Submitted URL: http://www.toonman.com.pt/
Effective URL: http://toonman.toonstudio.pt/
Submission: On November 24 via api from US — Scanned from DE

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 58 HTTP transactions. The main IP is 87.103.122.210, located in Portugal and belongs to VODAFONE-PT Vodafone Portugal, PT. The main domain is toonman.toonstudio.pt.
This is the only time toonman.toonstudio.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
21 toonstudio.pt
toonman.toonstudio.pt
103 KB
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
287 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
61 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
35 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4672
914 B
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 14109
c.statcounter.com — Cisco Umbrella Rank: 9053
15 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 178
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
695 B
1 theonering.net
www.theonering.net
1 thehobbitfilm.com
img-nex.thehobbitfilm.com
290 B
1 toonman.com.pt
www.toonman.com.pt
597 B
58 13
Domain Requested by
21 toonman.toonstudio.pt www.toonman.com.pt
toonman.toonstudio.pt
9 pagead2.googlesyndication.com toonman.toonstudio.pt
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
8 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.uk pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com toonman.toonstudio.pt
1 www.theonering.net toonman.toonstudio.pt
1 img-nex.thehobbitfilm.com 1 redirects
1 www.toonman.com.pt
58 17

This site contains links to these domains. Also see Links.

Domain
fecoportugal.blogspot.com
face-of-muhammed.blogspot.com
www.thehobbitfilm.com
www.statcounter.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA
2021-11-06 -
2022-12-06
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh

This page contains 8 frames:

Primary Page: http://toonman.toonstudio.pt/
Frame ID: E054C08A86457E293CC9BA75273458E5
Requests: 36 HTTP requests in this frame

Frame: http://toonman.toonstudio.pt/news.htm
Frame ID: 6C8B2C2520BA16B1DED54B25576B6014
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Frame ID: 9ED5D9397DB00F5DC2BAC5BF8089076E
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 0247732AD8F91B63DC8131A9549B53B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 38AD2DED8427FBC581FA422EC6D5224F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&adk=1812271804&adf=3025194257&lmt=1423496688&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&channel=0935991474&format=0x0&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&ea=0&pra=7&wgl=1&dt=1669280429017&bpp=3&bdt=2314&idt=3&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8cc6e768ac828e3d-22e0a30bcecf0031%3AT%3D1669280427%3ART%3D1669280427%3AS%3DALNI_MaY20FuIGk16OKupMRcSsfC_uvp-A&gpic=UID%3D00000b86784256fe%3AT%3D1669280427%3ART%3D1669280427%3AS%3DALNI_MbRYZp4461DrfBiMuk-x3hqr7GQLA&prev_fmts=120x600_as&nras=1&correlator=6433147666386&pv_ch=0935991474%2B&frm=20&pv=1&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&psts=AMjMPc3zthBY_H7fXY7IBW1EzOCqpLpUtJ1cVe8HaFo0b8tUxTFoEg9yygDMrcc4lph6swr-Ir3hs95j2B5OPNtt9g&pvsid=4390966206006260&tmod=1770575987&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=23
Frame ID: 17514BA56A2DB89507189F41989DA9C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 148FD7805DE404FD4A52FBDD37CDDEA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7EB9D2FCA2E992D2210B2782887A452F
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

ToonmaN

Page URL History Show full URLs

  1. http://www.toonman.com.pt/ Page URL
  2. http://toonman.toonstudio.pt/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Page Statistics

58
Requests

57 %
HTTPS

71 %
IPv6

13
Domains

17
Subdomains

14
IPs

4
Countries

554 kB
Transfer

1262 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.toonman.com.pt/ Page URL
  2. http://toonman.toonstudio.pt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • http://img-nex.thehobbitfilm.com/hobbit/banners/hobbithappen_120x90.jpg HTTP 302
  • http://www.theonering.net/hobbit/banners/hobbithappen_120x90.jpg

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.toonman.com.pt/
218 B
597 B
Document
General
Full URL
http://www.toonman.com.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
273
Content-Type
text/html
Date
Thu, 24 Nov 2022 09:00:13 GMT
ETag
"ab6617ba5f1d31:0"
Last-Modified
Mon, 21 May 2018 13:15:02 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Primary Request /
toonman.toonstudio.pt/
9 KB
3 KB
Document
General
Full URL
http://toonman.toonstudio.pt/
Requested by
Host: www.toonman.com.pt
URL: http://www.toonman.com.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5b4ab6de527b658b6d1ece1f9d5818baf09d4cda8135f8934de284490966ddc9

Request headers

Referer
http://www.toonman.com.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
3122
Content-Type
text/html
Date
Thu, 24 Nov 2022 09:00:13 GMT
ETag
"4c653567f44d01:0"
Last-Modified
Mon, 09 Feb 2015 15:44:48 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
bt_indice.jpg
toonman.toonstudio.pt/images/buttons/
1 KB
2 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_indice.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9b2b60933f48e2d66b29814db837bf636f2b0c10e97adc8f08c0c3eecd0849e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"d0ece23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1347
bt_illos.jpg
toonman.toonstudio.pt/images/buttons/
1 KB
2 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_illos.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6bc12d4be8c31a645f50112e6d3bbb0cf994fce70a608715d34938e9784a85e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"d0ece23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1519
bt_story.jpg
toonman.toonstudio.pt/images/buttons/
2 KB
2 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_story.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
03a6b11d2553e69860afb4e6e06d2dc9a933d51f17218d6e08b0bf942bd794e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"f761f23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1674
bt_bd.jpg
toonman.toonstudio.pt/images/buttons/
2 KB
2 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_bd.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
df60223dee6a84b0e11e528ac6d22d25656442abe408d12a29c37e2d7aa56d56

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"8550e23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
2002
bt_cartoon.jpg
toonman.toonstudio.pt/images/buttons/
2 KB
2 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_cartoon.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
774bd82e3a09900c147e0da9ec29bf36e8ad1c87fde3aa3f0f5be5dd4299f919

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"9b77e23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1578
bt_sketch.jpg
toonman.toonstudio.pt/images/buttons/
2 KB
2 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_sketch.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cde1a5e006d72fa2f89b412f76c8c3d83b499df372c0dfc575103d7f2179e3c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"ea3af23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1839
bt_flash.jpg
toonman.toonstudio.pt/images/buttons/
1 KB
1 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_flash.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1a79f508d7cd323949a5dbd7318f0eb4dd559f0ee02b0575bc9179876da0a5d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"a39ee23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1242
bt_caricatures.jpg
toonman.toonstudio.pt/images/buttons/
2 KB
2 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_caricatures.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6cc522243273d6395fa35117411c0166c89e899088f80f03d040348591c19c0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"8550e23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1810
concursos.jpg
toonman.toonstudio.pt/images/buttons/
3 KB
3 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/concursos.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
112498b56b10da77f3ee735aa31757bc8f736505a67634eea3d68f950551c59b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"f761f23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3259
bt_quadros.gif
toonman.toonstudio.pt/images/buttons/
992 B
1 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_quadros.gif
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de2b144e31b03947efae7a8471a541cd3acb34c9aa98444080a0ec3ce93f46be

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"ea3af23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
992
bt_varios.jpg
toonman.toonstudio.pt/images/
26 KB
26 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/bt_varios.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ec0c71897ff665a494f93f228bc982e83ab41177c7a5373fb46feadae7d92858

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"d77fa23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
26217
bt-dodia.jpg
toonman.toonstudio.pt/images/buttons/
2 KB
2 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt-dodia.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f1fe83dcc59f7baaa4f56780ac0ab1a92b5e5a0c145569a3fb415cd409b45261

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"7729e23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
2080
bt_guestbook.jpg
toonman.toonstudio.pt/images/buttons/
3 KB
4 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_guestbook.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f51ecaa1c34f1012a51b38ce31b974665dcecd82eaaee16e55f42614eecad95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"bac5e23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3367
bt_links.jpg
toonman.toonstudio.pt/images/buttons/
1 KB
1 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_links.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ae7d79e88e1be025181a51d0b3832b5fcaf45b6e663c45e9599b74d6fdac4817

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"dd13f23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1211
bt_contacts.jpg
toonman.toonstudio.pt/images/buttons/
2 KB
2 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/buttons/bt_contacts.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ceb4c62e80cc76549b02e9a2e9e4b115aabde271078acf25237c7b6b40ea952

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"9b77e23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1640
titulo.gif
toonman.toonstudio.pt/images/
3 KB
3 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/titulo.gif
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c2928e4526bc4b5a24ee36d4bc369595ae3d533c8a76aacf0d07d625fa541722

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"d3fd23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
3269
fecosite.jpg
toonman.toonstudio.pt/images/
22 KB
22 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/fecosite.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
32a1a762d18b0e4dcfa603ea983fd8eaef984dff07b2210db5f4e773fd7b4ba6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"60b8b23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
22584
supportdenmarksmall2en5oa.png
toonman.toonstudio.pt/images/
4 KB
4 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/supportdenmarksmall2en5oa.png
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a34c8809476cb5016ecab5c73d1bd972d3f04f8c3566287892da39bbb19d3f31

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"d3fd23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3871
hobbithappen_120x90.jpg
www.theonering.net/hobbit/banners/
Redirect Chain
  • http://img-nex.thehobbitfilm.com/hobbit/banners/hobbithappen_120x90.jpg
  • http://www.theonering.net/hobbit/banners/hobbithappen_120x90.jpg
0
0
Image
General
Full URL
http://www.theonering.net/hobbit/banners/hobbithappen_120x90.jpg
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
69.42.193.115 , United States, ASN26404 (ASN-INT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

Location
http://www.theonering.net/hobbit/banners/hobbithappen_120x90.jpg
Date
Thu, 24 Nov 2022 09:00:27 GMT
Server
Apache/1.3.39 (Unix) mod_perl/1.30 mod_gzip/1.3.26.1a
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
show_ads.js
pagead2.googlesyndication.com/pagead/
99 KB
36 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6237a9ac2b6324e41694090872a112c9a29477f62142f2b9c0fe0f0f046e0bbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 09:00:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
7691520533572593399
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
36280
X-XSS-Protection
0
Expires
Thu, 24 Nov 2022 09:00:26 GMT
toon.gif
toonman.toonstudio.pt/images/
11 KB
11 KB
Image
General
Full URL
http://toonman.toonstudio.pt/images/toon.gif
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2406587b088774f7023b3f4b7dfb9ea273d3585809792429c4d3ba12b1ae00b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 24 Nov 2022 09:00:13 GMT
Last-Modified
Wed, 26 Jun 2013 00:57:31 GMT
Server
Microsoft-IIS/10.0
ETag
"1a66d23872ce1:0"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
11368
counter.js
www.statcounter.com/counter/
43 KB
14 KB
Script
General
Full URL
http://www.statcounter.com/counter/counter.js
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 09:00:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
User-Cache-Control
max-age=43200
Age
35739
Transfer-Encoding
chunked
P3P
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 10:19:33 GMT
Server
cloudflare
ETag
W/"aa70-5ee209fecc1b6"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
CF-RAY
76f0f44b89d0925b-FRA
Expires
Thu, 24 Nov 2022 11:04:47 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/
355 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-3158228865694998&plah=toonman.toonstudio.pt
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9707866be52edc480c66c2ba065ba9b9863b5fa86609e3e7eeef94bd4df5bf80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119605
x-xss-protection
0
server
cafe
etag
1968227315973146227
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 09:00:26 GMT
news.htm
toonman.toonstudio.pt/ Frame 6C8B
12 KB
4 KB
Document
General
Full URL
http://toonman.toonstudio.pt/news.htm
Requested by
Host: toonman.toonstudio.pt
URL: http://toonman.toonstudio.pt/
Protocol
HTTP/1.1
Server
87.103.122.210 , Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
fulcro-mail.vodafone.pt
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
13ef673bcd0d28a8be389321185c8cdc1395ce3848f6d12fb2196e6009258529

Request headers

Referer
http://toonman.toonstudio.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
3453
Content-Type
text/html
Date
Thu, 24 Nov 2022 09:00:13 GMT
ETag
"6491871e872ce1:0"
Last-Modified
Wed, 26 Jun 2013 00:57:23 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
t.php
c.statcounter.com/
352 B
649 B
XHR
General
Full URL
https://c.statcounter.com/t.php?sc_project=523756&u1=1F407F25D58C4F7173E805C80B80151C&java=1&security=&sc_snum=1&sess=a8f3c4&sc_rum_e_s=355&sc_rum_e_e=360&sc_rum_f_s=0&sc_rum_f_e=311&p=0&rcat=r&rdom=toonman.com.pt&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//www.toonman.com.pt/&u=http%3A//toonman.toonstudio.pt/&t=ToonmaN&get_config=true
Requested by
Host: www.statcounter.com
URL: http://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e68ac15ab480e5dd825e625b41c6d3a3814601fe2478d31416cefbf1faa287b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
http://toonman.toonstudio.pt
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
76f0f44c3bb65c68-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
393 B
695 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=toonman.toonstudio.pt&callback=_gfp_s_&client=ca-pub-3158228865694998&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-3158228865694998&plah=toonman.toonstudio.pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da6a2bb5694f802c8eee8b2d5e70d4c0a584580a62bb858dcad8e92920500590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
251
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=toonman.toonstudio.pt
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-3158228865694998&plah=toonman.toonstudio.pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=toonman.toonstudio.pt
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-3158228865694998&plah=toonman.toonstudio.pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9ED5
86 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-3158228865694998&plah=toonman.toonstudio.pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df6f1dbc7f1e8e55311dc19af1f9cdeeac06dc30967258a83a1e79fc01b85bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://toonman.toonstudio.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31426
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 09:00:27 GMT
expires
Thu, 24 Nov 2022 09:00:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
174 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8226ac6aff560b562d6cf7a4380b61453b5e858be9974649beaa94862d5e98

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
css
fonts.googleapis.com/ Frame 9ED5
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 09:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 08:57:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 09:00:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9ED5
2 KB
818 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
75912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 11:55:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9ED5
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:28:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
77510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 11:28:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9ED5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 22:28:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
37898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 22:28:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9ED5
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
75912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 11:55:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9ED5
154 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 09:00:27 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame 9ED5
34 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162312
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 11:55:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9ED5
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvTuJqzJ_Y7bVAubDmLAPvsib-APay47AbefaqLi6ENrZHhABIOKM_gFguwagAe788fYCyAEJqAMByAPLBKoE0gFP0LVuGj8ljAOcCuc28m4F4avAiNyfjYYk7AGV1RBUHQMO7oKZkTK82S156ekwh0VgAVyESOV1sJWiSo6J1igiJC2k5d9bCmk9NQ8IXOpLmYjAwE8mzLifybRuamv5J4-lgv4AIN-qJEuiUHUyF36oz0IlJFrpVD8Kr9Gj3WH4bZKO6CD0Nsi1aJyeGx4z2TUDOQAIpALLwybQPdxs91uIjNAjkC9qBeCxynDAbxpI_lgNQ7QeodFF-ONJfzZxKoJd_vXoAJoiYPFPtwxfBrupLSPABLnn1ISFBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf6go6JAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELmqCNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTU4MjI4ODY1Njk0OTk4GAA&sigh=WjcKZiVt7zI&uach_m=[UACH]&cid=CAQSGwDq26N9Vs7N1eFZPTHV35-_YxhrboY2c5WI3hgBIBM&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 24 Nov 2022 09:00:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 09:00:27 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/11726930150270178230/ Frame 9ED5
12 KB
12 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11726930150270178230/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8e92ea17d3bd863fd161f919de525ecbd4b75201a5bd5594199a1c94aa9ce9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 22:03:37 GMT
x-content-type-options
nosniff
age
385010
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12310
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 14:10:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 Nov 2023 22:03:37 GMT
truncated
/ Frame 9ED5
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9ED5
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c85b98717c14681e9402a656461a76063cfbbb34c0afc61efb99c7363db98d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9ED5
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:42:15 GMT
x-content-type-options
nosniff
age
566292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 19:42:15 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9ED5
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 16:44:52 GMT
x-content-type-options
nosniff
age
231335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9ED5
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:40:44 GMT
x-content-type-options
nosniff
age
476383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 20:40:44 GMT
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 0247
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&h=600&adk=1977768934&adf=4222181036&w=120&lmt=1423496688&channel=0935991474&format=120x600_as&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&wgl=1&dt=1669280426857&bpp=12&bdt=155&idt=134&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&correlator=6433147666386&frm=20&pv=2&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1472&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=4390966206006260&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NGa9w2m1oP&p=http%3A//toonman.toonstudio.pt&dtd=149
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 15:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 15:55:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9ED5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6UzDRywne7zlv1azEOe4IHq2H_2ol6CnC5A_0LW31C2jnoXMEM7KwFAUe3STskVsnX43Qcadf56u7gIybBGRHi0-xVCDmFbpLOkcLY5-5QU42hnhq_VmFm7dzyQbwy-78tssoYw&sai=AMfl-YTLoNM8N-o8nHDXnu0bPSWhZc75djM5WxvMNwdJbdNUjlJsR51wPI5nfA3x5IIxFjHJSJP43pM6XKQjSkk&sig=Cg0ArKJSzB7j0wRILr4DEAE&cid=CAQSGwDq26N9Vs7N1eFZPTHV35-_YxhrboY2c5WI3hgBIBM&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1977768934&rs=2&la=0&cr=0&vs=4&r=v&rst=1669280427008&rpt=787&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 09:00:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cb7a564749f2af57c63684b76968dce139d5189760f1cca1a30c7c1307266fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49130
x-xss-protection
0
server
cafe
etag
12012713599059341352
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 09:00:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-3158228865694998&plah=toonman.toonstudio.pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2776521a5ce9e600ec694d9d31d8ae7e09aa71d26adb092b9737d90f0b898bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11178
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-3158228865694998&plah=toonman.toonstudio.pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 09:00:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 38AD
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://toonman.toonstudio.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 10:43:54 GMT
etag
10353107486223812946
expires
Wed, 07 Dec 2022 10:43:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=toonman.toonstudio.pt
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-3158228865694998&plah=toonman.toonstudio.pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=toonman.toonstudio.pt
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-3158228865694998&plah=toonman.toonstudio.pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1751
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158228865694998&output=html&adk=1812271804&adf=3025194257&lmt=1423496688&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&channel=0935991474&format=0x0&url=http%3A%2F%2Ftoonman.toonstudio.pt%2F&ea=0&pra=7&wgl=1&dt=1669280429017&bpp=3&bdt=2314&idt=3&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8cc6e768ac828e3d-22e0a30bcecf0031%3AT%3D1669280427%3ART%3D1669280427%3AS%3DALNI_MaY20FuIGk16OKupMRcSsfC_uvp-A&gpic=UID%3D00000b86784256fe%3AT%3D1669280427%3ART%3D1669280427%3AS%3DALNI_MbRYZp4461DrfBiMuk-x3hqr7GQLA&prev_fmts=120x600_as&nras=1&correlator=6433147666386&pv_ch=0935991474%2B&frm=20&pv=1&ga_vid=1322687638.1669280427&ga_sid=1669280427&ga_hid=1305779365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&psts=AMjMPc3zthBY_H7fXY7IBW1EzOCqpLpUtJ1cVe8HaFo0b8tUxTFoEg9yygDMrcc4lph6swr-Ir3hs95j2B5OPNtt9g&pvsid=4390966206006260&tmod=1770575987&uas=0&nvt=1&ref=http%3A%2F%2Fwww.toonman.com.pt%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-3158228865694998&plah=toonman.toonstudio.pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://toonman.toonstudio.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 09:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 148F
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://toonman.toonstudio.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 08:31:25 GMT
expires
Fri, 24 Nov 2023 08:31:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7EB9
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8310251db649533357483b79f6b7d69383bf39fe8369513e26fb334c0a80bd77
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kcr0_AChVhP2kd27frknnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://toonman.toonstudio.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-kcr0_AChVhP2kd27frknnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 09:00:29 GMT
expires
Thu, 24 Nov 2022 09:00:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 148F
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 15:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 15:55:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7EB9
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=4390966206006260&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 148F
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?o72Wkw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 09:00:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=4390966206006260&bg=!m5ilmNzNAAbvMpMzzzI7ACkAdvg8Wi-gYnQes5pKoC7gEOSBj_3GQ_jdzFtJIuIECLt7QehwJ6x_SwIAAABaUgAAAANoAQcKAKQthlixOhTuCjzCtC5PySyofrqrMuHnrA0eVU8y0-sMzn3hJlOvaHBcik_xoEAgUx8knEO4fgPPkr-XrwLkxBmbrpmax-YesPhO8hA0ZbkfRBaBcekOELUCyVnqIVn0QFx-jdaNCJSJMbbfceSm9t3DiExWRHF60atj3KbjDNZ-6XLopp1qJImRGO2dX9HjGZK7PLw8e_CFfMvdTd_3Ilhh9ovJtJkCmwumzLIqeyqhkjBSQADOVRRsh7Sbmu_xeWpMNdFggh-lT5I9PxSgfES4EGIrY6sx86x7ITrSvmh99FrMuueU_bQ0KXG4XbqS8ws-aP64aRJKMOlYvE42AbzeoXc0xwh4eXICYfrQJDihp_2NF4iZzLd8rwhgdaVrzGwP5dhn5U71j4V4-YFbZnQfo70J_GVR0gcbpGcLcXb9AbLS1HuI9mBZNlcXpGSTbS2L6Ldna1lrDAkr6aGgaTuoI3TXWgaY5PL5iKz6EyOriGIazIcKBzGSVbXzraJFv0KDZSpPWzc25WnwmhPwt8O6Zpx4kkzFmJ5CioJ4q7ZcnU5YbY4Fep9VNH5q4wUEMA6ujBf6KqCmVyNVwlT3ooYfkh6cntIGvrjZS9wIxOpwA7WqyehTQ2WEXEZ4cxgDuIhg8ZmvaIwpEkH6raL9zR9BDYuDNgamCOA0eVdfNfFzmQNP0UphrsnW96OgHDcPTFYCw-PNe6phb3Ges5pSDKmWl5voEsmxYSLnc3Gk5-KaUIwXB4Zbip_QUkERhNc2vmOjSiW_82oaPvmUoMHbO2Nmyo8o24vcrBTFvP7nbUT_bxvkyRhkaK5LM_WM9BXI2CHog6bw71XaTvVblubNcfsDrEcQf3SnGxCeBNpTcWJuYQmziF3Rgbg0w8cW8SUpnAiZ2Y5YPtVCiWMcPGvj1Rxq3bsgBxqHnWf_i9rl65XD2nNVtOvmy7gESSEt8-PGekCInssf5Z_ENc848QwFGJKIJ2TPjO2PhJIkE7sGLq0PQ72u6ELqHlFew2lLre_b_jpGLkYUeV9tRYdBIaPcFM_hh4v64JRx1cmLj3PO0DZsgBYPlTYl3zLIqZKidTtGYZMfC-Q1lOQeD7SoZ4gq-K-eYUY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://toonman.toonstudio.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| google_ad_client object| google_ad_width object| google_ad_height object| google_ad_format object| google_ad_channel object| google_color_border object| google_color_bg object| google_color_link object| google_color_url object| google_color_text object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_slot object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_daaos_ts object| google_erank object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_line object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpi object| easpa object| asntp object| asntpv object| asntpl object| asntpm object| asntpc object| asna object| asnd object| asnp object| asns object| asmat object| asptt object| aspe object| asro object| google_shadow_mode boolean| google_apltlad object| google_sv_map number| sc_project number| sc_invisible number| sc_partition string| sc_security function| _statcounter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| adsbygoogle object| GoogleGcLKhOms number| tmod function| google_spfd number| google_rum_task_id_counter object| google_image_requests

5 Cookies

Domain/Path Name / Value
.toonman.toonstudio.pt/ Name: sc_is_visitor_unique
Value: rx523756.1669280427.1F407F25D58C4F7173E805C80B80151C.1.1.1.1.1.1.1.1.1
.toonstudio.pt/ Name: __gads
Value: ID=8cc6e768ac828e3d-22e0a30bcecf0031:T=1669280427:RT=1669280427:S=ALNI_MaY20FuIGk16OKupMRcSsfC_uvp-A
.toonstudio.pt/ Name: __gpi
Value: UID=00000b86784256fe:T=1669280427:RT=1669280427:S=ALNI_MbRYZp4461DrfBiMuk-x3hqr7GQLA
.statcounter.com/ Name: is_unique
Value: sc523756.1669280426.0
.doubleclick.net/ Name: IDE
Value: AHWqTUmktgX6VQpaI7NJdz8gmSBdGALqRX4zkMroRbZai8IpVW7OXhqoSFEbcOGAIz4

1 Console Messages

Source Level URL
Text
network error URL: http://www.theonering.net/hobbit/banners/hobbithappen_120x90.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
c.statcounter.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img-nex.thehobbitfilm.com
pagead2.googlesyndication.com
partner.googleadservices.com
toonman.toonstudio.pt
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
www.theonering.net
www.toonman.com.pt
104.20.228.67
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
69.42.193.115
69.42.193.119
87.103.122.210
03a6b11d2553e69860afb4e6e06d2dc9a933d51f17218d6e08b0bf942bd794e2
112498b56b10da77f3ee735aa31757bc8f736505a67634eea3d68f950551c59b
13ef673bcd0d28a8be389321185c8cdc1395ce3848f6d12fb2196e6009258529
1a79f508d7cd323949a5dbd7318f0eb4dd559f0ee02b0575bc9179876da0a5d4
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
2406587b088774f7023b3f4b7dfb9ea273d3585809792429c4d3ba12b1ae00b2
2776521a5ce9e600ec694d9d31d8ae7e09aa71d26adb092b9737d90f0b898bdf
2ceb4c62e80cc76549b02e9a2e9e4b115aabde271078acf25237c7b6b40ea952
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a1a762d18b0e4dcfa603ea983fd8eaef984dff07b2210db5f4e773fd7b4ba6
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598
3cb7a564749f2af57c63684b76968dce139d5189760f1cca1a30c7c1307266fb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b4ab6de527b658b6d1ece1f9d5818baf09d4cda8135f8934de284490966ddc9
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6237a9ac2b6324e41694090872a112c9a29477f62142f2b9c0fe0f0f046e0bbc
6bc12d4be8c31a645f50112e6d3bbb0cf994fce70a608715d34938e9784a85e6
6cc522243273d6395fa35117411c0166c89e899088f80f03d040348591c19c0a
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
774bd82e3a09900c147e0da9ec29bf36e8ad1c87fde3aa3f0f5be5dd4299f919
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
8310251db649533357483b79f6b7d69383bf39fe8369513e26fb334c0a80bd77
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
9707866be52edc480c66c2ba065ba9b9863b5fa86609e3e7eeef94bd4df5bf80
9b2b60933f48e2d66b29814db837bf636f2b0c10e97adc8f08c0c3eecd0849e3
9c8226ac6aff560b562d6cf7a4380b61453b5e858be9974649beaa94862d5e98
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a34c8809476cb5016ecab5c73d1bd972d3f04f8c3566287892da39bbb19d3f31
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae7d79e88e1be025181a51d0b3832b5fcaf45b6e663c45e9599b74d6fdac4817
c2928e4526bc4b5a24ee36d4bc369595ae3d533c8a76aacf0d07d625fa541722
c85b98717c14681e9402a656461a76063cfbbb34c0afc61efb99c7363db98d23
cde1a5e006d72fa2f89b412f76c8c3d83b499df372c0dfc575103d7f2179e3c6
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
da6a2bb5694f802c8eee8b2d5e70d4c0a584580a62bb858dcad8e92920500590
de2b144e31b03947efae7a8471a541cd3acb34c9aa98444080a0ec3ce93f46be
df60223dee6a84b0e11e528ac6d22d25656442abe408d12a29c37e2d7aa56d56
df6f1dbc7f1e8e55311dc19af1f9cdeeac06dc30967258a83a1e79fc01b85bf7
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68ac15ab480e5dd825e625b41c6d3a3814601fe2478d31416cefbf1faa287b6
e8e92ea17d3bd863fd161f919de525ecbd4b75201a5bd5594199a1c94aa9ce9f
ec0c71897ff665a494f93f228bc982e83ab41177c7a5373fb46feadae7d92858
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1fe83dcc59f7baaa4f56780ac0ab1a92b5e5a0c145569a3fb415cd409b45261
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f51ecaa1c34f1012a51b38ce31b974665dcecd82eaaee16e55f42614eecad95d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef