndication.com/ Frame A551 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?g-uoRw
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame B29D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNOr2jMlOrET0YHD7GJZi-Q1cyPIrCNaouLgqumXWixF1wpGcFpDz-1fav8eXL0VSZ29wIdyaHeu-CcerrTovidMlRV3CgPZmBgCRxJrwRyc2K3RBRCYG0zSMzVua1pzbVm9044Lcy1WgNUqq3KgyuA5_1fudly2vDtYzB5Ut7gsgqZ8qk1wJO76ULOPFoFVa0GqGdrm-DucIsmw89c3Z-ZUsk2VR0-7DkW0bKCihzYqFhTxbBLIcgmfx0JZtcBy8jFO8WL3XjqotlYrejQUYGJ_2-8KFSfOaDdqj9Dq8gq0tT4fKSvHJZpKlzgHtJs1onVNvYuDyKCfifmdTxRGVGiZzq9naUcdZFC3Be9qEieYcWnC9-XHbwrOvZF9BRXU1oTyZIOQ&sai=AMfl-YTvM50VA3eY1EpaPlVR3FXYjzeig_iggflpvs3UR5HoOz0kPzG6m00DINHQ3DIAefS6Qt7aVdiP9qQVtsE&sig=Cg0ArKJSzK7VNmJVgT-NEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 22:23:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B29D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
46812d66740715283a9aecfc75c69a54d471dee327e46b4e29c8b21207c2f1bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12269
x-xss-protection
0
/
track.adform.net/adfscript/ Frame FFCF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=54110886;rtbwp=ZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w;rtbdata=4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=COqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2aW6UEThZQJWANpVSWajcqNFOzNg&client=ca-pub-5884294479391638&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ffc0be0a3433412ac7047d4cf26a985c130599d94d44a8e25ca411dfe53d1bfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1488
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame FFCF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
35216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame FFCF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
11006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:20:00 GMT
l
www.google.com/ads/measurement/ Frame FFCF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrySjW3en8JE2t2FF1sbdTxdV9IIHoYoDCl8Pd0ZGsP7ahQNOlfJn1_8w36lDqDpvQE6EpUynvsCTaC2lufHdNHtO_dw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FFCF 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 22:23:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B36 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BB0Bu3RVIZeTcNNKlx_APxOyiiAEAAAAAOAHgBAI&bg=!yMuly4TNAAb4oU7C2KE7ADQBe5WfOKUjmHz-pYWwJHB2Pv7oDb8Gclz1IaFgKupOCNLrxWYXKZzvyva1Y2UiRZxPlDNEAgAAAFpSAAAACWgBBwoAC18lFLgKDFGoj_vzmQNQSOBxztKTANsZQj_N4aivdfRWjrDhYLn36m0u1JjjKIwlZJvHxWxzOd07J4TBT0LZEtC9OSsOM7PyMgeugnz0H1qN3rmX6vcNUWjdHbbj3GAzGu3uUzwWosAZfBRFe06ni6vjj8zqWKPz5zEJ7T8Oxh6djaVrFqeNnPujlfGVxs8_uWLUBdA8YMFxpI1q7V3Si3zD1VUBzrr4u87tHchCJ531sNdErLv2eXNAIyeif86CSPvVLO8MkrTE8TaOFwU_Svb4oGL19NlJ4AwxzfOclYrAA4Bf6q8XgxQvePz63l_q-ZEI_dE8AmTfjXfUFcArdTuwIeU1V5QgQ3hAurJBIIPq_-nlk8xvKcDQgHZcvYtmyZYCCnEIsyNxPsLT_Vo4jdmsaEuykYEClzQLiA0e8b6zXGdKEDXsmQGySTjJUnPgBPpdD49p1MByOUHmzpZhq7tPg9pB-sdvIlt5l0XQ_Ukml4r9vIvpeLewBlNqnv187VAgMJupvXHE8vK-nekgm8PEC1aa0XEfVsjBbh0Il27AhUip1m4sr5D6B0R2J8s6hcl2Ba9q9Fw56pKqVY72tuLMDv-d-YPo7dVhoOHMcZ-Zr2_ZmPvUiEsnZKQZzAmA0qTiWrvavQVWpm9vT-z7SQUzMfeFSmD4MXdUOJF5cV7RgnLAfYyRlnBGuH0bdOVeaNF7Ryy_-aZL0xuaLcqFz7NXccg37KenMClby-4XMW6PhygsockFl-MHHJ_rbs05OJOg7rlE4cOPNzamzmSd0VMDAtPx0PQMoxrti-j6UDGCCO2BgfU25M3vONMrnpKqjnZOAjBj9fZeB5K8n1CiiTM0ClUQ5F0nbFXoerR-FzPO2mMysOTJcG6v6SFqcV1BU_AvsqLylEs7AHo_9dYEha4HIg9zIb0yjKCDrQHfYTqWWk2Jnpm-TGz__xGLnLrU3u4CQyr1qgI0dShc0AmRZSMXsmGkL2HI9usy4No1jYaYuFVn0TBTQ8yiazuQNQOFubEP2BycbmKZAp_gQAFlV83JaFMy80VSdM6YgPNOj-ydSupf42paLc8UDEkfbstSgbBEwXnrtJQWC5p7ypv-2unSzK94UTkr65O1Bq1hm4oOgxmuEUfVmXOUbLeU15Y
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F9DF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310310101&jk=1909025794573421&bg=!hoWlhcrNAAb4oU7C2KE7ADQBe5WfOAOGoqnGzdSkkq4BsjNZmHaq_CBRj_3CMp6n5wVKzb9niv-Q8ucxN0DpuDMo7oOBAgAAAHpSAAAAB2gBBwoAIpE8zoKAyW-AfWKQrhADdGEsOLBlythyQzXPjsWNV4DfwN-ZAvtPLhSI2717V6qjg7IXEKnxTZvS3yhq-L_UX6jueVBQvyL-x1nBfoutZnYDIxRGgNfF4jaEja63Vf0DPFpymjJYPQRF2DyM9vWYGdX0iJcj6N9FYKQwCkC0ZVZSDAsWKZQIfGeZG5MMxSGh7ghPK1I9mHRMiYpDu5Dnw1aVVtgFGUBfq808W3NjLK0sV5GeXHTktP26rW564qcfRMDGF9OxbRZGS4IxIMhmen0_XtckJND_h2fDyRFf1gdYe2UZffhWMOuHPrcz0Ogyz8-0keeuyiR4oUi8oCGcBcK1-QMMBv8ZIWUa2IL6Cp-f4aZvFUio4dnrG5Ghc9PIsGj9xYFClIm7a87itfojXRYxOWwCLm4MKUyt9UDPY6X7c9z-OU_hHZs7ABJP4DYC8OUfy2QQsrJ84F85SvSkiCnUXSeVTA6k1LzGTu2zRfJk_tHD98iPyPAJMs3_l8LkbgzyPC3KQSUar8GHAohCjlOW-K3r42M0JNCuyjGc-IRjGtNSZ1ORhVi728Tv-Rx96QNl4eFADPlfSOOyf-tHEJW9hwPsVLKKS-_dL0Cwq_yk1XdgJ2fBwrJwhHuZg_9QDRT3fdvyXHq5-yWpJfYbKuOnp1IQ4F6-kfnUa3TjrNr8f0Jqz4f0owl4ddqT9yc_QAY9547JJ3BS857Mdv_IuVMPGubmTQ08c3GacGxJYbO3T1Twx5CjLbjwEYP10ONGeD_m1-cXjWRZHUaEpyETcedkKmeD0Xfq2ynvM2xP1koobbs9GM0K8MAeWw1V9f_-eNBLdBXaorI2wLQvWyIyVVJaGHoPy45c0k-jL0TrZwpRXXtL3JBT9qAlpzhJhiLZiSkb2iw9_osUo9ssg_X0gpArk_1FWKQQ85PTzos0jWlbDqy05PsJQlM3gK38uGpnrpETnziRbfRXFFhShcDW1AgFIfxGXFQl0DE76GKJXdRy_JmbZlFNg5VRshjov-iC4hN2wK0q1F_DRTHxhOMnpkxjnHf_E-e3wXg1cKvCa_Lb
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B29D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 22:23:27 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame FFCF 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54110886;rtbwp=ZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w;rtbdata=4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=COqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2aW6UEThZQJWANpVSWajcqNFOzNg&client=ca-pub-5884294479391638&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:27 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
UPDATING
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 30E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-Mq6YawbNgXk-_4txP1qM2wC4fzU0h4_O-K-V4SvwzFiKtEu0_R-kEnSLCZaEFJfT6iaZYspCYotmx7XA_SqyHIIiqySDWnX5WZZEuPgtVSMGOegyI8ykAdB5t1PJxo-E-qQVZWa0i6eSHQULoJoGwqZO2Rfj6OOa8i0e3vcijj6YRrh0NL9l5Yj04ikl6COY4I2nS4XVgSbEu72QkepVkFU6lDGRfhdYyXIVFFA5Ghb48IW7Zf8rBGBO9xerk_MiFcbChqT4ndTOYNgbxn5bh88Tbzq4FItgL_DEXZu09sjwNWwc6Dam-xY02WCZ8DDrwDGbh7QFYAM4w0MswxuCTExAEdpgfoSDA_7hwkVOlth3HOVaIsSxrWCmwtPO5kmAXRbs&sai=AMfl-YRUP0r-Bj2A5WRmdKszlEGmEW4TpP25PQeDOvzuErqQnI8smKOvgefmTguY3d2ivntwMBZeDt1fSFdt4I8&sig=Cg0ArKJSzPVV7uc4GrRMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 22:23:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 30E0 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b11e96c98a2a84684a5ff2dfc56af994fb7e0da5981626c224f5716211a1ed72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12276
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BCF3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
183242
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:29:25 GMT
expires
Sat, 02 Nov 2024 19:29:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F98D 		829 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
c79611cc7fe2b721e87aeb185daa9a9f08eae8e929d776e0da3b256ccb849540
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hZkHAeZK-K13y5WqctPXtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hZkHAeZK-K13y5WqctPXtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:27 GMT
expires
Sun, 05 Nov 2023 22:23:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
track.adform.net/adfserve/ Frame FFCF 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=54110886;rtbwp=ZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w;rtbdata=4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=COqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2aW6UEThZQJWANpVSWajcqNFOzNg&client=ca-pub-5884294479391638&adurl=;js=1;adfxid=1x;6607;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1669c6c41574cd50fb5a72a56cd25adc5af06c8bd233c378dde3c87729608177
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3243
expires
-1
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 30E0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 22:23:27 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0646 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqLh72hVIZeqaOoWcgAfV3p_IB5Gtxbxc3ebspu4CwI23ARABIABg9cXHgdQEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAu7BOlWJTYM-4AIAqAMByAMCqgSYAk_QVTf7GyqKezKwTMxW1oflmX7X_hUiUiDfTLSLptj6jGapqCxhW_RYkXY-ZFUsAaXSsVdMjDmirgqnw6CF_hfsLXD54wfKlCUnahyy0vFn7Mby4uMmguJmK0xKF0ZiFR-dCsU7Xicz-21s4cd3E9MJiOs_qOq3VDLPfL6fko8hWq67dXIN0KYNmyakaKAv9GnT7Xvk4b3t7rNTEkVOd7TYMV8a4dJAKOaV9kB-kiriV5En8qJGMz9LjT_vgwb0iz5FhbRhVNFTPNiAYP4mcg--J4Mo_zIXNeM29zJCVTQX83qlIWI_rT0fsu8Z4BYIxvXOQyOAGSGS2avll_vP3kItqefJztgKWjSgkxbNxDqOd7ansMtMyhLgBAGABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=6ByHf6IlLuk&uach_m=[UACH]&cid=CAQSGwDICaaNLiQPh6chMpZAsdnTnpkoeCkNU3_KuBgB&cbvp=2&vis=1
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F98D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=2133168225622034&rc=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame BCF3 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 20:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
8478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 20:02:09 GMT
bd4e7bcd7e.html
tm.ad-srv.net/tm/a/container/html/ Frame FFCF 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=aa2fa19adb&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCOqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aW6UEThZQJWANpVSWajcqNFOzNg%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w%3Bcrtbdata%3D4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUUy1IRHUoYmOiwowaHd4FRca32qweLNn5_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJSh_lHyf-ArNGXdygC87cYRawzfeVLsd8MegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=www.xgcartoon.com&eVRDB=xgcartoon.com&eVAI=4489914974391026548&rnd=24513&gdpr=0&gdpr_consent=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.9.97.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.176.97.9.5.clients.your-server.de
Software
nginx /
Resource Hash
93e40d1cb5c4ef1f6164af93482f0de219e6fc9f49aabe553b573fa0264ce45d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 22:23:27 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Expires
0
/
track.adform.net/csimpr/ Frame FFCF 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=54110886&csi=Uk811EsQqUE6RIkNgPwg6igL7MT9Ngl7RPeMKuGqSAoJDwKV3Zer3GGwT1-a-qjOclCnxQfCsWABmc62vL5Mp2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4C6E 		1 KB
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
72080
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 02:22:07 GMT
etag
48472445140208031
expires
Mon, 06 Nov 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ThirdParty
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame FFCF 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
73bf38e360808e83c5e94f6089326848f56880e84dc21c7ab1cc538e6f2b83c4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:27 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:10:00 GMT
ztpv.php
www.conrad.ch/ Frame 4234
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=97587700171643604438442012499007&pv=1
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1699223007_f11172e0-7c29-11ee-bbbe-22643cd2ee20&insert=AW&gdpr=&gdpr_consent=
0
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.conrad.ch/ztpv.php?awc=11467_414915_1699223007_f11172e0-7c29-11ee-bbbe-22643cd2ee20&insert=AW&gdpr=&gdpr_consent=
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=r4yapv8fhxky&nw=20&renderingType=javascript&namespace=94904d63fd&subid=&uid=83a10f5e89b13b29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHstS2xVIZbbGO5H9x_AP1K6I8AqRwdCbacv2g5LcD_AuEAEg08vOMGD1_bqBmATIAQmpAircdGgTAbI-qAMByAObBKoE5gFP0NS_R6Y5AsNi7ssPFj9KGwE7xwj1b7VWUuVECL8Aq4AZgISoYJABAFSIs8lVAsb5Av8mLBP4shYn16Da3T4gxXwoO9ZLg2m8JX1XVmATBTUdsj3xDRpCivG8_VS39cyLppr23t38QLAwnstV7gMHnHd7JZmlf17pR_uGdPgNS-IMEl5w8S-7rEdB6Rw-UNs1AQBUm64vx42u_taHTVSBBtIjy9Y8T29pA80mGCWUXKZCs4T0Zc-PJ93VijQz59mDSKwNDnlrEvYP6qS5hFX2A8-4H8FAtXc6GQcs4WHNAw-QbtteuMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSOINEwihmK788q2CAxWR_hEIHVQXAq6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSKQDICaaNgKrzCtf3JhNepCavs3YHqoqhUR3-5hy-WYlfLRnXnKgETD63GAE%26sig%3DAOD64_1Kmm4UCV2cTDYMzpwo1cdiNiufhA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-AQ0Wl0ETUTOYMZqts8DgxNJ0mD9aPWBO3kGSlS_bcsYG1QxQbT9cM53VzxzxXWbYkwhBQEpo8oRzGnTY0bbb46BUulKdvbsTikFZfxdN4WYL886m1J73j5WVX2yzrpQ1PF7kGan2ral1QfSTCuVtxD-XmF-UKwEohm-Ak4QKceo-Y0_-w%26cry%3D1%26dbm_d%3DAKAmf-DnEVo6zzextnO-7zy6xTWLc0SD5FX9nqVMtlAEGJSTXy-4bQtFN98qUZ5KM30cldMlboMbh_exLXAMhHXhkjD8V5p-45685xG_YyMVD_LpIEfEVcHFNuaiHuUtYk_fQouZZ2bYc-QC02oBra9eBQCcAwPWbgnhhTM7jLKquxHnvHeoSMWq6gs3fYDETkCZ9M8d2l8zZ-HThnipfA5RsvwCKu5DTjcEfBrjlsfHwNeQbZaFEUyFIBQBYvKuPw81W8QePfQHAxE0oNCHBj4k4fbBOpuYnyLLbGhBL2OQNoe169tTZVqk5UGH3YHUXCfRw6teVAG1_t5qGhqE-0eP-t5RDkTlT4tvX7yZXAHyB6s10ZTp5uLdMZuRdRcnkYBOIdoCPhU1lkggu9_aI7tr-ANaLAKTJ2R506FmkNvdxRMutK2Q9Q9Sn0fiP-bBXYdBxzPAbBiLxaPTGpUtotQjsLaO4Py5V1SFA1UtATKwTyfQ9VgYf-_bgrFk6QIhAyT159IecD-nLwIVMMde9DisCHrW5FPhdWz96AID8KYm7sVF2RJeAl4ZZxi1iHeDwnQ_l3txB4mnPuLXSSKKAYYkSrgzr5qySA%26adurl%3D&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3329995787286&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.224 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
cf-ccp-worker
HTLPHandler-v1
cf-ray
8218805cfc67f164-CDG
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 22:23:28 GMT
expires
-1
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding

Redirect headers

Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Sun, 05 Nov 2023 22:23:27 GMT
Location
https://www.conrad.ch/ztpv.php?awc=11467_414915_1699223007_f11172e0-7c29-11ee-bbbe-22643cd2ee20&insert=AW&gdpr=&gdpr_consent=
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
cshow.php
www.awin1.com/ Frame BC0B 		43 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=97587700171643604438442012499007&pv=1
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=r4yapv8fhxky&nw=20&renderingType=javascript&namespace=94904d63fd&subid=&uid=83a10f5e89b13b29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHstS2xVIZbbGO5H9x_AP1K6I8AqRwdCbacv2g5LcD_AuEAEg08vOMGD1_bqBmATIAQmpAircdGgTAbI-qAMByAObBKoE5gFP0NS_R6Y5AsNi7ssPFj9KGwE7xwj1b7VWUuVECL8Aq4AZgISoYJABAFSIs8lVAsb5Av8mLBP4shYn16Da3T4gxXwoO9ZLg2m8JX1XVmATBTUdsj3xDRpCivG8_VS39cyLppr23t38QLAwnstV7gMHnHd7JZmlf17pR_uGdPgNS-IMEl5w8S-7rEdB6Rw-UNs1AQBUm64vx42u_taHTVSBBtIjy9Y8T29pA80mGCWUXKZCs4T0Zc-PJ93VijQz59mDSKwNDnlrEvYP6qS5hFX2A8-4H8FAtXc6GQcs4WHNAw-QbtteuMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSOINEwihmK788q2CAxWR_hEIHVQXAq6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSKQDICaaNgKrzCtf3JhNepCavs3YHqoqhUR3-5hy-WYlfLRnXnKgETD63GAE%26sig%3DAOD64_1Kmm4UCV2cTDYMzpwo1cdiNiufhA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-AQ0Wl0ETUTOYMZqts8DgxNJ0mD9aPWBO3kGSlS_bcsYG1QxQbT9cM53VzxzxXWbYkwhBQEpo8oRzGnTY0bbb46BUulKdvbsTikFZfxdN4WYL886m1J73j5WVX2yzrpQ1PF7kGan2ral1QfSTCuVtxD-XmF-UKwEohm-Ak4QKceo-Y0_-w%26cry%3D1%26dbm_d%3DAKAmf-DnEVo6zzextnO-7zy6xTWLc0SD5FX9nqVMtlAEGJSTXy-4bQtFN98qUZ5KM30cldMlboMbh_exLXAMhHXhkjD8V5p-45685xG_YyMVD_LpIEfEVcHFNuaiHuUtYk_fQouZZ2bYc-QC02oBra9eBQCcAwPWbgnhhTM7jLKquxHnvHeoSMWq6gs3fYDETkCZ9M8d2l8zZ-HThnipfA5RsvwCKu5DTjcEfBrjlsfHwNeQbZaFEUyFIBQBYvKuPw81W8QePfQHAxE0oNCHBj4k4fbBOpuYnyLLbGhBL2OQNoe169tTZVqk5UGH3YHUXCfRw6teVAG1_t5qGhqE-0eP-t5RDkTlT4tvX7yZXAHyB6s10ZTp5uLdMZuRdRcnkYBOIdoCPhU1lkggu9_aI7tr-ANaLAKTJ2R506FmkNvdxRMutK2Q9Q9Sn0fiP-bBXYdBxzPAbBiLxaPTGpUtotQjsLaO4Py5V1SFA1UtATKwTyfQ9VgYf-_bgrFk6QIhAyT159IecD-nLwIVMMde9DisCHrW5FPhdWz96AID8KYm7sVF2RJeAl4ZZxi1iHeDwnQ_l3txB4mnPuLXSSKKAYYkSrgzr5qySA%26adurl%3D&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3329995787286&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-218-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 05 Nov 2023 22:23:27 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
request_content.php
hal90007.redintelligence.net/ Frame 93D5 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request_content.php?s=97587700171643604438442012499007&a=a86069e2
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=r4yapv8fhxky&nw=20&renderingType=javascript&namespace=94904d63fd&subid=&uid=83a10f5e89b13b29&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHstS2xVIZbbGO5H9x_AP1K6I8AqRwdCbacv2g5LcD_AuEAEg08vOMGD1_bqBmATIAQmpAircdGgTAbI-qAMByAObBKoE5gFP0NS_R6Y5AsNi7ssPFj9KGwE7xwj1b7VWUuVECL8Aq4AZgISoYJABAFSIs8lVAsb5Av8mLBP4shYn16Da3T4gxXwoO9ZLg2m8JX1XVmATBTUdsj3xDRpCivG8_VS39cyLppr23t38QLAwnstV7gMHnHd7JZmlf17pR_uGdPgNS-IMEl5w8S-7rEdB6Rw-UNs1AQBUm64vx42u_taHTVSBBtIjy9Y8T29pA80mGCWUXKZCs4T0Zc-PJ93VijQz59mDSKwNDnlrEvYP6qS5hFX2A8-4H8FAtXc6GQcs4WHNAw-QbtteuMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSOINEwihmK788q2CAxWR_hEIHVQXAq6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSKQDICaaNgKrzCtf3JhNepCavs3YHqoqhUR3-5hy-WYlfLRnXnKgETD63GAE%26sig%3DAOD64_1Kmm4UCV2cTDYMzpwo1cdiNiufhA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-AQ0Wl0ETUTOYMZqts8DgxNJ0mD9aPWBO3kGSlS_bcsYG1QxQbT9cM53VzxzxXWbYkwhBQEpo8oRzGnTY0bbb46BUulKdvbsTikFZfxdN4WYL886m1J73j5WVX2yzrpQ1PF7kGan2ral1QfSTCuVtxD-XmF-UKwEohm-Ak4QKceo-Y0_-w%26cry%3D1%26dbm_d%3DAKAmf-DnEVo6zzextnO-7zy6xTWLc0SD5FX9nqVMtlAEGJSTXy-4bQtFN98qUZ5KM30cldMlboMbh_exLXAMhHXhkjD8V5p-45685xG_YyMVD_LpIEfEVcHFNuaiHuUtYk_fQouZZ2bYc-QC02oBra9eBQCcAwPWbgnhhTM7jLKquxHnvHeoSMWq6gs3fYDETkCZ9M8d2l8zZ-HThnipfA5RsvwCKu5DTjcEfBrjlsfHwNeQbZaFEUyFIBQBYvKuPw81W8QePfQHAxE0oNCHBj4k4fbBOpuYnyLLbGhBL2OQNoe169tTZVqk5UGH3YHUXCfRw6teVAG1_t5qGhqE-0eP-t5RDkTlT4tvX7yZXAHyB6s10ZTp5uLdMZuRdRcnkYBOIdoCPhU1lkggu9_aI7tr-ANaLAKTJ2R506FmkNvdxRMutK2Q9Q9Sn0fiP-bBXYdBxzPAbBiLxaPTGpUtotQjsLaO4Py5V1SFA1UtATKwTyfQ9VgYf-_bgrFk6QIhAyT159IecD-nLwIVMMde9DisCHrW5FPhdWz96AID8KYm7sVF2RJeAl4ZZxi1iHeDwnQ_l3txB4mnPuLXSSKKAYYkSrgzr5qySA%26adurl%3D&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3329995787286&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
20ae49b58fcdbc4b87b4a15b516a94c2dbf26506ead0b52257b2c6c7ad494144

Request headers

Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2135
Content-Type
text/html; charset=utf-8
Date
Sun, 05 Nov 2023 22:23:27 GMT
Expires
Sun, 05 Nov 2023 22:23:27 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
impression.php
t23.intelliad.de/ Frame 0A83 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1699223007&co=
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.180.80 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:27 GMT
server
Apache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type
image/gif
cache-control
no-store, no-cache, max-age=0, must-revalidate
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame FFCF 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
003010a3e6ea88104543af5d1822bc6d909141a4e1a93b19f941a58f219899f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1B65 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
72080
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 02:22:07 GMT
etag
48472445140208031
expires
Mon, 06 Nov 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B60E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
183242
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:29:25 GMT
expires
Sat, 02 Nov 2024 19:29:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2711 		829 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
8c85f03903eeda42afd21bff9ff8bd1e89f490a978dfa039d38026d9c90dbb07
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1aQz2NCSXdzH5mPMDL8b_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1aQz2NCSXdzH5mPMDL8b_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:27 GMT
expires
Sun, 05 Nov 2023 22:23:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usersync.aspx
dis.criteo.com/dis/ Frame 4C6E 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTL7pmIACgNQjW5NP2obqPiB2yADYlZBN2kpX2naNQDGIiPip2bCASUCSZ9kP_5Nmc6SyXLVFmFOoT0PsqPvsymqXM3eoZcHw&google_gid=CAESEHRoAHQIdGKqfHSgMOs5ujg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:27 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
193753
expires
Sun, 05 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C6E
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEHhuBY3oG3ru2wqtl9vUqoY&google_cver=1&google_push=AXcoOmQTSR5OYLj0-H93d-22Iyr1A_MXtyn8fKRsNLAo6YKKVXsr88UJvi6mZEuvY5OG3NSOoHf1sgITMObLUqh1KuPLfLPXrUTDYA
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEHhuBY3oG3ru2wqtl9vUqoY&google_push=AXcoOmQTSR5OYLj0-H93d-22Iyr1A_MXtyn8fKRsNLAo6YKKVXsr88UJvi6mZEuvY5OG3NSOoHf1sgITMObLUqh1KuPLfLPXrUTDY...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQTSR5OYLj0-H93d-22Iyr1A_MXtyn8fKRsNLAo6YKKVXsr88UJvi6mZEuvY5OG3NSOoHf1sgITMObLUqh1KuPLfLPXrUTDYA&google_hm=njfnuYLtyHoTscSpROOjbg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQTSR5OYLj0-H93d-22Iyr1A_MXtyn8fKRsNLAo6YKKVXsr88UJvi6mZEuvY5OG3NSOoHf1sgITMObLUqh1KuPLfLPXrUTDYA&google_hm=njfnuYLtyHoTscSpROOjbg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:27 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQTSR5OYLj0-H93d-22Iyr1A_MXtyn8fKRsNLAo6YKKVXsr88UJvi6mZEuvY5OG3NSOoHf1sgITMObLUqh1KuPLfLPXrUTDYA&google_hm=njfnuYLtyHoTscSpROOjbg==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
pixel
cm.g.doubleclick.net/ Frame 4C6E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA4xylsWZP8GLpvB2hIZUTE&google_cver=1&google_push=AXcoOmS4_R7sxhFT_lGAmBGBwuRYtfuuIjqk6AgAAsEXkCImBLuNVNu1IGW72VqXWQWH0A61OYUu4y331pcGq...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA4xylsWZP8GLpvB2hIZUTE&google_push=AXcoOmS4_R7sxhFT_lGAmBGBwuRYtfuuIjqk6AgAAsEXkCImBLuNVNu1IGW72VqXWQWH0A61OYUu4y331pcGq...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS4_R7sxhFT_lGAmBGBwuRYtfuuIjqk6AgAAsEXkCImBLuNVNu1IGW72VqXWQWH0A61OYUu4y331pcGqWuNTPx2cDwOE_PGGA&google_hm=eGxZa0diTjAwRnhHRz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS4_R7sxhFT_lGAmBGBwuRYtfuuIjqk6AgAAsEXkCImBLuNVNu1IGW72VqXWQWH0A61OYUu4y331pcGqWuNTPx2cDwOE_PGGA&google_hm=eGxZa0diTjAwRnhHRzh0MjFLTXg=
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 22:23:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmS4_R7sxhFT_lGAmBGBwuRYtfuuIjqk6AgAAsEXkCImBLuNVNu1IGW72VqXWQWH0A61OYUu4y331pcGqWuNTPx2cDwOE_PGGA&google_hm=eGxZa0diTjAwRnhHRzh0MjFLTXg=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C6E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WHUUiGkSRlWSL0UQd4CyiQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WHUUiGkSRlWSL0UQd4CyiQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSkIBvH5fQjbOaXb2YVLLGlOdqZq-mWGOdMmqpsbJ1hmgxWiwgG2ntKKy2M4th0NLXTC4YNey_4FHH3cXFex6hIyWXVIBLChg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WHUUiGkSRlWSL0UQd4CyiQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSkIBvH5fQjbOaXb2YVLLGlOdqZq-mWGOdMmqpsbJ1hmgxWiwgG2ntKKy2M4th0NLXTC4YNey_4FHH3cXFex6hIyWXVIBLChg
date
Sun, 05 Nov 2023 22:23:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4C6E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHGPqRJFyTaSgQvzlGtOHdI&google_cver=1&google_push=AXcoOmSZcjYKRQnHXYZQRn2McC9AtZvt6Dc6l94M48yb4pK8ywsNpyeEV7RXxsyquXUu_bqqHJqW14BDy2EPiqd...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=-QQpk96bXoxTR5l_qlEixlOWOa4&google_push=AXcoOmSZcjYKRQnHXYZQRn2McC9AtZvt6Dc6l94M48yb4pK8ywsNpyeEV7RXxsyquXUu_bqqHJqW14BDy2EPiq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=-QQpk96bXoxTR5l_qlEixlOWOa4&google_push=AXcoOmSZcjYKRQnHXYZQRn2McC9AtZvt6Dc6l94M48yb4pK8ywsNpyeEV7RXxsyquXUu_bqqHJqW14BDy2EPiqdBEtIWiIfUS_hC1A
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=-QQpk96bXoxTR5l_qlEixlOWOa4&google_push=AXcoOmSZcjYKRQnHXYZQRn2McC9AtZvt6Dc6l94M48yb4pK8ywsNpyeEV7RXxsyquXUu_bqqHJqW14BDy2EPiqdBEtIWiIfUS_hC1A
Date
Sun, 05 Nov 2023 22:23:28 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4C6E
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJTCFsTayX1DC_zYFGA3Aa0&google_cver=1&google_push=AXcoOmRWJYBOD9D-v606xPZ1fSRKgHRvghvwUGG4NlxdFus_bFZ-WCOJr1UnUZ_nCEgFyhFbnYG1fa6f0QKIrlRu...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=66f6331dbe&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=66f6331dbe&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=66f6331dbe&gdpr=0&gdpr_consent=&dcc=t
Protocol
HTTP/1.1
Server
52.95.126.138 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 22:23:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RSTCPNN9XZ457Z44F1N2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 22:23:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9HSSRVFT5DGVRYDAW47W
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=66f6331dbe&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
onetag-sys.com/match/ Frame 4C6E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBjCZjpSZkaMk-hooU9RFnk&google_cver=1&google_push=AXcoOmRJcGoZE9tkIeRhlZi9MoUWvqPgLh7Gl9XAA5IGDjahcbJ_yFSwt0441PK6Ze9XMoMtgahTxMw9QmU...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi6GVcm8zDfv_N2nGuebtKSAzHEAxIIqilg&google_push=AXcoOmRJcGoZE9tkIeRhlZi9MoUWvqPgLh7Gl9XAA5IGDjahcbJ_yFSwt0441PK6Ze9XMoMtgahTxMw9Qm...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H2
Server
51.89.9.251 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4C6E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KnV716DeflTgnJ1kONGjEy6UARn-ZfcmcleBQyhfTh0S4p0M0J5AwQcfW2f1bvMQlbQ4AEQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHKhC2UW4BEjsSRlhx3GLxU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHKhC2UW4BEjsSRlhx3GLxU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVAyQVhIOXcxUVpMd0g1&google_gid=CAESEHKhC2UW4BEjsSRlhx3GLxU&google_cver=1&google_push=AXcoOmR2tvVZ-VZheBbrBEhIOIdeYyg_49Bbmdu_04qRP6F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVAyQVhIOXcxUVpMd0g1&google_gid=CAESEHKhC2UW4BEjsSRlhx3GLxU&google_cver=1&google_push=AXcoOmR2tvVZ-VZheBbrBEhIOIdeYyg_49Bbmdu_04qRP6FIhCnZRsw2VsqUA6075GHfQoa-MTfP-T5ZYzjVo6tRnDFt6fdTJJfX
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 22:23:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-0876b9bf50f8ab74e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVAyQVhIOXcxUVpMd0g1&google_gid=CAESEHKhC2UW4BEjsSRlhx3GLxU&google_cver=1&google_push=AXcoOmR2tvVZ-VZheBbrBEhIOIdeYyg_49Bbmdu_04qRP6FIhCnZRsw2VsqUA6075GHfQoa-MTfP-T5ZYzjVo6tRnDFt6fdTJJfX
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEDq1HgepRkNfINLbKQEL8DQ&google_cver=1&google_push=AXcoOmR07mn7egHGIQQbQiQI2GCaInOBAwUOwTNZPS1dq6JQjw2VFZtvcbkYrLObs9NRDBVRhg55gphkvWnpPxFqzc9zTNpmeid7
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODAxM0U2QTM5RUM1QzBBOQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODAxM0U2QTM5RUM1QzBBOQ==
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODAxM0U2QTM5RUM1QzBBOQ==
date
Sun, 05 Nov 2023 22:23:28 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA4xylsWZP8GLpvB2hIZUTE&google_cver=1&google_push=AXcoOmSfQks5MAI2F38R4oMc8w9G5Fgmnoa9sr0oN8fMfIfAv2SGSQ59AzD6gNrlxsyh5ekz1NUD9cUTXa6ug...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA4xylsWZP8GLpvB2hIZUTE&google_push=AXcoOmSfQks5MAI2F38R4oMc8w9G5Fgmnoa9sr0oN8fMfIfAv2SGSQ59AzD6gNrlxsyh5ekz1NUD9cUTXa6ug...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSfQks5MAI2F38R4oMc8w9G5Fgmnoa9sr0oN8fMfIfAv2SGSQ59AzD6gNrlxsyh5ekz1NUD9cUTXa6ugSuCeQHPxEiBOkLIjQ&google_hm=eGxZa0diTjAwRnhHRz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSfQks5MAI2F38R4oMc8w9G5Fgmnoa9sr0oN8fMfIfAv2SGSQ59AzD6gNrlxsyh5ekz1NUD9cUTXa6ugSuCeQHPxEiBOkLIjQ&google_hm=eGxZa0diTjAwRnhHRzh0MjFLTXg=
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 22:23:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSfQks5MAI2F38R4oMc8w9G5Fgmnoa9sr0oN8fMfIfAv2SGSQ59AzD6gNrlxsyh5ekz1NUD9cUTXa6ugSuCeQHPxEiBOkLIjQ&google_hm=eGxZa0diTjAwRnhHRzh0MjFLTXg=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
dsp.adkernel.com/ Frame 1B65 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEL0mfSIlS7n2QF_4BBt5Xwk&google_cver=1&google_push=AXcoOmSE-2spEdaTz9GAtQxkP90CkiZjBk8rniFuew7zKqq2naMI8pxMZC6ZLJyl-90pd1G5HFMK8Tw0zmCHTDHxQNpGeISy38EG
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Nov 2023 22:23:28 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEJMNYrp4wZySkrpQpNKTxa8&google_cver=1&google_push=AXcoOmQmw2oJge8q6542UVVXv8uNL4DdCAC0fNBc7ptoQiAhH-ODa3PymEQwPdK4zI4Uj5CcIT-tk...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQmw2oJge8q6542UVVXv8uNL4DdCAC0fNBc7ptoQiAhH-ODa3PymEQwPdK4zI4Uj5CcIT-tkMZtw479i23y0CZZWp9xk_KQ1w&google_hm=WlVnVjRjQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQmw2oJge8q6542UVVXv8uNL4DdCAC0fNBc7ptoQiAhH-ODa3PymEQwPdK4zI4Uj5CcIT-tkMZtw479i23y0CZZWp9xk_KQ1w&google_hm=WlVnVjRjQ284WG9BQVBDOXJnVUFBQUFB
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 05 Nov 2023 22:23:29 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEJMNYrp4wZySkrpQpNKTxa8&google_cver=1&google_push=AXcoOmQmw2oJge8q6542UVVXv8uNL4DdCAC0fNBc7ptoQiAhH-ODa3PymEQwPdK4zI4Uj5CcIT-tkMZtw479i23y0CZZWp9xk_KQ1w","cluster_id":0,"gdpr":false,"ipv4":"83.150.57.174","key":"ZUgV4cCo8XoAAPC9rgUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad37"}
X-SO-Key
ZUgV4cCo8XoAAPC9rgUAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad37
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQmw2oJge8q6542UVVXv8uNL4DdCAC0fNBc7ptoQiAhH-ODa3PymEQwPdK4zI4Uj5CcIT-tkMZtw479i23y0CZZWp9xk_KQ1w&google_hm=WlVnVjRjQ284WG9BQVBDOXJnVUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad37.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-IP
83.150.57.174
pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRxioDdMRymoOYqHo0IJ74m0c4UI6FdcEmJobqxbnbbxAUVH7mm56rVztznXiYP1ha0kcGgP_WX0a_cv0MuId1VSi3ShXDKWfY&google_gid=CAESEDA5Ns-PzP...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDA5Ns-PzPTeUI7b0cOPvjQ&google_hm=T1BVNjc5NGIxYzE5ZDk0NDFjNDgxYjNkYzRiOGUyZTMxN2Q&google_nid=opera_norway_as&google_push=AXcoOmRxioDd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDA5Ns-PzPTeUI7b0cOPvjQ&google_hm=T1BVNjc5NGIxYzE5ZDk0NDFjNDgxYjNkYzRiOGUyZTMxN2Q&google_nid=opera_norway_as&google_push=AXcoOmRxioDdMRymoOYqHo0IJ74m0c4UI6FdcEmJobqxbnbbxAUVH7mm56rVztznXiYP1ha0kcGgP_WX0a_cv0MuId1VSi3ShXDKWfY
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:27 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDA5Ns-PzPTeUI7b0cOPvjQ&google_hm=T1BVNjc5NGIxYzE5ZDk0NDFjNDgxYjNkYzRiOGUyZTMxN2Q&google_nid=opera_norway_as&google_push=AXcoOmRxioDdMRymoOYqHo0IJ74m0c4UI6FdcEmJobqxbnbbxAUVH7mm56rVztznXiYP1ha0kcGgP_WX0a_cv0MuId1VSi3ShXDKWfY
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
327
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1B65
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=46ae3460-e94e-4e54-a978-8aec0e05826d&google_cver=1&google_gid=CAESEA39Mc2EMDzkHNJkKCDnW1E&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=46ae3460-e94e-4e54-a978-8aec0e05826d&google_cver=1&google_gid=CAESEA39Mc2EMDzkHNJkKCDnW1E&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTX4LdDjovdPohNnviKSPLuPs25MgzM4_MRCU7E-dRqosOP-JHllBI8UioKeXvxACY36i5d-Irchs9JpUQ0RgpivXh96iHJcLM&gdpr=${GDPR}
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=46ae3460-e94e-4e54-a978-8aec0e05826d&google_cver=1&google_gid=CAESEA39Mc2EMDzkHNJkKCDnW1E&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTX4LdDjovdPohNnviKSPLuPs25MgzM4_MRCU7E-dRqosOP-JHllBI8UioKeXvxACY36i5d-Irchs9JpUQ0RgpivXh96iHJcLM&gdpr=${GDPR}
date
Sun, 05 Nov 2023 22:23:28 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1B65 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LPNfdFjA5mLRvulktteXA008x1QW3MBeUXTmDABeBQBfIC_liGljYXCch_7dEGfANFafF-Emg
Requested by
Host: e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
URL: https://e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 93D5 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=97587700171643604438442012499007&a=a86069e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Nov 2023 22:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 22:19:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Nov 2023 22:23:28 GMT
Conrad_Logo_120x60.png
ct.conrad.ch/content-chb2c/affiliate/banner/logo1/ Frame 93D5
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=97587700171643604438442012499007&pv=0
  • https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
1012 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=97587700171643604438442012499007&a=a86069e2
Protocol
H2
Server
104.19.241.24 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
76621d3b2561de39d3266e42c194d7e0265989a375a2e234be586fa227573e8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:28 GMT
via
1.1 google
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
4111
cf-polished
origFmt=png, origSize=2194
content-disposition
inline; filename="Conrad_Logo_120x60.webp"
content-length
1012
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 15:01:05 GMT
server
cloudflare
etag
"892-5f4094ce178c6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8218805cdc7f3c87-CDG
expires
Mon, 06 Nov 2023 02:23:28 GMT

Redirect headers

Date
Sun, 05 Nov 2023 22:23:27 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
/
hal9000.redintelligence.net/scale/ Frame 93D5 		82 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/11287/creativesup/NativeAd_Fruehling_1200x627.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=97587700171643604438442012499007&a=a86069e2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
85573a6de53f35790fe1c2998aca55eca5310e722f470c5f91719b1c9ff75062

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 22:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 93D5 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=97587700171643604438442012499007&a=a86069e2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
8b17ffe6750907a92daaf889f2a4926827e9b4bdb6a77bb9e936e0991d2908c0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 22:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
59744
Vary
Accept-Encoding
Content-Type
image/png
request.php
ad.ad-srv.net/ Frame 27EB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=4489914974391026548&rnd=24513&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCOqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aW6UEThZQJWANpVSWajcqNFOzNg%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w%3Bcrtbdata%3D4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUUy1IRHUoYmOiwowaHd4FRca32qweLNn5_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJSh_lHyf-ArNGXdygC87cYRawzfeVLsd8MegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D
Requested by
Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=aa2fa19adb&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCOqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aW6UEThZQJWANpVSWajcqNFOzNg%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w%3Bcrtbdata%3D4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUUy1IRHUoYmOiwowaHd4FRca32qweLNn5_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJSh_lHyf-ArNGXdygC87cYRawzfeVLsd8MegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=www.xgcartoon.com&eVRDB=xgcartoon.com&eVAI=4489914974391026548&rnd=24513&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8d45fea42302e68727c34abb6eb92d788f146f4acb26ff65c6773f046de213e5

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1594
Content-Type
text/html; charset=utf-8
Date
Sun, 05 Nov 2023 22:23:27 GMT
Expires
Sun, 05 Nov 2023 22:23:27 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
92167600161228304452298012499004
sodar
pagead2.googlesyndication.com/pagead/ Frame 2711 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=1039536337409970&rc=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame B60E 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 20:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
8478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 20:02:09 GMT
generate_204
tpc.googlesyndication.com/ Frame BCF3 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mhlKtQ
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame B60E 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3ajtyA
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B29D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=2133168225622034&bg=!4eKl4q3NAAb4oU7C2KE7ADQBe5WfOIuY-HWUJrnzVhlI4xVrLLoq0C5IHUeM-O_7QSU4CtIB2xkvslo41MJ3pZ2T4FlUAgAAAYpSAAAACGgBB5kDA5zniObEZfiiJnX6zTd3wMU_Hg2YEVsqgyDcLlCri09eWQn3rw7MyqbRTDLsqvbOz5pDUyOud66H7IpE5fWYAbwaMUkXmyIzUhae3ggbbm6MxfzpMqXKTFG04fN8U9taOcl7FEXV4P4fTo62OaowY4kfG7n8RupfbS9auGrmFfClzzzLj55l763Ab4z9QkTRZf23WSoxdaQlAtT-5W1CuMtjVxbfPqLEyIKLOg6r8MxZrlvCnZscH2y88cuhli9Tj_SNLJTZ_EfkdgyChbXGZwmOF-ZGNbMCFApEuyztFR82tOTMOsRToNsAdCEriPOPLc50E0oAxUjCaxUg1pOG29u_ytjCoIhG4ZljbVWQV681JPdqKo_E7ZHN3YwJZYnt7d65DEgIayArUvRUAODDpr-SQgutuosDkbG0Hji0I1BJqDyXCQPRE1i32rRRVjd8ZBdbrltPfEyvxv72H1Fij0WW3qhPqRfyGQBoH3C0pkUvdI7v7APd0B_yVCG_GX28uSIWDMaJIXfMzCuSdTWzi3xIv9DP35kf9tNmaAfHzNOFF3qThFglKed5TxGUoClC4tFYrgFjVG6w2Z1tJ3O2Ho0rUw8JYXRtINj1isB6H_HZ_K_3KJJsEZgCiRKmWfjiQYeyi4n45X7x6rUJXgfi4jgDRnrqo9EfC5eWIzUCZT_Wl29jtZLmW4lMwk-AZNeCnUFmeIBHVUN-0SK8796jREG_3dVFwCvjvQipOo0DU4RdtZdXU-eOkXc5ZpbhY1F_9Uizov5FuBWTni2XdS9A22L-Psn1Za3zpozV0d--MAZwKKFxwjHzy4xTAf0yb5WOPJiot6bNMdLdmstijpSTYzOQebHB0TGNWBmeEmeJATv_cI080XkvuAm_SusZ17o_zbL89oaus87Bw-OUcZrv9YclLdW6mj1r_g0Ewpr2JoOgHFnisskMGYfCHQL0Dt0A3M2_U4v3w_33W5p5VAAeKFRk2OIeETuK8nrzIzQIUzlUzQvJmN-3HvAEkuZ9hc2uO5GpAQ
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
general-1-de-728x90-px.png
smartphoto-media.com/banner/campaign/ Frame 27EB
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2451979&v=15168&q=367416&r=783431&pv=0&pref2=15168&pref1=92167600161228304452298012499004&gdpr=&gdpr_consent=
  • https://smartphoto-media.com/banner/campaign/general-1-de-728x90-px.png
92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartphoto-media.com/banner/campaign/general-1-de-728x90-px.png
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=4489914974391026548&rnd=24513&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCOqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aW6UEThZQJWANpVSWajcqNFOzNg%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w%3Bcrtbdata%3D4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUUy1IRHUoYmOiwowaHd4FRca32qweLNn5_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJSh_lHyf-ArNGXdygC87cYRawzfeVLsd8MegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D
Protocol
H2
Server
149.126.4.39 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
s030.cyon.net
Software
/
Resource Hash
d561570c150c9aafe1cfafa33cf6ba2d203b439ab5840f5e1ab53f8097d34bf0
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:28 GMT
strict-transport-security
max-age=3600
last-modified
Wed, 11 Oct 2023 09:38:44 GMT
etag
"171bb-65266d24-4a499438d842ddec;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
94651
expires
Sun, 12 Nov 2023 22:23:28 GMT

Redirect headers

Date
Sun, 05 Nov 2023 22:23:28 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://smartphoto-media.com/banner/campaign/general-1-de-728x90-px.png
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
viewability
ad4.ad-srv.net/ Frame 27EB 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.ad-srv.net/viewability?s=92167600161228304452298012499004&a=1b513eb4&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=4489914974391026548&rnd=24513&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCOqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aW6UEThZQJWANpVSWajcqNFOzNg%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w%3Bcrtbdata%3D4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUUy1IRHUoYmOiwowaHd4FRca32qweLNn5_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJSh_lHyf-ArNGXdygC87cYRawzfeVLsd8MegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 22:23:28 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
cshow.php
www.awin1.com/ Frame E77D 		43 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2451979&v=15168&q=367416&r=783431&pv=1&pref2=15168&pref1=92167600161228304452298012499004&gdpr=&gdpr_consent=
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=4489914974391026548&rnd=24513&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCOqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aW6UEThZQJWANpVSWajcqNFOzNg%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w%3Bcrtbdata%3D4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUUy1IRHUoYmOiwowaHd4FRca32qweLNn5_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJSh_lHyf-ArNGXdygC87cYRawzfeVLsd8MegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-218-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ad.ad-srv.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 05 Nov 2023 22:23:28 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
truncated
/ Frame 27EB 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/cynamics/tools/js/ Frame 27EB 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=4489914974391026548&rnd=24513&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCOqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aW6UEThZQJWANpVSWajcqNFOzNg%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w%3Bcrtbdata%3D4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUUy1IRHUoYmOiwowaHd4FRca32qweLNn5_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJSh_lHyf-ArNGXdygC87cYRawzfeVLsd8MegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 22:23:28 GMT
Last-Modified
Tue, 03 May 2016 20:55:13 GMT
Server
nginx
ETag
"57291031-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
sodar
pagead2.googlesyndication.com/pagead/ Frame 30E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=1039536337409970&bg=!lJell9jNAAb4oU7C2KE7ADQBe5WfOL4Emys-mEEcOXhSZ6dDASYAeu_GFJLDcC1cmrojBuZlIQfwTYS3lfP1pKLA2LZRAgAAAStSAAAAB2gBB5kC__LiejzXOyd64r1lUmaiMkPmKEd6-HrNWUtgDd2ATcVte1K639rpNYB3mHPn356i-pk-ylAV9GCh6mKGXN58RawiffG3Kg54U5X7XIszMADUGFC9QipxgZscqhqjhihGtkNmVYpaWS7HzO6yfF1uKWKU6ZzxxsNQwLKmURTE-QaMmCgQpZKE35TJmo9poRf0qLdx0DFErB4MKjQQLeUthU62nCn--KUw7Ak_N0ogGX2upDCxCpdUTDazM_goF-qKvletNbJlF4EQYJhaxez-j4zBFQ7FcFiOYtzv9QH4MtiM76A0Ja_Q4GocJBZ0i-h1s8j5emzVRgAx4maYkezQpsgSWCKNTvtiYfVYU7P_uk2XeAbCowfIkPG69yvyK9q7_AUXSRqhI86WnGz2FsCXarre1pLLtjykCZNtXAeZFWnHhxQBZMmdhcQzvPJz2O5Zyn3HXoHN1IPKzmc-NxcdeMbWTCrP7MHpWArB7Iq7E69RmaxkjY5vBN59cZQZpJRqLC6NBZmDdx3oQXLAycMolWxiD2OGFyKl3_qOf0cngSEFRZesDySXyd2u8ffRsyDyJT41r7suKLt-ZYArKZmBI5bwN7WFoxlASZEYfe3EmqtFfA09D23Y3wi8l1uItMVmQIH5se4LIhX7tteKln6lzcLpB7ndwbqJvnkSJBcp0uPZmJfd0hwaw8z6hFlGuqfwZMypK9fkt8Re_kThOAyRjrnRGJKVUlq1gtl4d48Pur3Ulhnt__4RsKcyrwOwKRC6iENanVex5o_9qRlCd7OjEZn9c_MHKqmXhxLBh1HHCZ-SxHxlr3gotP6WBn_GcIkAqCpQTfkaUCNqeZZW9PbfEiOiGsTUphGuBrhduDPcBX0p-Ye-Lkz3U4SxHp8m4VUYqaucJZ9szH6uP7wpoGXKoOLvjAb1ZethlbJwwaw10MpP9KjzngxUeK-hML7cj58p6wR5K1bSoQN3_BnnIu2xytyQwscc4uFXOFS5_lXx2mRUwBEgOKGFrf-6GEz18xWy
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/tianyu_di2jiguoyu-shenleping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
viewability
hal90007.redintelligence.net/ Frame 93D5 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/viewability?s=97587700171643604438442012499007&a=1a1e342c&vb=m
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=97587700171643604438442012499007&a=a86069e2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90007.redintelligence.net/request_content.php?s=97587700171643604438442012499007&a=a86069e2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 22:23:28 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
adview
googleads.g.doubleclick.net/pagead/ Frame FFCF 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHrql3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEyQFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ECTLuro7Q0TpInh1NNwL0IXHqCfM-ezBHq57axO2abqFpT-X83KKABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=MRhH7NyusWc&uach_m=[UACH]&cid=CAQSKQDICaaN2bRjaMJOdcf0npyRmhaIbVTWr3rX2YWc6kJ0CcP-BfPkDpKEGAE&cbvp=2&vis=1
Requested by
Host: 056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
URL: https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699223004029&bpp=293&bdt=541&idt=1685&shv=r20231101&mjsv=m202310310101&ptt=5&saldr=sd&is_amp=1&correlator=3653&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1009625990&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079346%2C44804683%2C44807047%2C44807335%2C44807455%2C44807461%2C31078301%2C44806141%2C31079424&oid=2&pvsid=293351173276419&tmod=668181799&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.idhm6f5keqt8&fsb=1&dtd=1697
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 05 Nov 2023 22:23:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B432 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUmmv43capGY9a9ETF5pxLfiPEEecw1V4Wxc6mGLnbXS39798Wb4OBgxYeV0Du3gyi1Fi-9e6YDIQ8jbowIJzZzWTfjehw0JTr0MQgWGmpE4h9U5xj7MQvOJepGLGsaq5zsXXfX4kXKW49OGXV2CG0PCJgBzg0yr63SVrZ-65UF08BiiPtW3P8LwT5lDvLMcye0VEXvs0iLhnRtuC3d3rNtuj_k8btyvTWQKDkOGLJiLXzekKj6y170NdodYe9wesQhBdpgj0n8Izn8_gtaDJNWcJvJvqHucnlvgJ7bw_hzvma7ITMOeB6gCd0AppJOg9UaX8o0ziEnjzUKskS1GuaGflOiRHLCtAK0Wea5zZfdDuEZbF1CuKjIuqE7x4UECVoydvTOw&sai=AMfl-YQ1EGGoASt2x_dzb-ZIORo7dUwk_IE8xR8qpP1gN0gBHzAlnlzwKtiXSH1IeYwAqpbLzwHT2mG0rMkLQWs&sig=Cg0ArKJSzA1ZDxg8NxjZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 22:23:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B432 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
172a942d596be0c7857dcd1a414a142f9f03ef9de8f053bed92ee2b9e8edf779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12113
x-xss-protection
0
/
track.adform.net/serving/unload/ Frame FFCF 		35 B
591 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5027232572385880154@@54110886,4489914974391026548,100|1070|0|0|0|0|0|0|0||37|1|||||1|0|0|BXoQ3b99J9q48M5tcwHHbe9-PDAemN91xYmY3HRE7xS6iKiDFvl5AxhpnBRkvb3lA7z_uuw_WOM1|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 0646 		35 B
617 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5027232572385880154@@54110886,7768140673131468826,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|BXoQ3b99J9pX7EYoWZQhUe9-PDAemN918_CqMOS9ZMrDhrZnGf28sxhpnBRkvb3lA7z_uuw_WOM1|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B432 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 22:23:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3294 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
183244
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:29:25 GMT
expires
Sat, 02 Nov 2024 19:29:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A720 		829 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
49bd6a218c6e55063b6999c8210c83f98153137e07c1aa5f1f90fd61086f8e81
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ovL1WJ25RBYE9dXPViNITw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ovL1WJ25RBYE9dXPViNITw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 22:23:29 GMT
expires
Sun, 05 Nov 2023 22:23:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame A720 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=293351173276419&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 3294 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 20:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
8480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 20:02:09 GMT
generate_204
tpc.googlesyndication.com/ Frame 3294 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?K_SwYA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:23:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
viewability
ad4.ad-srv.net/ Frame 27EB 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.ad-srv.net/viewability?s=92167600161228304452298012499004&a=1b513eb4&vb=v
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=76943hq3uo71&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.xgcartoon.com&extVar[]=AF_DOM_RTB:xgcartoon.com&subid=4489914974391026548&rnd=24513&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCOqPq3RVIZee9OKDOn88PqeuM4AWRrcW8XN3m7KbuAsCNtwEQASAAYPX9uoGYBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLuwTpViU2DPqgDAcgDAqoEzAFP0FOjHdasTvAfkjSs4PDT2s28o2uAPxddn3xmOwRoISVLq9XYe20TnJK_AXy9VqPTPXGknxCwS7OR58PJmP9TERFHKlx3Ao-zbV35aWsae9PA4qU6ZM_ZCdvc5FNI-nUcTsjp7XgRM44RY_IHxzz5z8QocM8kFVcTarEj1GppJVJ35lGb69adbKIvd5b-Hm2hH3GiNxJf6ysLXAKzc5yZiC-ESzDPPERZV07wGFLWy0Rr9Wf-A1A0VSi0JnqcWzMvcI1xh0liqBqkjfeABp3j68btquLoRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aW6UEThZQJWANpVSWajcqNFOzNg%26client%3Dca-pub-5884294479391638%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110886%3Bcrtbwp%3DZUgV3QAOHucD5-cgAAM1qU5cf6NXsZIvA34d9w%3Bcrtbdata%3D4NbAeJaqZzVJO0pNRBWm7bW5XgG_rxDhbzfCSl6GM_IFS4yzq-hx1Q6lzVbaIVSCzROXPgEhYsTLSaO2QSt8rLG1jy65eF9rWb5Xinp5KK93BpC6jn13UJUfbXDfrXpbDpIFbMWTcE7yS4C8-tvaxvR-QhqaYpiDQ36qNYukeMg3R6Yx3QD3bTetRvjMEZM37PmqZTALJ6dnlkX7BUAS32JoX8L2tCu60%3Badfibeg%3D0%3Bcdata%3D1VHEDmb9gDvGClN2AtZCVC0oRpKsOOAUUy1IRHUoYmOiwowaHd4FRca32qweLNn5_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJSh_lHyf-ArNGXdygC87cYRawzfeVLsd8MegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.xgcartoon.com%3BC%3D1%3Bcpdir%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 22:23:29 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame FFCF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSlJZqeDbCl0A4M9mifb3UBsbt687eq1n402T0sFqZ7lnEzcYcHk5PM1cyINWPTc8VfzumE87DOPcJKAxs3A33mZbeLXJiMeJCoal_mSB1a3PTQeP2og&sig=Cg0ArKJSzBqzh00NQcbcEAE&id=lidar2&mcvt=1002&p=0,0,94,728&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699223005728&rpt=3259&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B432 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaUWtLZykebKsmFBgOr4cbSFRKmP2W776Hlg9oHeZ1rGc_5K_l8vam_BMWUNFHiwdTZnI9jnkAaAr41i7U3YvTyNf4nyE8_olioqwvoK-fk_5iYy0YN_ByVeEH_x_73J612mr-_ceX1Q&sig=Cg0ArKJSzC0D6OgrL7k9EAE&id=lidar2&mcvt=1016&p=0,0,90,728&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699223003422&rpt=5574&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 22:23:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A83 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B432 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4893681659072&version=m202309260101&ct=77&x=1&cor=6496466057992345000
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=293351173276419&bg=!f3ylfDPNAAb4oU7C2KE7ADQBe5WfOKiqU-PdfChYm6jxO3A8kFQ2ecjipnGVgHrd2ivoVc2u-aMZpOOsynwxVdjxF0rGAgAAAJdSAAAADGgBB5kDCz-8Xe4WUu58lqFYm_tV_trfN7G7JOC1YyfH_xSOrP78hkLmqopf1rgg8jZyCVnd1PL3PSvORyRVp18hZRaU3LWdIe3tCG52oyYhKsdW8DF1LyQnq_tHY1IFzjmkaPpJa5YHK9MTojND7QzM1ypjPILi4i_skfQx-P1HMNGc9dRsaZ0Qbb6eCwtmilr11D6LUn6uXWeil2d2HfEt5K9rXY9xX20XDGQ1b35DGQ_tO3zoms4FyOPI1dbJV4J3rsou8_6IbTdORVQWzecQCBPATkVvW_2xLl-GlXlEXjOcAyNIY8wqyiv8r01XEZytv7x90XDMmGrpeoE0KWL_qRuqEdBgbSm5tKor9XYSBqAwOG4aQB6tbCwBD4c36VQC8R3ldWGXvqx0PbbQqur8ZuzUkKwXrOE4Oaz8MtSy6xfGNlfQzdbVxE9ySq3olz4XxXLzpnjoq4b_up7Mh7pfdiYVhDaUB5sZ2VmMNw_sEe627Os9LV22BmmL2OxAImbf5q1TunIqB4u5nK3meWTa9Ta9FJ8Ut1jftvq1VFgJjdGRAIWfbNvDnrvbjyahXOeb_SBPoGfNx6XjXcsniuBZADxiwF_D2yue7LEqadRaDSNA8gOsuLj_lEVXpgPRgvSMTyFuM2fi6IH0f4tByEaMM-9eEwgVVvYP2eW1um5AEw5Cy58g7y6eNajeWUX0wfGEHGqWpjX2JDL0IhPm_gTjJ1u-caCWBDwuPlF4ZngDDWI2aOrYcVgwYyQEe1KV_aifSLGOQ1jNRdGfj1UbT9ISZBdkiHW24LKYvcA35pqnNul3pat8Yave6qond1PtlRnOCw1jej-j8xxsGZj8HzU1pOQ8gvUVxofnICdTplq-ZEiiz5ejI0JB64zthTc5W4fQC3U9Ba1HqoR7j19BsJjnZ5V0QI7FJcprqChXlwUCaTWHZQ8Y5FQycI0jUOIrRLajeuc84G8sDQu7e7G3iDg3Z2uBXOD1VM_AikBSORFWGAAZqOHlRYoEPmRaG-qSkyllsdflVWQpSOIDwUhbfOb4

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter function| FormProxy object| __AMP_EXPERIMENT_BRANCHES number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

19 Cookies

Domain/Path Name / Value
.statcounter.com/ Name: is_unique
Value: sc12916097.1699223001.0
.statcounter.com/ Name: is_visitor_unique
Value: 1699223001352361144
.xgcartoon.com/ Name: _ga
Value: amp-HKXPk2yxaVemTDryFYTUdw
.doubleclick.net/ Name: IDE
Value: AHWqTUnLb2QaZND6Toydx9jYxnfAc3J770jfb4ZgALr8fobwIj_6Zldc4hJqq1XUfX0
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5027232572385880154
.adform.net/ Name: TPC
Value: 1699223004154
.ad-srv.net/ Name: u8x7eovwf3h6_uid
Value: 9592f54104d49a24
.casalemedia.com/ Name: CMID
Value: ZUgV3vUZzSUt7iETHCpwGAAA
.casalemedia.com/ Name: CMPS
Value: 5165
.casalemedia.com/ Name: CMPRO
Value: 5165
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: a47d9fac18cbe256
.awin1.com/ Name: awpv11467
Value: 414915|1699223007|f11172e0-7c29-11ee-bbbe-22643cd2ee20
.awin1.com/ Name: awpv15168
Value: 414915|1699223007|f1196220-7c29-11ee-819e-22341370d01f
.t23.intelliad.de/ Name: iact
Value: 0001743CC76BE85A64BBB5EA17BCBA2CF2D6
.t23.intelliad.de/ Name: iaimp_42842
Value: 1699223007:42842:100:137:101:248:101:202311052223276910005fc963ad29
.onetag-sys.com/ Name: OTP
Value: P3ytt37h3reHDrKt9go7VFcHg-l4VyU5P-UfuFs1DTU
.awin1.com/ Name: AWSESS
Value: 346432:2246412
.openx.net/ Name: i
Value: 92cd52dc-82ec-4ea3-af13-40f6f3ddaa29%7C1699223007

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

056f85800d3feb5e075d960730de96f6.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.ad-srv.net
ad4.ad-srv.net
b1sync.zemanta.com
c.statcounter.com
cdn.ampproject.org
cdn.contentspread.net
cm.g.doubleclick.net
csync.loopme.me
ct.conrad.ch
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e944925a3816d0074430d019f68854ad.safeframe.googlesyndication.com
fksnk.com
fonts.googleapis.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90007.redintelligence.net
image6.pubmatic.com
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s1.adform.net
securepubads.g.doubleclick.net
smartphoto-media.com
static-a.xgcartoon.com
sync.srv.stackadapt.com
t.adx.opera.com
t23.intelliad.de
tg.socdm.com
tm.ad-srv.net
tpc.googlesyndication.com
track.adform.net
www.awin1.com
www.conrad.ch
www.google.com
www.googletagservices.com
www.xgcartoon.com
pagead2.googlesyndication.com
104.18.186.224
104.18.36.155
104.19.241.24
104.20.218.77
124.146.153.164
138.201.63.116
138.201.63.157
142.250.184.234
142.250.185.129
142.250.185.132
142.250.185.161
142.250.185.97
142.250.186.130
142.250.186.162
142.250.186.98
149.126.4.39
169.150.222.217
172.217.18.2
172.67.42.11
174.137.133.49
178.250.1.9
178.63.52.121
18.196.149.165
18.239.94.92
185.64.190.78
216.239.32.36
216.58.212.130
23.212.218.19
3.124.180.80
3.209.243.77
35.214.223.54
35.227.252.103
37.157.5.132
37.157.6.235
5.9.97.176
51.89.9.251
52.95.126.138
54.165.78.186
54.36.108.3
64.74.236.31
82.145.213.8
003010a3e6ea88104543af5d1822bc6d909141a4e1a93b19f941a58f219899f1
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
077b3381c651cdc445e75305bab92a28ddc1b937895c022a05a0ad2912106fa6
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
143146d5ac4dcd5406648a08e604a252793bb691029ff559a78bf36d083adca0
14756aabfacf30057674a848ca8142e04a19471a50d328357b38f186ad644081
1669c6c41574cd50fb5a72a56cd25adc5af06c8bd233c378dde3c87729608177
172a942d596be0c7857dcd1a414a142f9f03ef9de8f053bed92ee2b9e8edf779
20ae49b58fcdbc4b87b4a15b516a94c2dbf26506ead0b52257b2c6c7ad494144
218260ffe3c50d6fb7690b0dc21265bdf6446ed1af49dda7ce3c717c74ad19bf
2478465ebdde44e47e7fc4d25cd5c2077981d09deca6b31c83ab7872a51c8684
24ecabd425cc447b91cca6abe2c7548c76f6d4fd48c74b8eb70a12ecde9ea458
256306bb295af55f0fd7de58d88db2952523220c4a2a3a5ad02aa9a5572b4a17
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2b1f32842fecd33e4e3e6cbe234cb62f4f360b7be9547beab6a340c154a2309f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5c46e1d404df5a4c0813d11cbb826a9c17727aacff600308c27f2fd3c892a4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
389e4f1ff89f753742beb025716b65e12a44787e2e6ff0f4b3294b1635b3c0be
39dd759ff5c50fb31d083cdeae81b5285589827cb3c879ed9fe8feed7dd08f45
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
42a3d7a8440415c60e4266eb3ebab0ccae567cc08ef178fef12cf5f2162442b5
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
46812d66740715283a9aecfc75c69a54d471dee327e46b4e29c8b21207c2f1bc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
49bd6a218c6e55063b6999c8210c83f98153137e07c1aa5f1f90fd61086f8e81
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b76c158c6005abd6c54167ce658b347eefbfffc9b1f902f8e689c95191849a
50bc1a3beec73a1828b3b21774373b5e1642b5209c3679e7bee068c7cbbbb815
5362b061983a3dec0baedadae28c6d9e9f66e20ef90ba320d685a8b235f265e7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6be60f9ff5c2fc31b6e2034aeb2fdd285aea67d5d5aa1b446bbba1ecf1e015d4
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d8c4ab8f33e86389b164b4376cf44158d8a5f5df945f4c56a6927edcd37033f
6e8742ae03925d79d84a260c0e1ea2219b2500d91b9d4f588125bb3961bd5539
73bf38e360808e83c5e94f6089326848f56880e84dc21c7ab1cc538e6f2b83c4
759d98cf1d61c19a6a5ded8a4e97755d72a8f24ad9cf0879b5f6a712e77f55ba
75ca465d4c8ba825da25f5af38b31d784a3850dce7144d4add73df1349eb0b5d
76621d3b2561de39d3266e42c194d7e0265989a375a2e234be586fa227573e8c
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8494573502f6cf8a376a7a1f0f3f19832f4d57dcb18347d69f9fd6046a042349
85573a6de53f35790fe1c2998aca55eca5310e722f470c5f91719b1c9ff75062
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8b17ffe6750907a92daaf889f2a4926827e9b4bdb6a77bb9e936e0991d2908c0
8c85f03903eeda42afd21bff9ff8bd1e89f490a978dfa039d38026d9c90dbb07
8d45fea42302e68727c34abb6eb92d788f146f4acb26ff65c6773f046de213e5
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
93e40d1cb5c4ef1f6164af93482f0de219e6fc9f49aabe553b573fa0264ce45d
95ceb163af22ecb4ed905a6fe5640bdcb154bc5ca7f823c95829db5b467b50b2
9653fe42d47d1d471f3e1677c892c70fdac605e45d395544b6a24c27c92cc8e4
96adb0ae229f20b819192b787901eb778488a32082beaa842897a31920238de1
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c4deb0ddf7a22ecdd92db3a78ad5ff8807f20cf05c8e38ba78de2c1d16c154f
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a64bf3d071c4f93d3cddf4559f949a9680e9078cdb21bedb988498518a126510
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
b11e96c98a2a84684a5ff2dfc56af994fb7e0da5981626c224f5716211a1ed72
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b253d09da81db0d9b9a8d170758dbc8dda22459bff3cd2c9e14e93661b7d1967
b51bfbff380d78710f7164001073a002536c4f865b0c58d08e12b0f4b4c94556
b5fcc301de183d6189abb88d0b048dd908b59fa13b6d51d316bf35b9c007d0d6
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e430617e3c3499b05d805e8efff4ff506476de56642b1afd2e151e5832383c
c79611cc7fe2b721e87aeb185daa9a9f08eae8e929d776e0da3b256ccb849540
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
ceaa50f1a4316ba5429f30846da674961998f39c3f71470c40cfc3c7389b1082
d561570c150c9aafe1cfafa33cf6ba2d203b439ab5840f5e1ab53f8097d34bf0
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
d8f6689ab7feabaedffa7257fd9a62a04fead2c4e3a873a2c8917ab96ca1d58e
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
df02a2ed1c31d76b24404bd12fc04847ed246c2e23e1bc94bbcf1eeb7755c88e
dfc0b47f9e22a2139f61e7a46c93d14c209b829a5e188969de107573296d40d9
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e2d90ec3418d19aa3b77e76054eb71b0fd006122c432bff404a326638e618c64
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c2610483ad8dfa9a594de9b4ef93c9f8b609049e39f53ce0bb54beb7c5c8b8
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
e918d3762f6bcd4bc7669e3961bf26cf6ad8c769e5c29026ceb96d98365ae975
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecdb9f6bf0519534b3288c7436167b5be97fe035efdcd54a5e3f46392c7a167d
ee8f461f86f1dbbfa105111d19fc9ceba508d8f2da478e458e1178727037ae4e
eef55b9245fcae1e36be0d219cac8e117217048f899acc915781e29d651fc5c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3e1c69bdbdac4ee79e459b0bfd68fd8e3fcf42bc8f1c9cabf3ff6e5a7199a9d
f546c150ea872329080fe814d8019b691237b61c8ec23e5a24cae3e1c8033cb3
f87c2c495dfe75b5e3e63dcf69faa5ea9c541ce518b6b244eafd3f0085ba082a
fef81a7e94094d9347717157bc35b7ce499af0d2869daa2f01dac7c9c3a606da
ffc0be0a3433412ac7047d4cf26a985c130599d94d44a8e25ca411dfe53d1bfe