www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Submission: On October 02 via manual (October 2nd 2023, 10:07:15 pm UTC) from US — Scanned from CH

Summary HTTP 260 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 38 domains to perform 260 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
14	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::6816:2e93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
70	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
8 36	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4 6	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	23.35.237.56 23.35.237.56	() ()
2	138.201.84.244 138.201.84.244	() ()
4 4	3.71.149.231 3.71.149.231	() ()
21	2a00:1450:400... 2a00:1450:4001:82f::2006	() ()
1 4	138.201.84.252 138.201.84.252	() ()
1 4	138.201.63.149 138.201.63.149	() ()
4	142.250.185.226 142.250.185.226	() ()
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	() ()
2 2	35.186.193.173 35.186.193.173	() ()
1	178.250.7.11 178.250.7.11	() ()
2 2	37.157.4.28 37.157.4.28	() ()
1 1	2600:9000:25e... 2600:9000:25e8:6800:1b:5138:8a40:93a1	() ()
1	70.42.32.255 70.42.32.255	() ()
2 2	35.190.0.66 35.190.0.66	() ()
2 2	13.248.245.213 13.248.245.213	() ()
1 2	51.38.120.206 51.38.120.206	() ()
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edc	() ()
2	2a00:1450:400... 2a00:1450:4001:82a::200a	() ()
2	88.99.69.161 88.99.69.161	() ()
2 2	151.101.66.49 151.101.66.49	() ()
1 1	35.204.74.118 35.204.74.118	() ()
2	52.223.40.198 52.223.40.198	() ()
1 1	35.227.252.103 35.227.252.103	() ()
2 2	216.52.2.86 216.52.2.86	() ()
2 2	52.17.192.80 52.17.192.80	() ()
2 2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	() ()
2 2	52.29.154.74 52.29.154.74	() ()
1 1	85.114.159.93 85.114.159.93	() ()
2	216.58.206.34 216.58.206.34	() ()
260	34

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:2e93 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 142.250.186.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.26.193 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.20 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.237.56 (None, ) 2 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.84.244 (None, )

ASN- ()

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.71.149.231 (None, ) 4 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82f::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.252 (None, ) 1 redirects

ASN- ()

hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.149 (None, ) 1 redirects

ASN- ()

hal90009.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (None, ) 2 redirects

ASN- ()

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:6800:1b:5138:8a40:93a1 (None, ) 1 redirects

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.255 (None, )

ASN- ()

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (None, ) 2 redirects

ASN- ()

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (None, ) 2 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edc (None, )

ASN- ()

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.69.161 (None, )

ASN- ()

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (None, ) 1 redirects

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (None, ) 2 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.192.80 (None, ) 2 redirects

ASN- ()

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (None, ) 2 redirects

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.154.74 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
107	googlesyndication.com 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 ade.googlesyndication.com	1 MB
66	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 ad.doubleclick.net — Cisco Umbrella Rank: 180 googleads4.g.doubleclick.net	222 KB
21	2mdn.net s0.2mdn.net	271 KB
14	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	260 KB
10	redintelligence.net 2 redirects hal9000.redintelligence.net hal900024.redintelligence.net hal90009.redintelligence.net	21 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com — Cisco Umbrella Rank: 680248	449 KB
8	google.com www.google.com — Cisco Umbrella Rank: 11	3 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	457 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026 ssum-sec.casalemedia.com	4 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 360 secure.adnxs.com	4 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com	961 B
4	teads.tv 2 redirects sync.teads.tv	1 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 863 rtb.openx.net	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113 ajax.googleapis.com	65 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com	885 B
2	360yield.com 2 redirects match.360yield.com	812 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	adsrvr.org match.adsrvr.org	297 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	893 B
2	contentspread.net cdn.contentspread.net	67 KB
2	onetag-sys.com 1 redirects onetag-sys.com	489 B
2	3lift.com 2 redirects eb2.3lift.com	953 B
2	travelaudience.com 2 redirects ads.travelaudience.com	906 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com	1011 B
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	584 B
1	simpli.fi 1 redirects um.simpli.fi	714 B
1	createjs.com code.createjs.com	63 KB
1	outbrain.com sync.outbrain.com	145 B
1	smaato.net 1 redirects s.ad.smaato.net	446 B
1	criteo.com dis.criteo.com	363 B
1	quantserve.com cms.quantserve.com	463 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1878	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 12701	469 B
0	loopme.me Failed csync.loopme.me Failed
0	spotxchange.com Failed sync.search.spotxchange.com Failed
260	38

	Domain	Requested by
70	pagead2.googlesyndication.com	2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
36	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
30	tpc.googlesyndication.com	2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.xgcartoon.com pagead2.googlesyndication.com
21	s0.2mdn.net	www.xgcartoon.com s0.2mdn.net googleads.g.doubleclick.net
14	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
13	securepubads.g.doubleclick.net	cdn.ampproject.org 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com www.googletagservices.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
8	www.googletagservices.com	2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com	cdn.ampproject.org
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	googleads4.g.doubleclick.net	www.xgcartoon.com
4	hal90009.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90009.redintelligence.net
4	hal900024.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900024.redintelligence.net
4	ups.analytics.yahoo.com	4 redirects
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	ade.googlesyndication.com
2	pm.w55c.net	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	match.360yield.com	2 redirects
2	ap.lijit.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	cdn.contentspread.net	hal90009.redintelligence.net hal900024.redintelligence.net
2	ajax.googleapis.com	hal90009.redintelligence.net hal900024.redintelligence.net
2	secure.adnxs.com	2 redirects
2	onetag-sys.com	1 redirects googleads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	c1.adform.net	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	rtb.openx.net	1 redirects
1	um.simpli.fi	1 redirects
1	code.createjs.com	s0.2mdn.net
1	sync.outbrain.com	googleads.g.doubleclick.net
1	s.ad.smaato.net	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	ad.doubleclick.net	pagead2.googlesyndication.com
1	fonts.googleapis.com	cdn.ampproject.org
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
0	csync.loopme.me Failed	googleads.g.doubleclick.net
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
260	53

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
contentspread.net R3	`2023-08-24` - `2023-11-22`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 36 frames:

Primary Page: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Frame ID: 3D841EA0FB3A35600CBBD8844F57F84C
Requests: 41 HTTP requests in this frame

Frame: data://truncated
Frame ID: F07B2625B2B5AF0A1B3692BB4C275DB0
Requests: 1 HTTP requests in this frame

Frame: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 9571334BB419718F2F1DD5E774E0AF20
Requests: 13 HTTP requests in this frame

Frame: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 6B8ED2D015FCA60EEA42D0F548E1BBA2
Requests: 11 HTTP requests in this frame

Frame: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 14887804D12545ADD23A600CC8A67D14
Requests: 11 HTTP requests in this frame

Frame: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: BC1EF73FB45B0C45F36FF324AAAA40BF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html
Frame ID: F22EB4C8B5DF2F1336FBCED8DD87F5AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416370&bpp=465&bdt=249&idt=723&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44802209%2C31078363%2C31078297&oid=2&pvsid=674343852142438&tmod=1108981091&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.nh2g25xcfuqc&fsb=1&dtd=816
Frame ID: 1E78F57C88C93C68967D0A712A1F5EEE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005
Frame ID: B603FEB7AAE294F95FEBC025CB4433F0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046729&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416472&bpp=584&bdt=354&idt=1036&shv=r20230928&mjsv=m202309270101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44803491%2C44759876%2C31078258%2C42531706%2C44795922%2C31078273%2C21065725&oid=2&pvsid=550367111497294&tmod=2104231237&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.m8xkzx8ml5rm&fsb=1&dtd=1172
Frame ID: 813214BB94567AA363208801871A743C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046731&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416399&bpp=586&bdt=312&idt=1282&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3296754740&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31077328%2C31078202%2C44801992%2C31078297%2C31078320&oid=2&pvsid=1126824095258659&tmod=870526254&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tebbifqzo4sw&fsb=1&dtd=1367
Frame ID: 0CB48EBEEE6D79222F940747E36C90AF
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNXIQ5P-rI3L01KRmywVIYDnEaei4m3qIgbJ6YJB_l0X9JeEakgsRZ660wGPuHastxFUCzgpsu9dUomXGfYl6Y2wbnugU9M6-fWkwePZB4KZJemRb4QdmEdGC-FKEzjc0rm6-v5V1KlvWzwfqqwHaYYqsI_RV5dK6ABEdfCdFHzZbRURDkQ
Frame ID: F5A28973A5B6A2B4F5935C045764F5BE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNXms1vFFPkAGV-CQEdF1jhdQGbelMRzHC5oSnEzMwMDAkcHBEWgGElw6Fbi9AuRMSDRwkDcOTGBohx2fkBvpMznU8tRRFe9HgSn8qnJDxmjxJsDUTW4cXEnFVMO-83WC1NV0w7QqlA7Y1jhpf__FQAeaRUkG8Jhf9SZYRkXYMFSUdniuxE
Frame ID: 2C872AE1BC9BAB5C689120F928251E81
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhi9hsHjATAB&v=APEucNVdLocKe8ZFBqb8uFsrGqbY4jFVhxJ8GNy-bkjzy4z9fqWVnEmb9hFUcJ5FDlpbGJfA5sFhlWCqJoDSLXiXCi5NvFwBzY4YEnUABQ0_jfFkdI9OFdFosGTz6X26tgjh_lCnhi0SPDJqs_M-JkZW5ximoGvvX7WCBRb47g1lQgokd8vE9_0
Frame ID: 1504A90F3D5F415FD35B0FCC33017029
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: C1BF69D8774FC340CC3A45536DDF04B6
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiVuML1ATAB&v=APEucNWBJdNZb1cG92SS-h2SyjioWmEN16SVLKAqSi0n7_ZrWn2fa3XCmw58qoNB6h7ooNBo1w-2klI3C-t8G2qxMoet6iX3ld7vBi5rXKBZ59xmidTRm_6YcK-hs6SIGnLEN0ioe-ouRcVFTTZMZFq9smVO7-rn4ikrgT4AlN8ROEMm3PjCpZg
Frame ID: A37E4F1F4565E387736E532FB4672148
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2DC4431109760E24F9C0446C0BFD6BC5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8535113565FAA9FF1BDCFD5AAA729B1B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4CCCDC067FB5EABF1E0AB833785BEA5C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 171BD0240EF16B8066A8C4D3172344C6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3C80ED472EFE3329C5E31B5B12566688
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B4FE4CDFD876E7ED00CC6F1258EA9616
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
Frame ID: 1AF3840448E34AC33A340BBB180A6101
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7134276477144658872/index.html?ev=01_250
Frame ID: 36126053731956D1411BBD37FC85C2D9
Requests: 4 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=96537100001314904444552012466009&a=ebf5af1c
Frame ID: 231EF8F66E3A6A430923F1644589676A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A88956E557F3FFF619D99C4C9F78AF3
Requests: 9 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=31322700001547304444552012466024&a=72e44cab
Frame ID: 569E620A9093F5AB8B7C46EBAAF55AE6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CCC8001477AAED5BC37A266EA25B50F0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 380DD2C6F3E074746112A532E70A2E46
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45D29CFA9B8F8A8E68947001CF4E99C6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 942DA7D1480D602AF98040F88936FC0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55DE93F73EBF2EE876E49301D353770E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0CFE3D5F5B132A10E71DB75CF1822020
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A867B6097133B6000B430960E75FA4C9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A9B0AA14C6C2E04D64DA955A343E4EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 706A4086D8426D703E6F6120847C75CE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍼獨步逍遙【國語】免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

260
Requests

85 %
HTTPS

36 %
IPv6

38
Domains

53
Subdomains

34
IPs

4
Countries

3143 kB
Transfer

8243 kB
Size

36
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMa4balXZQQBePjYSHz-S4&google_cver=1

Request Chain 94

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRs-AuVXtGgNPYPT1wiTNAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMa4balXZQQBePjYSHz-S4&google_cver=1

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH7XZUtLCHy297nyXOPCbH8&google_cver=1

Request Chain 96

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELY76ntuZunpYQ593m975sU&google_cver=1

Request Chain 117

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjA5ZmIwOGItMDYxZS0yNzc1LWZhNTUtNmNjM2Y5MGYxYmY4

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEHplsTI6OdQqUzwU5gtWVY0&google_cver=1

Request Chain 119

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjRkODAzYjctZjQ4Yi00NzljLWIzZDAtY2NmM2VhMTNhNjc0

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKD9iCz-zHXGDEvYOqSbwc&google_cver=1

Request Chain 124

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS15T3c5aktORTJ1SEROejhOWkhDUGdzU0M1MndIeXJzNn5B

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKD9iCz-zHXGDEvYOqSbwc&google_cver=1

Request Chain 127

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS15T3c5aktORTJ1SEROejhOWkhDUGdzU0M1MndIeXJzNn5B

Request Chain 150

https://hal900024.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e9c4e53151&subid=&uid=c72e4c185c458d78&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvpVAT8bZdX2I7GYiM0P9Nia2Aim5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCzBz1UuqcsT6oAwHIA5sEqgTwAU_QXl2uNy_l5eVotACSHF3bZYc_LONUrUGLIvvrpixBG2F9EAfU2YqodwkU2r8jtEdG8mGd0Go4U0bL9kXnTdM4Xy4nfA_Rf1yHNwUh2tr-rhLd0szgJM_BAxlQX91pQvnQDvt_GW9HmSbRDcUF0sJvgsK957fQWAvTn50KZF0DQ8UP67qkgbK5xBl1PQLXP7SkC6Fig8AtVJ5B0Beb6pW6EopDSEYRhcnpJg0Uo5oqPm45r-tLR8X0kDsfwXdDEqIM5nP9Qj25qCATS1eVy8W3i1aHNYsOLGeKbc9-9MTPPkhEJrvFjExDUcK7aH7tr8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlfuX8a_YgQMVMQyiAx10rAaLEAEYASAAEgKn_fD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNsIbGpyFAIVxBK4zNDE4TjrwUAhdO8CUMFvaa0jXGnb-b53sFGAE%26sig%3DAOD64_1IpXFu0EJXgAAJ43ilebmH74dAfA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-ADVwgA-k1YwmQybA1ca4_Xp2l83i6pLGeZo2GB6JiRJ9OErDdrVYwllRSNwk7kl3bGQB9flS6HNIIir0unegN3LjRwEK3hd03Fvjbfr1zt9q5bLFRqhIyGvoY1RfkoDjW5Tqh9bWfmHfC5vsY_eo6s9ZwJdUxOAu2l8g6-2SGRxYiB4Lo%26cry%3D1%26dbm_d%3DAKAmf-DxiGJI4jlx-FOzSJ3SMtSKvgH9vj01zjRbNEUb0vl5vyH3iQNHrHiv390OIYMsZE964VjhLbtK-I9OTPLGODC95UPA9K0brcVUnvzmhD0oHegoH4pTE6pvOiWfIve_lKKux1IhFTOT09zhYSgLWxhEaocmKxjoKGMshI21ezpdAEPf9BDTsMvrKw3yPiIgJBXCgiuS8FUv67NAkFkTEsGi06T0tKR07SSi47hJ9OUshW-WbTYFxZ3my9-HKS7LvgBXDbn7thwYEEwmubA-XfUmnDIPRhb9k8URhpZr6GAP5zJgoM4bSA67K6cvSvHzN_2yE0cYOl34nk6TYrmTe3oArRSdVSoczcnW_F7Ld_dB3307CeIsH6SSyUXl0JLqVD50B7Ml3jF5O7VmJAK-XA6zZHdipezThvVv5DDVSpsDUjZri_QNfbIp-nNzJJf6Rpi5ZY7WeKv40bQ_IU_4rhd642SrIgPfhmT_JqRNKP6_Wc6Kf9AdoM_amvHBAbcncEMwB-DgrSQifI1fOU31LncT3JD0CiWHr9y7ef9oGB3ZrAelKXs%26adurl%3D&documentReferer=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=4601939364799&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900024.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e9c4e53151&subid=&uid=c72e4c185c458d78&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvpVAT8bZdX2I7GYiM0P9Nia2Aim5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCzBz1UuqcsT6oAwHIA5sEqgTwAU_QXl2uNy_l5eVotACSHF3bZYc_LONUrUGLIvvrpixBG2F9EAfU2YqodwkU2r8jtEdG8mGd0Go4U0bL9kXnTdM4Xy4nfA_Rf1yHNwUh2tr-rhLd0szgJM_BAxlQX91pQvnQDvt_GW9HmSbRDcUF0sJvgsK957fQWAvTn50KZF0DQ8UP67qkgbK5xBl1PQLXP7SkC6Fig8AtVJ5B0Beb6pW6EopDSEYRhcnpJg0Uo5oqPm45r-tLR8X0kDsfwXdDEqIM5nP9Qj25qCATS1eVy8W3i1aHNYsOLGeKbc9-9MTPPkhEJrvFjExDUcK7aH7tr8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlfuX8a_YgQMVMQyiAx10rAaLEAEYASAAEgKn_fD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNsIbGpyFAIVxBK4zNDE4TjrwUAhdO8CUMFvaa0jXGnb-b53sFGAE%26sig%3DAOD64_1IpXFu0EJXgAAJ43ilebmH74dAfA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-ADVwgA-k1YwmQybA1ca4_Xp2l83i6pLGeZo2GB6JiRJ9OErDdrVYwllRSNwk7kl3bGQB9flS6HNIIir0unegN3LjRwEK3hd03Fvjbfr1zt9q5bLFRqhIyGvoY1RfkoDjW5Tqh9bWfmHfC5vsY_eo6s9ZwJdUxOAu2l8g6-2SGRxYiB4Lo%26cry%3D1%26dbm_d%3DAKAmf-DxiGJI4jlx-FOzSJ3SMtSKvgH9vj01zjRbNEUb0vl5vyH3iQNHrHiv390OIYMsZE964VjhLbtK-I9OTPLGODC95UPA9K0brcVUnvzmhD0oHegoH4pTE6pvOiWfIve_lKKux1IhFTOT09zhYSgLWxhEaocmKxjoKGMshI21ezpdAEPf9BDTsMvrKw3yPiIgJBXCgiuS8FUv67NAkFkTEsGi06T0tKR07SSi47hJ9OUshW-WbTYFxZ3my9-HKS7LvgBXDbn7thwYEEwmubA-XfUmnDIPRhb9k8URhpZr6GAP5zJgoM4bSA67K6cvSvHzN_2yE0cYOl34nk6TYrmTe3oArRSdVSoczcnW_F7Ld_dB3307CeIsH6SSyUXl0JLqVD50B7Ml3jF5O7VmJAK-XA6zZHdipezThvVv5DDVSpsDUjZri_QNfbIp-nNzJJf6Rpi5ZY7WeKv40bQ_IU_4rhd642SrIgPfhmT_JqRNKP6_Wc6Kf9AdoM_amvHBAbcncEMwB-DgrSQifI1fOU31LncT3JD0CiWHr9y7ef9oGB3ZrAelKXs%26adurl%3D&documentReferer=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=4601939364799&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 151

https://hal90009.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=a3751caf48&subid=&uid=2cabc8262947220a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh4edAT8bZfOTFsqQiM0P14GDeKblvaBp7Y2cp8kP8C4QASDTy84wYJUCyAEJqQLMHPVS6pyxPqgDAcgDmwSqBPABT9DgOoxYjOuSgbHmfFQz4uVvmG6YBz8EoOpKtvUsqnvzSbOHvW52u-1VLXvwGYQGWeDbqLLif60-yJbMgC5QbRiWih-iba-6W0lBKclwjrmACbEewXhbWn4TGx47SLLVZggiyVrpg3hO33-iQePcTCpj1mqmqh8DDpnkh7hxbFIMsjPERCsNlvUXuaNjyV01siN5z2HDnO56RIw8w9yQ_hqxoRRzmkeFStB3XxqYgi3vloODoOyMUkb6qHSwKylkEUjjzPq50oaswj25rO7habjOHBGgLou5VUS723ARsVerXad0vcUf4OIibcoES-MlwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIs5iK8a_YgQMVSgiiAx3XwAAPEAEYASAAEgK3B_D_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmsXJCVo9Ac-Saw2b0AoumTGbZKwxsCjwWgdl_dkI4WlgTU73GAE%26sig%3DAOD64_3M-gNpTiliXhRYAdNT2boDzqhDwQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-BWiiszezRl0ffRA1mAAg4mnOiw_2m1Rqq7ZGYOShdHE5hXkfd4fpav0Z6vQ1Phl7qvj28oDmzal-CFOHFmDql7ZWCqXwpDI41sQFfjBTecJ1O8gbAIuOZpJqRCe0dMje7YOZnYUrjrb-wfsnwSPqG_2mWxdIvVPL5cZO96Y61tW0FZbfE%26cry%3D1%26dbm_d%3DAKAmf-AzfVWzqHpz_3LRjDZtOgw9wNLA6kasUblq1iItCNX6Cmv_7ptLkwOuYxpVnrciEJmDAJPpBNkRFrwQ7BXAS_I-IpEYiOFZzV6pLARaaUc64xwg7IlZMTjhWt3X-qE8KYnktfwFDHcKpZgxT8uFx5Vz_-A_lv9iuKBp1iipS5Wk2VUrH_eLHIO6LhHGyg0GbsNHAxfvzq1TtGWRMAu-WfvbcH34GUq3cMQW_FT_O3siRrKrsSVONTAHNHhtg9M7Ata2ktZM4rz1ly8QIVLLwtb5wu0lN-1pOoj95jX_D1WHM78PrYecR4NNHY1o7aTZ1eB_LUpQ-cTnZXVkIDTMUU1lvGxUR_ZmOWZGU81_DDebiGWxWWJZEgXhKLpuAueGu0cbLjqFQR0qKkUIczFSs386tOXc9fPXC0P8AYujE6Ruo8JNkz4NcfimHH8KZS-i_uXvasLFVpJAL-Uv_OgTrggghIvwoC3EpHaJBmxaoISsMRgJHC89s03IbuI3SrW037n3C9MG1TJrIcMmByyq3xbWR6XywvzotdWFBUn6BHIODZbgauM%26adurl%3D&documentReferer=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3057491656808&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90009.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=a3751caf48&subid=&uid=2cabc8262947220a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh4edAT8bZfOTFsqQiM0P14GDeKblvaBp7Y2cp8kP8C4QASDTy84wYJUCyAEJqQLMHPVS6pyxPqgDAcgDmwSqBPABT9DgOoxYjOuSgbHmfFQz4uVvmG6YBz8EoOpKtvUsqnvzSbOHvW52u-1VLXvwGYQGWeDbqLLif60-yJbMgC5QbRiWih-iba-6W0lBKclwjrmACbEewXhbWn4TGx47SLLVZggiyVrpg3hO33-iQePcTCpj1mqmqh8DDpnkh7hxbFIMsjPERCsNlvUXuaNjyV01siN5z2HDnO56RIw8w9yQ_hqxoRRzmkeFStB3XxqYgi3vloODoOyMUkb6qHSwKylkEUjjzPq50oaswj25rO7habjOHBGgLou5VUS723ARsVerXad0vcUf4OIibcoES-MlwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIs5iK8a_YgQMVSgiiAx3XwAAPEAEYASAAEgK3B_D_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmsXJCVo9Ac-Saw2b0AoumTGbZKwxsCjwWgdl_dkI4WlgTU73GAE%26sig%3DAOD64_3M-gNpTiliXhRYAdNT2boDzqhDwQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-BWiiszezRl0ffRA1mAAg4mnOiw_2m1Rqq7ZGYOShdHE5hXkfd4fpav0Z6vQ1Phl7qvj28oDmzal-CFOHFmDql7ZWCqXwpDI41sQFfjBTecJ1O8gbAIuOZpJqRCe0dMje7YOZnYUrjrb-wfsnwSPqG_2mWxdIvVPL5cZO96Y61tW0FZbfE%26cry%3D1%26dbm_d%3DAKAmf-AzfVWzqHpz_3LRjDZtOgw9wNLA6kasUblq1iItCNX6Cmv_7ptLkwOuYxpVnrciEJmDAJPpBNkRFrwQ7BXAS_I-IpEYiOFZzV6pLARaaUc64xwg7IlZMTjhWt3X-qE8KYnktfwFDHcKpZgxT8uFx5Vz_-A_lv9iuKBp1iipS5Wk2VUrH_eLHIO6LhHGyg0GbsNHAxfvzq1TtGWRMAu-WfvbcH34GUq3cMQW_FT_O3siRrKrsSVONTAHNHhtg9M7Ata2ktZM4rz1ly8QIVLLwtb5wu0lN-1pOoj95jX_D1WHM78PrYecR4NNHY1o7aTZ1eB_LUpQ-cTnZXVkIDTMUU1lvGxUR_ZmOWZGU81_DDebiGWxWWJZEgXhKLpuAueGu0cbLjqFQR0qKkUIczFSs386tOXc9fPXC0P8AYujE6Ruo8JNkz4NcfimHH8KZS-i_uXvasLFVpJAL-Uv_OgTrggghIvwoC3EpHaJBmxaoISsMRgJHC89s03IbuI3SrW037n3C9MG1TJrIcMmByyq3xbWR6XywvzotdWFBUn6BHIODZbgauM%26adurl%3D&documentReferer=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3057491656808&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 156

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB6e5wbF1lSizAdyrhVQm90&google_cver=1&google_push=AXcoOmRqx_kEMychL05HDhUcCaXmlU4MA-W1iXYIm2bhWCYzfKuKWbqD_5jpLI2wh2-v2QQw6trpz8atFkKQ0eL8HbbZjqZhB0IL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU3NTY2OTk3ODQ4ODEzMjkyMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB6e5wbF1lSizAdyrhVQm90&google_cver=1

Request Chain 158

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELfyAGLxFrJ2_QhzAB4w_VY&google_cver=1&google_push=AXcoOmRwXOKLxqGmXrN_jve0Zr59tpBV431Q6MQIexZnQtAhDHrbG3ghXcHy0SpmGZm2PT9fZMDtYCp6lv2oMDRnDHizasug8QZl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRwXOKLxqGmXrN_jve0Zr59tpBV431Q6MQIexZnQtAhDHrbG3ghXcHy0SpmGZm2PT9fZMDtYCp6lv2oMDRnDHizasug8QZl&google_hm=GRSCq_tjTruRp-KzphO7vhY

Request Chain 160

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECYfGS8i8EzeA_F4DPjGNBc&google_cver=1&google_push=AXcoOmTFhB91BUdMflr_YAjJ12jyxJ8SEvmUZvdSnr7EQhiB9nB6of119eNxx0XGWhFVNiVxhQE8gXWsCbAHxm1PqT5EeW6eFxI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECYfGS8i8EzeA_F4DPjGNBc&google_cver=1&google_push=AXcoOmTFhB91BUdMflr_YAjJ12jyxJ8SEvmUZvdSnr7EQhiB9nB6of119eNxx0XGWhFVNiVxhQE8gXWsCbAHxm1PqT5EeW6eFxI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM4Mjk2ODg4NzkwNjMzNjI4Mw&google_push=AXcoOmTFhB91BUdMflr_YAjJ12jyxJ8SEvmUZvdSnr7EQhiB9nB6of119eNxx0XGWhFVNiVxhQE8gXWsCbAHxm1PqT5EeW6eFxI

Request Chain 161

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_cver=1&google_push=AXcoOmSALzrWOWlv2BVo7hV9Qp1xbsSpoHTYZci-EiMYegic0ZcCgfxmn1nXim1NSLjCuKBq0qa1YObQjw8wzWbnaUE1gcpm8Xgr HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_hm=ZRs_AuVXtGgNPYPT1wiTNAAABJ8AAAAB&google_nid=index&google_push=AXcoOmSALzrWOWlv2BVo7hV9Qp1xbsSpoHTYZci-EiMYegic0ZcCgfxmn1nXim1NSLjCuKBq0qa1YObQjw8wzWbnaUE1gcpm8Xgr

Request Chain 162

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJw6Ukmke8AC9dAZcLp8TsE&google_cver=1&google_push=AXcoOmRpmmkpmCIszvoOrVboh5OxYEKbR2aG75ao3CgU04VutpgyXKSfY49_e8ka5Ucb14p3yembwqIld0ABgukU7OJr1TJumu0K HTTP 302
https://sync.outbrain.com/cookie-sync?p=smaato&uid=0810b101f0&gdpr=0&gdpr_consent=

Request Chain 164

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELfyAGLxFrJ2_QhzAB4w_VY&google_cver=1&google_push=AXcoOmTlXMjL2u4UMk5OSJVgcPlIn65afmMXI3HsEoMNHrOKfx-fXzVOXBcQgQNFpbdSd8WypOzgdTKzYSV2Z_O9JwULx0P4ZbBY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTlXMjL2u4UMk5OSJVgcPlIn65afmMXI3HsEoMNHrOKfx-fXzVOXBcQgQNFpbdSd8WypOzgdTKzYSV2Z_O9JwULx0P4ZbBY&google_hm=p3Ya500CQJavdYrYkVZNzhY

Request Chain 165

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJ9eF7CbfPZg__R6v-EtTe8&google_cver=1&google_push=AXcoOmSKmcDeD3pTgGkUdTWKZVxWsV8thRDvo5weP5HPi6LGQ-T1MNYRhsgjx_GRGmoQW3HPuray-AFjr35AdoKHnUuE_nq1Cr6h HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ns6KKSOlRpUxAcAixJbE6Q&google_push=AXcoOmSKmcDeD3pTgGkUdTWKZVxWsV8thRDvo5weP5HPi6LGQ-T1MNYRhsgjx_GRGmoQW3HPuray-AFjr35AdoKHnUuE_nq1Cr6h

Request Chain 166

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELXi6sHDVOc7o74MXVouTNc&google_cver=1&google_push=AXcoOmS3EjIFCq25LKiBME10_UvqFR2IH2mU9Hy9142r5br1CigOpAGv3rpRi3IN1gShVPAucR02THr7RldgUQy5IQzsxvQxVuUr HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS3EjIFCq25LKiBME10_UvqFR2IH2mU9Hy9142r5br1CigOpAGv3rpRi3IN1gShVPAucR02THr7RldgUQy5IQzsxvQxVuUr&google_gid=CAESELXi6sHDVOc7o74MXVouTNc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ3NTQ0MzI5ODk4OTg3MDkxNDEwOA%3D%3D&google_push=AXcoOmS3EjIFCq25LKiBME10_UvqFR2IH2mU9Hy9142r5br1CigOpAGv3rpRi3IN1gShVPAucR02THr7RldgUQy5IQzsxvQxVuUr

Request Chain 167

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELsrUKdTX6-TS0BD5kSZ3e0&google_cver=1&google_push=AXcoOmTGFAdBISLI4fP3qYH9uGqP_AYpSpwN5PXmatFAP15e18qNc9eDPvKQcLcU50ew8kmcautNWJvfhYZMa1fp28WdV8YwjRJ3Rw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGFAdBISLI4fP3qYH9uGqP_AYpSpwN5PXmatFAP15e18qNc9eDPvKQcLcU50ew8kmcautNWJvfhYZMa1fp28WdV8YwjRJ3Rw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 168

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJu97tel1VKHZ1E0W26LHAw&google_cver=1&google_push=AXcoOmTtMj9LL1D-kwcn8_6gxf9rp4VnztXAIcjHpv4g2QoqK9tDbqlfvNQ45dIl9OFgngfdhRVmeNPIBuYxD6ZSsP1tKhBb4dwPJQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YjRkODAzYjctZjQ4Yi00NzljLWIzZDAtY2NmM2VhMTNhNjc0&google_push=AXcoOmTtMj9LL1D-kwcn8_6gxf9rp4VnztXAIcjHpv4g2QoqK9tDbqlfvNQ45dIl9OFgngfdhRVmeNPIBuYxD6ZSsP1tKhBb4dwPJQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 169

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmTK0jpVyd0o8RGErt2R-3ogRUmGfnn_b59l3bDydj2QGq7e1hAVZAeFE-woTZUMcpPvrWhUsKY-l_3UE7ZBabInA7liQgBudQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmTK0jpVyd0o8RGErt2R-3ogRUmGfnn_b59l3bDydj2QGq7e1hAVZAeFE-woTZUMcpPvrWhUsKY-l_3UE7ZBabInA7liQgBudQ

Request Chain 190

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESED-Oj1yRurj03awpCwf0zHA&google_cver=1&google_push=AXcoOmQgwhrLYay8hIZllPbTs2JxMFAE3qz3QQfMbeGQr0K88rbgz5aB4tEGV7NtLISw-R3XIT7WtUhT0qURXsV3UIGf3NrM6bSCXg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED-Oj1yRurj03awpCwf0zHA&google_push=AXcoOmQgwhrLYay8hIZllPbTs2JxMFAE3qz3QQfMbeGQr0K88rbgz5aB4tEGV7NtLISw-R3XIT7WtUhT0qURXsV3UIGf3NrM6bSCXg

Request Chain 191

https://um.simpli.fi/gp_match?google_gid=CAESEL2Kmd2PO6RRUl0-11ADnsQ&google_cver=1&google_push=AXcoOmQ8FQgNiAFQj6sboocQgr_lkDP-Xjmd6dYWBEvAAkI0kPT4QYAR9sLQ1_jmXvrY65uTtGOD0qts7BwmVWsCf7TATo3iclJG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7C893F04B3F44E2EB53E55DD4AC4CF3A&google_push=AXcoOmQ8FQgNiAFQj6sboocQgr_lkDP-Xjmd6dYWBEvAAkI0kPT4QYAR9sLQ1_jmXvrY65uTtGOD0qts7BwmVWsCf7TATo3iclJG

Request Chain 193

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJ9eF7CbfPZg__R6v-EtTe8&google_cver=1&google_push=AXcoOmSkz-884LIs-7nm6PKQ5kBcc3NuLnlSIPnW04IAyuF88xnjd9CB6nC10l4V2Ft8gosWUK01ieWohrl8rW5kaC6XtiLdbNZZwA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ns6KKSOlRpUxAcAixJbE6Q&google_push=AXcoOmSkz-884LIs-7nm6PKQ5kBcc3NuLnlSIPnW04IAyuF88xnjd9CB6nC10l4V2Ft8gosWUK01ieWohrl8rW5kaC6XtiLdbNZZwA

Request Chain 194

https://rtb.openx.net/sync/dds?google_gid=CAESEC1DoqRYEOzgxkDvaeSroPM&google_cver=1&google_push=AXcoOmRMgQ-vCjB0SoVjid6PaGEJqJJDl-fnPNXQ93IXh8mNA00JVtrU2TtJ0AInsDEbS-Ax1BIwH_N57d-vArqDD9JMjPoLuIDpOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRMgQ-vCjB0SoVjid6PaGEJqJJDl-fnPNXQ93IXh8mNA00JVtrU2TtJ0AInsDEbS-Ax1BIwH_N57d-vArqDD9JMjPoLuIDpOA&google_hm=Q6bpfWbvwP8JwXrN4PTvIg==

Request Chain 195

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN5xbSMRB_DolOpHG1DyfB0&google_cver=1&google_push=AXcoOmTsiYBa4OqpVBINBSjPWjYeZ0KblxUmaAdjv-VOymrJ42OLMfkmPRx-yS3C5f6a67c7rj2bMduisj75sl524s1kuF3ofGb6rg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN5xbSMRB_DolOpHG1DyfB0&google_cver=1&google_push=AXcoOmTsiYBa4OqpVBINBSjPWjYeZ0KblxUmaAdjv-VOymrJ42OLMfkmPRx-yS3C5f6a67c7rj2bMduisj75sl524s1kuF3ofGb6rg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTsiYBa4OqpVBINBSjPWjYeZ0KblxUmaAdjv-VOymrJ42OLMfkmPRx-yS3C5f6a67c7rj2bMduisj75sl524s1kuF3ofGb6rg&google_hm=Ha7vsGZHZMxLK6-HQcOJhSem

Request Chain 196

https://match.360yield.com/match/ebda?google_gid=CAESEL0_BrtcKhsV6boFw5RGIEU&google_cver=1&google_push=AXcoOmSsEBz0YPwgyP3UTV7oJfmguc7cUdlxQWEevqn7ZF80v5kMZ8D3RjTySJ9RkoH393lWwbfU21AhZ8Yy__PXgaTvm8BaMiolUg HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEL0_BrtcKhsV6boFw5RGIEU&google_cver=1&google_push=AXcoOmSsEBz0YPwgyP3UTV7oJfmguc7cUdlxQWEevqn7ZF80v5kMZ8D3RjTySJ9RkoH393lWwbfU21AhZ8Yy__PXgaTvm8BaMiolUg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=AdB3Lg18QOmS7UXC-ldTkg&google_push=AXcoOmSsEBz0YPwgyP3UTV7oJfmguc7cUdlxQWEevqn7ZF80v5kMZ8D3RjTySJ9RkoH393lWwbfU21AhZ8Yy__PXgaTvm8BaMiolUg

Request Chain 201

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDXNO7LG6_sMRYLbrqxXWLw&google_cver=1&google_push=AXcoOmT07csRckdbLcFX9VXn8NXKclpLVaydAg-IBmEGt-1RusmBKksL2LeA_dqAjp05V1SOqZIeLRfI7erUWDmbem-nTIQ1jj5x HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=15acd3e2a9811734&is_secure=true&networkId=14000&version=1&google_gid=CAESEDXNO7LG6_sMRYLbrqxXWLw&google_cver=1&google_push=AXcoOmT07csRckdbLcFX9VXn8NXKclpLVaydAg-IBmEGt-1RusmBKksL2LeA_dqAjp05V1SOqZIeLRfI7erUWDmbem-nTIQ1jj5x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIPlZxvAlsiAN1DmL9AAAAAAA&expiration=1696370821&google_cver=1&is_secure=true&google_gid=CAESEDXNO7LG6_sMRYLbrqxXWLw&google_push=AXcoOmT07csRckdbLcFX9VXn8NXKclpLVaydAg-IBmEGt-1RusmBKksL2LeA_dqAjp05V1SOqZIeLRfI7erUWDmbem-nTIQ1jj5x

Request Chain 202

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFUurlF-2W5FncU9l5EYStE&google_cver=1&google_push=AXcoOmSvKLE0vb9VIgBPWmbyuH2Cy6ZJnPLaf-UPs4smuObHgfjHMFsCipvT1Tux_9EKdmR5IyqaNosxdVB-ludygZ1-8ea29zE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFUurlF-2W5FncU9l5EYStE&google_cver=1&google_push=AXcoOmSvKLE0vb9VIgBPWmbyuH2Cy6ZJnPLaf-UPs4smuObHgfjHMFsCipvT1Tux_9EKdmR5IyqaNosxdVB-ludygZ1-8ea29zE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWVIN2hqSDgxUU5yNDk1&google_gid=CAESEFUurlF-2W5FncU9l5EYStE&google_cver=1&google_push=AXcoOmSvKLE0vb9VIgBPWmbyuH2Cy6ZJnPLaf-UPs4smuObHgfjHMFsCipvT1Tux_9EKdmR5IyqaNosxdVB-ludygZ1-8ea29zE

Request Chain 203

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESED-Oj1yRurj03awpCwf0zHA&google_cver=1&google_push=AXcoOmSnVNxE2osSj1QFqKMM6kPurN0vipq9d-RArFVAjCcxYun9Pm2BAcCZxr4o7qtbww9aAbL9GHKpgpm_GetGEVUGMoSU67KY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED-Oj1yRurj03awpCwf0zHA&google_push=AXcoOmSnVNxE2osSj1QFqKMM6kPurN0vipq9d-RArFVAjCcxYun9Pm2BAcCZxr4o7qtbww9aAbL9GHKpgpm_GetGEVUGMoSU67KY

Request Chain 205

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBWVksPE0xRZ8lsVSMaPA8Y&google_cver=1&google_push=AXcoOmQaxKD8kofkUvAnzHmOgd2SUXCEzwjwFqNEk1tRVTY6k3_fBHXKkCxxZ-pzOW2VhhPwEU6n7eFQ3F1OI5sVzsI8SnNHVG8W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NTQ4NjExMjkyNDQzMjUzNQ%3D%3D&google_push=AXcoOmQaxKD8kofkUvAnzHmOgd2SUXCEzwjwFqNEk1tRVTY6k3_fBHXKkCxxZ-pzOW2VhhPwEU6n7eFQ3F1OI5sVzsI8SnNHVG8W

Request Chain 206

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_cver=1&google_push=AXcoOmTIu1z-IJV4LtQ1k1_3rZA79vVDy807kWZ2O0PB-ssEVWrYpILp3gW-CrIU8t9QLHW2Pvo4YfZ5O_MkUNKTudxaES6dy1w0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_hm=ZRs_AuVXtGgNPYPT1wiTNAAABJ8AAAAB&google_nid=index&google_push=AXcoOmTIu1z-IJV4LtQ1k1_3rZA79vVDy807kWZ2O0PB-ssEVWrYpILp3gW-CrIU8t9QLHW2Pvo4YfZ5O_MkUNKTudxaES6dy1w0

Request Chain 207

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmQFKk_HipAhYQRWgvtIW_coDW6M_6uwTpK4W6Fi5dr_vor9IQiD8IQhy9c5mvcTuG5PlfilxrtmPxXitAfIsjXYFAz8zEFNbQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmQFKk_HipAhYQRWgvtIW_coDW6M_6uwTpK4W6Fi5dr_vor9IQiD8IQhy9c5mvcTuG5PlfilxrtmPxXitAfIsjXYFAz8zEFNbQ

260 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request dubuxiaoyaoguoyu-shizherufeng Show response
www.xgcartoon.com/detail/ 187 KB
27 KB 1016ms
459ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4a68bb2259e2d754e0bc912953f8cd2b14e9f1b55a46811273f2c9ca00e24833

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 02 Oct 2023 22:06:52 GMT
etag: "2ed74-tgLETsyttnsj/A76qAYNOOMHuUw"
expires: Mon, 02 Oct 2023 22:07:52 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
71 KB 225ms
101ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 22:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73010
x-xss-protection: 0
server: sffe
etag: "b44d49b4390daba4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Oct 2023 22:06:53 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 258ms
135ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6f226bf73d309afec0f8136aadcd4c31a5fb38158edc76f2be201529cea88e4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 22:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23140
x-xss-protection: 0
server: sffe
etag: "f5b07adb469547c2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Oct 2023 22:06:53 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
10 KB 162ms
56ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1305d7baebcaaca830bdaa875d69c9ffaf511c107d90d6c94d505589d6dc67

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 22:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9433
x-xss-protection: 0
server: sffe
etag: "b14eeeba16ce92c6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Oct 2023 22:06:53 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 192ms
88ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94c849575fe72d56d0355d4e41ce8eab134584f902f1e6e6e929c6b5c73e0f1b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 22:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14981
x-xss-protection: 0
server: sffe
etag: "a6229935c5b0422a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Oct 2023 22:06:53 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 169ms
66ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3fe2201aeda9050d5a049b03528e35c36bc20298f05b3e5e2a3574c385b683d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 22:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15378
x-xss-protection: 0
server: sffe
etag: "3b480126f8007a6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Oct 2023 22:06:53 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 232ms
129ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b99ee275208ffdee7bbd9fdaade2698a3709c3fd608d82d9670ecdc7e05d132d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 22:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4743
x-xss-protection: 0
server: sffe
etag: "603c8b5d2fa04c60"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Oct 2023 22:06:53 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 112ms
82ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefd5bd9a30367cb1a5e8dc7168f1515a31a53786b415865c867c221c74b5ace

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 22:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10347
x-xss-protection: 0
server: sffe
etag: "a73f5bd113ba16d2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Oct 2023 22:06:53 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 119ms
89ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b22b527a652c53284f5339711a08c2ef2667565d35c09e38f835593e2fdea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 22:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32178
x-xss-protection: 0
server: sffe
etag: "ecb8b9e35f89310d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Oct 2023 22:06:53 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 239ms
239ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:53 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Mon, 02 Oct 2023 22:09:53 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
469 B 248ms
173ms Image
image/gif 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 810041526efd0e83-MXP
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dubuxiaoyaoguoyu-shizherufeng.jpg
static-a.xgcartoon.com/cover/ 131 KB
131 KB 1371ms
1152ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/dubuxiaoyaoguoyu-shizherufeng.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7658953af1a4915cf3f00fc60222b31f77c1fcaaded47fe31af741d737be720d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:55 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 06:51:39 GMT
server: cloudflare
etag: "EA07FCCCEB37CF5D2D1F3E958E087722"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 810041564e48babe-MXP
content-length: 134016
expires: Tue, 03 Oct 2023 14:18:07 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 247ms
247ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:54 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Mon, 02 Oct 2023 22:09:54 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 247ms
247ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:54 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Mon, 02 Oct 2023 22:09:54 GMT

GET
H2 200 wushenzhuzaiguoyu-anmoshi.jpg
static-a.xgcartoon.com/cover/ 77 KB
77 KB 692ms
475ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wushenzhuzaiguoyu-anmoshi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99db5858d2cda685ace6e29d6ba6fecc637373137069dc6d8f42bc431171cb49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:54 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 23:09:12 GMT
server: cloudflare
etag: "7CC554C341BA29D52F3F3D2AA574BA31"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 810041564e4ababe-MXP
content-length: 79092
expires: Wed, 04 Oct 2023 09:37:57 GMT

GET
H2 200 douluodaluguoyu-tangjiasanshao.jpg
static-a.xgcartoon.com/cover/ 49 KB
49 KB 1165ms
949ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/douluodaluguoyu-tangjiasanshao.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31501eb658d9ad7b1f7ab3beb76ac12347a7e754a054369de1ce77240b1c2b39

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:55 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 09:54:58 GMT
server: cloudflare
etag: "9FA20DF464396AA98B797D1945FAFA34"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 810041564e4bbabe-MXP
content-length: 49680
expires: Wed, 04 Oct 2023 05:31:01 GMT

GET
H2 200 doupocangqiongnianfanguoyu-tiancantudou.jpg
static-a.xgcartoon.com/cover/ 76 KB
76 KB 314ms
99ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/doupocangqiongnianfanguoyu-tiancantudou.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e8d27de84af51f0b58945cd10da49281c4e99293aa0b41c32b9b72a6ca63cf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:54 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 23:19:55 GMT
server: cloudflare
age: 31169
etag: "5ACB0214CAC16DB57215B2F2F43FFAC8"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 810041564e4cbabe-MXP
content-length: 77943
expires: Tue, 03 Oct 2023 11:32:36 GMT

GET
H2 200 wanmeishijieguoyu-chendong.jpg
static-a.xgcartoon.com/cover/ 72 KB
72 KB 263ms
48ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wanmeishijieguoyu-chendong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe019b846703531650f1e9548bd0b4c1f5df80cde3a80b3f1270582ed72ce704

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:54 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 10:03:37 GMT
server: cloudflare
age: 31169
etag: "77AF5EC9BD62D6B5CF4BFEF6705BDCE9"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 810041564e4dbabe-MXP
content-length: 73636
expires: Wed, 04 Oct 2023 05:06:53 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012309151607000/v0/ 8 KB
3 KB 189ms
43ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Sep 2023 19:31:02 GMT
age: 527752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2976
x-xss-protection: 0
server: sffe
etag: "07fb3dc7eac63481"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Sep 2024 19:31:02 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012309151607000/v0/ 237 KB
63 KB 136ms
75ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa4a7bb3250246172fb936a76cad3eda063687abf10aeef1780a2fb659a9abc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 30 Sep 2023 22:14:36 GMT
age: 172338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64071
x-xss-protection: 0
server: sffe
etag: "554c2edaf6ccd50b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Sep 2024 22:14:36 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012309151607000/v0/ 12 KB
4 KB 135ms
74ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Sep 2023 19:31:02 GMT
age: 527752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3936
x-xss-protection: 0
server: sffe
etag: "3d96bab6a7d5a37d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Sep 2024 19:31:02 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
14 KB 466ms
336ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309151607000&d_imp=1&c=9006243&ga_cid=amp-e-llb_SCir9oc-IPHYzAfQ&ga_hid=6243&dt=1696284414717&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fdubuxiaoyaoguoyu-shizherufeng&bdt=1472&dtd=25&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

655f1d0f44d2f39ac21247aeaca856fe79c31b9d95afaa2cbf1d6c50a0378309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13257
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CMGz9O-v2IEDFdoGVQgdtNEJ0g
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027455233
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 02 Oct 2023 22:06:55 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 599ms
469ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309151607000&d_imp=1&c=9006243&ga_cid=amp-e-llb_SCir9oc-IPHYzAfQ&ga_hid=6243&dt=1696284414717&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fdubuxiaoyaoguoyu-shizherufeng&bdt=1472&dtd=30&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6cf7a78ca75e8731d5aa4d1ed8e5e9bad0c1ae435cedb1bed66d09bb5772734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 120x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13251
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CLe59O-v2IEDFVKFewodbBYCzg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351399041
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 02 Oct 2023 22:06:55 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 1034ms
904ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309151607000&d_imp=1&c=9006243&ga_cid=amp-e-llb_SCir9oc-IPHYzAfQ&ga_hid=6243&dt=1696284414717&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fdubuxiaoyaoguoyu-shizherufeng&bdt=1472&dtd=31&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd2fd7506524748fcdd583f706e42285fffbc3aab13e9b92c45011338dcbdc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 336x280
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13246
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJez9O-v2IEDFYsP4AodBzwMYA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663412
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 02 Oct 2023 22:06:55 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 936ms
807ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309151607000&d_imp=1&c=9006243&ga_cid=amp-e-llb_SCir9oc-IPHYzAfQ&ga_hid=6243&dt=1696284414718&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fdubuxiaoyaoguoyu-shizherufeng&bdt=1473&dtd=31&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

675bf77951206e455265e9bbbe8c87281bd8c5080d29107bd65aad90e262eb26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 120x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13235
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJzA9O-v2IEDFdQs4AodrUoF4Q
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351399062
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 02 Oct 2023 22:06:55 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
13 KB 827ms
698ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309151607000&d_imp=1&c=9006243&ga_cid=amp-e-llb_SCir9oc-IPHYzAfQ&ga_hid=6243&dt=1696284414718&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fdubuxiaoyaoguoyu-shizherufeng&bdt=1473&dtd=32&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0a0ed927825c537dc888183260f38bedfa2e3fbd3db6f1cf61627c838a52aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 892x90
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampanalytics: {"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstMBQmy-25ATrVTBroOZ8u3nk_Tp1JfNusnwPrazinDJgnZE6uJfaJEVTkbSWYGyQSj9s6ZxBRnbJWCxQrTeoRur1d1e2Aay-DiMcglIQluhqtZYy2Z__plUbEXPd1Zd7xXty7tOc1ZQJe\u0026sai=AMfl-YSrXUAWjPROO70bPvOWiGzwTsFjc-LUVLUXYgzgaCp76nSnkxGph_AY9pNttqTixiXx0cBEs5Samsvn\u0026sig=Cg0ArKJSzBnOnNT6HaCHEAE\u0026cid=CAQSGwDICaaNmdZroB2XLAPwMbVU2gYzkFl4ZkbSphgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=156774037"],"btrUrl":[]}
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11135
x-xss-protection: 0
amp-fast-fetch-signature: google:1:FCOVXWleB+3Nr27gYt2ur8I+Arn+EjGQQoeLuSG8vn6UigHOxGV+7F92c8acNSSrjaGLYuoqEAw4YUwKyMnE9WNqUhY/7/WEdvjVXsxLZ/QQpO6z5V3ovMDdH5XJHJdkuCCzJsAC9B90Q8sy7DReqLrex1hSOuQYQlH7PCg+0JkG9H+uxaXfG4i4Z1M4Q8UM2XJjlMqpG4oXozj9uHCCrr2gNLLKz6D6o7znZiDvEJysvtgz3cBmOiJRf++DpDjeCYAnCJCoTj0Y4V+oDHSv+bFm0S+D2EkrbGsPk4AoTIKVgAN6gk4cbBYKW3ujbNy0YUh5mzz74KoH6+0AcHZExw==
google-lineitem-id: -1
x-qqid: CK72i_Cv2IEDFRhW4AodP6cAgQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 02 Oct 2023 22:06:55 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012309151607000/v0/analytics-vendors/ 2 KB
886 B 142ms
91ms Fetch
application/json 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Sep 2023 19:31:02 GMT
age: 527753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "299923aefdac6510"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Sep 2024 19:31:02 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 347ms
294ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng
AMP-Same-Origin: true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:55 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Mon, 02 Oct 2023 22:09:55 GMT

GET
H2 200 container.html
2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 856ms
38ms Other
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 207ms
71ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=6243&cid=amp-e-llb_SCir9oc-IPHYzAfQ&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fdubuxiaoyaoguoyu-shizherufeng&dr=&dt=%F0%9F%8D%BC%E7%8D%A8%E6%AD%A5%E9%80%8D%E9%81%99%E3%80%90%E5%9C%8B%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1696284416&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012309151607000/v0/ 19 KB
7 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-exit-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c00bcad20996af843ae8963a41360ec2487512a339359579538fba3fc5dc51c9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Oct 2023 17:10:58 GMT
age: 17757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6645
x-xss-protection: 0
server: sffe
etag: "672e136c69403c82"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Oct 2024 17:10:58 GMT

GET
H3 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012309151607000/v0/ 7 KB
2 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-fit-text-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d0467eff4d66506a338a9dd34d16eca0ae3e57fb7a10710e1c0659558a5f3d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Oct 2023 17:10:58 GMT
age: 17757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2507
x-xss-protection: 0
server: sffe
etag: "278187ce0e0f8465"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Oct 2024 17:10:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
2 KB 191ms
70ms Other
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Oct 2023 22:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 20:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Oct 2023 22:06:55 GMT

GET
DATA 200
OK truncated
/ Frame F07B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bc6f8f78a99374ed4c08da7f96cafcc1ecb00c6db176bf9c121c2fe096d1553

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9571 6 KB
3 KB 203ms
36ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:56 GMT
expires: Tue, 01 Oct 2024 22:06:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B8E 6 KB
3 KB 205ms
38ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:56 GMT
expires: Tue, 01 Oct 2024 22:06:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1488 6 KB
3 KB 187ms
54ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:56 GMT
expires: Tue, 01 Oct 2024 22:06:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC1E 6 KB
3 KB 189ms
57ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:56 GMT
expires: Tue, 01 Oct 2024 22:06:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9571 24 KB
7 KB 244ms
55ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9571 18 KB
8 KB 239ms
62ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26cb939844035ca21eba41bb24c2507dd876370d1c500e5c7c878f842e1cb1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7895
x-xss-protection: 0
server: cafe
etag: 493403169296720571
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9571 182 KB
58 KB 229ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 6B8E 18 KB
8 KB 167ms
64ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c76d926a1f0c5ade31a0fd8581f5361be3332b0cc23cdaf50172fd2858994b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7886
x-xss-protection: 0
server: cafe
etag: 16246392912630608464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B8E 182 KB
57 KB 230ms
129ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B8E 0
462 B 89ms
89ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstol79mA58hI42tQhXACtx0EQDFFK-lXtsWR7EI1sK78r7Q9hN7PpUC4YR5eg-B0AgN0EX8bZ4vc1GbRI9rdC2oNsSG_R7XhsGcbwBixhil23NgONO0qqLgvveE_YhwWca_DhF3vm_J0fSa-2rym-rdnZJgVe_zNs6QsEuDSRyq2MlXP8zeojMdq-POISWIOXnCrKPpQp7zHDihtvmG4RIB5DU3RpGnBWLt_0ps0Fsb0aGFnGRgzRc8pka3Dr6kLYb_xzYfKdwQRG0Mz0LeNyHryhLifqyzSAK36Ld16YHXKG-N87RgvTcUW310wm-kHzTy4yRfEFZ9xqmwb8aKj0dZwVd745Qi4k6-SwfDB5_K&sai=AMfl-YRBUeUMHpIcaVyY9_KWybOf5fhfdZ4J1tAxYAr2YQlY25PVRNFdq9q2ad-tDvRykassJJxnPvcBFy7X1us&sig=Cg0ArKJSzAqGgEM1udXtEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1488 24 KB
6 KB 143ms
61ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1488 18 KB
8 KB 170ms
89ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dee82a159a48478b1cadd64e7fc4b3a2d486a106679f745245aee813585c2bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7886
x-xss-protection: 0
server: cafe
etag: 5626473734117378209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1488 182 KB
57 KB 244ms
164ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame BC1E 18 KB
8 KB 125ms
63ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8336e6c76dbff8a45c7b8e47b24a517c3caf3cff24b196b7d53568e52a5bc0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 11207071057347983972
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC1E 182 KB
57 KB 182ms
121ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC1E 0
292 B 141ms
80ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOZuHyjtUPDNyweNjbuP7M0Un2YmEaNcJNtood_osFqyTnWuXnLd6HbqLfS8VlV5hfsc43AtEzucRwDm986T0n0w6JRuanz_Gae_RFt6Ld4Zk2lQUKydZpfemNRpP-NK6AgcqyMnxLmBl4oBs0Gd24DwM_0ZkaJ2TZ65sfeqnjxdb_UCqRdsFe6khaQqEtI15GB46nnfpFt6JDK3qGqgmRMzCnwt0T7bBC4QepVVf4w0zjdhs82BR1ZDR2wAodDx2CzvHRSmddBQE0YtUGS98gs91GN9Vq5LlRRS6EglPIs1z7Xfades5htGTs46vU4JyaDS9Kt9PFabblyKvbs1ZHmXjppp-d0rSgrK5BCDI&sai=AMfl-YTwjzhXzl_TuXCZR7clSTm-Akh-iRnxxVQklyZWDBWcxzcCKZWwl--TXgbJ5USKM3AsTZLHNXQxLgIBZa0&sig=Cg0ArKJSzGpILalyHvuTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BC1E 142 KB
49 KB 142ms
65ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adb5b53c8eb41962e78c46dda123baebc09b0907f556c59bab11078d379ef908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50468
x-xss-protection: 0
server: cafe
etag: 8524527201522902442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9571 0
26 B 240ms
199ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUAv6gmgy5SxCH_WpoU66RuCTjiOCYzG3yUdJFsL_Ed8xnhsSgFkf3Cb8nYft5oM-_kZDPEcMaTXYL9cFh8MKBCYgTEYWdeYcKbsh8isEyKm_A1Po6mqyVZfro67HCVm2HyKD40UmAkIOJuS7MIrTuSGC2xQnyDcePEvoTrVqO1YnM1RTNz6Ej4whuWsx6WKsWq9-sDyPwy3g5g7uJyKMoEthDKuYKZn-gJ-PK1ke1xrcGIxJiAKbRIMVfsEUwpPocb5uHHn_JBCecAQgD9KQ-4X7rHNMmhRugwNmBMX0gbhs2Tfa4KgFb1WinZBbomfUlLHIEcixYfmYJhjT3frslUbhue-1kMHPp4uQJmQB7&sai=AMfl-YTiiZkMr8XIlubr5Z8-9c0rf_QLK9ngO-oOVmiSyj3esL_qQvW3EbFF912i5xkjx7wtT67Dh5xOT09l2YA&sig=Cg0ArKJSzNvRydOKQ0MgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9571 142 KB
49 KB 256ms
211ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

875d82fa91d8d505f0013431f181d898b0e598e8fd86e034f75490981a2bd21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50464
x-xss-protection: 0
server: cafe
etag: 17717113388068331818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1488 0
26 B 174ms
172ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWV8w2MdxhFd3-DhZCJn0DUgaCyNYVDctF13s9RsOmOCtoDx_eeFnS-HAkOsJmxyqAYLphfUcpUcTSoTs5njD-p66PnyzTvXobFMTI9tNp88FcF2pTePyGy3MvnEX8wHB-lHtpjDFI0aS2Nq88TOHl3HJ984t4XRnUxdX4wc6WLwAZteGTWXMett2lNyfxbvDVAbFQd2kfC1SKpHznigHvcPy16cX2iy0ZAaTYHiU-IhbYOFbYKGQKb5vvD2nw-hg9LOPO-VCMjMaJ9o-MdLWTlhLxgEJmQ3WUArZHuFF8MN41ShLdUPJUBs3JPgmYsMiGSwHWlgWZ1uh-za4NuDl_kTbEA_IJ-fjiaS8LmiE&sai=AMfl-YQJaz_-ijk2F9W9FNNPODbjyGIPi_BZHQkvlot_SYcXptNuClG5WngMDjpfwSQZyh6uNhrO4354VYcLvrQ&sig=Cg0ArKJSzGZvE6IQdzrREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
URL: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6B8E 143 KB
50 KB 175ms
143ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60f5db5d6a45302fed2d4ef12f08c8e299b0ee5e2c488f0e9f9815e4ff4d16d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50612
x-xss-protection: 0
server: cafe
etag: 7722284525680591981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1488 143 KB
50 KB 205ms
173ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75681547b123727b32d0538f18376da53e07c9c1f952571fa71b7b9b750a1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50594
x-xss-protection: 0
server: cafe
etag: 7206171217086140558
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
DATA 200
OK truncated
/ Frame 6B8E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9b06e5d3c471e02ce6df6f6430ae55c3bada1dfbb2b328ae2ca2d13a4d5c9d2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9571 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2dd6a7af46c08c24d08e1f4d920af28714968e1ccc479c64f5acca7730b8c25

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ Frame BC1E 378 KB
128 KB 97ms
66ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e13443dd371185d6e2a068eb3ab0af5558fbe5b90e475f9cf5a6d78ee55c956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131254
x-xss-protection: 0
server: cafe
etag: 4120941549923780850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/ Frame F22E 10 KB
4 KB 79ms
31ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 54702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 06:55:14 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 06:55:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/ Frame 6B8E 380 KB
129 KB 92ms
88ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com&bust=31078272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0cababc6421d117ad4fd9a9403a20ba77296f2c5fb53284a3f2dc035495f021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131778
x-xss-protection: 0
server: cafe
etag: 3820340427549102395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:56 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ Frame 9571 378 KB
128 KB 89ms
86ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e37acf544fc6276626a2b2343d4e346a01c42930be09ce31a48e89c815e2fac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131248
x-xss-protection: 0
server: cafe
etag: 13880739703733643428
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:57 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/ Frame 1488 380 KB
129 KB 155ms
154ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com&bust=31078273

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1c2ef39100cf542c6cdc04ab2f6bb6a08e48b866f5e600ea4f7f10bce2e77ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131850
x-xss-protection: 0
server: cafe
etag: 515220987430894049
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:57 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1E78 26 KB
12 KB 459ms
430ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416370&bpp=465&bdt=249&idt=723&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44802209%2C31078363%2C31078297&oid=2&pvsid=674343852142438&tmod=1108981091&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.nh2g25xcfuqc&fsb=1&dtd=816

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d09addb98086247a9943cb311409a3cd0488a245b49bd36a446f5c6fc1d78c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12249
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B603 26 KB
12 KB 313ms
270ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com&bust=31078272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f4a0d2a8b1386a90ca2393a5741b99e0546c8990dce7f0c13b7e5d117710130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12516
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8132 27 KB
11 KB 429ms
374ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046729&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416472&bpp=584&bdt=354&idt=1036&shv=r20230928&mjsv=m202309270101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44803491%2C44759876%2C31078258%2C42531706%2C44795922%2C31078273%2C21065725&oid=2&pvsid=550367111497294&tmod=2104231237&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.m8xkzx8ml5rm&fsb=1&dtd=1172

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com&bust=31078273

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5366e3de994ace22a53abf4f2ea87382e35ba636ff56d9e144ef65a4ade7c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11476
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0CB4 24 KB
11 KB 338ms
332ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046731&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416399&bpp=586&bdt=312&idt=1282&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3296754740&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31077328%2C31078202%2C44801992%2C31078297%2C31078320&oid=2&pvsid=1126824095258659&tmod=870526254&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tebbifqzo4sw&fsb=1&dtd=1367

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17655e095c2160dcddf6707d15d40631d2ba07c00984090d7b5c21d6fff4d5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11174
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E78 42 B
63 B 149ms
137ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxpD3-E2ZoXvQtZcNaCg45688juBPjAqFCyzqrfEgSwJbn5QLUG2RpXucr1vZEReZDWPurqOMKR5Z2nzGeedugGApvi2h-dkX0v6yzxbv0bPvsRLY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416370&bpp=465&bdt=249&idt=723&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44802209%2C31078363%2C31078297&oid=2&pvsid=674343852142438&tmod=1108981091&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.nh2g25xcfuqc&fsb=1&dtd=816

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E78 0
20 B 149ms
138ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8495324371951075070&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1E78 89 KB
31 KB 130ms
128ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 1E78 3 KB
1 KB 119ms
75ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 1E78 20 KB
8 KB 85ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1E78 0
0 464ms
42ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7BCfHFddjVC4rXQv1SWBSWGznCMvn1ypT96WLTBsedgVeCWzamKfFnnSHxsjY-oi0IH6FQ9Kh1_z4AEZogd1fz-1TLg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416370&bpp=465&bdt=249&idt=723&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44802209%2C31078363%2C31078297&oid=2&pvsid=674343852142438&tmod=1108981091&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.nh2g25xcfuqc&fsb=1&dtd=816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E78 182 KB
57 KB 122ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:57 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F5A2 624 B
242 B 299ms
268ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNXIQ5P-rI3L01KRmywVIYDnEaei4m3qIgbJ6YJB_l0X9JeEakgsRZ660wGPuHastxFUCzgpsu9dUomXGfYl6Y2wbnugU9M6-fWkwePZB4KZJemRb4QdmEdGC-FKEzjc0rm6-v5V1KlvWzwfqqwHaYYqsI_RV5dK6ABEdfCdFHzZbRURDkQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416370&bpp=465&bdt=249&idt=723&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44802209%2C31078363%2C31078297&oid=2&pvsid=674343852142438&tmod=1108981091&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.nh2g25xcfuqc&fsb=1&dtd=816
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B603 42 B
63 B 253ms
177ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DeBTJ7lgvuhb17olF0btpSpYy8qvbWiS_8NuaeXKHHvY2hj7Uti1aqiyy22zJx4kPbuVglgZ6EJvuqxdV9N_b8o340UK3LRI4Vy0v8gca8N38ETUo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B603 0
20 B 251ms
172ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1955136241202316160&x=1&ct=77

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B603 89 KB
31 KB 179ms
161ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame B603 3 KB
1 KB 193ms
0ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame B603 20 KB
8 KB 200ms
0ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B603 0
0 312ms
43ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaxAVikxKx-EPOFb3lG8tD1riu-S4mv7ZyH3__D1Lp9wrRnWB-VDmdYSjyCM5mETg_-R2an4J3D78Lxf8DGoK-UHIuSg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B603 182 KB
57 KB 153ms
142ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:57 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2C87 640 B
262 B 222ms
57ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNXms1vFFPkAGV-CQEdF1jhdQGbelMRzHC5oSnEzMwMDAkcHBEWgGElw6Fbi9AuRMSDRwkDcOTGBohx2fkBvpMznU8tRRFe9HgSn8qnJDxmjxJsDUTW4cXEnFVMO-83WC1NV0w7QqlA7Y1jhpf__FQAeaRUkG8Jhf9SZYRkXYMFSUdniuxE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E78 0
20 B 164ms
86ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3320803872447&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E78 0
20 B 133ms
92ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3320803872447&version=m202309260101&ct=77&x=1&cor=8495324371951075000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1E78 16 KB
12 KB 195ms
91ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DidXCxKGkRUMD6NVTOkANJP_9yB5NFgk6_EJiQUCDYQSXI4ETnZNd4novvVekBmQZL0nRXlloq2WaXmJzTaI57mW38fnfrm3_SJ_3T-yg3z72Xi8nWfVW3Yf44e5GatdsGHDuIHwRBVFKF-qru5gg72zg7ytDCEH3qZr9GOPVS4FL2Zc8&cry=1&dbm_d=AKAmf-ADYhKCSc-ONWIxAzT-7P6rmjWUFA7kQBQVvUcAyThFR-T8zkr2cgJAfCz1UaPTjkmdMtiuwYAP6zDVwPzNqvvuxzunyZu4oE_vgroR9ffhC14VCzkDVmCFTtjrw6ercxdAO_GQlCFacs5bQjUMQy2y94bA2FKEpAnteyQGTB-bse6ZgdaZMT1-xygt2gkaHyG9uSaw-X2EsTVRM7BIPQSSXEbd7VcO-q1wFko8zxMSfUL7PnFBf2TMOLhonRQOBZepBton7BerO0HT_XLYzgytmXaaNBQbIB_k6R4hzgNHlrxI14M--Wns5EotbW028IQE6wsqp-eNtg62kcfTVImIl_MDS6K0Vj_o_QeA70b2peshp1ThMVlGgt3Zw6-EZ0KzIOYhEz2DUDR-TUk46Tj0KqRWKs3ZpPbJemfuLvdvKYCraNh7Znay59uB97BZ1DefbuAQoS362L2GNQX9G0l7j3CBz7thSydWkSzXM4erpCsEwqVQvyqz4TxuTPki2sDaGVcS4DserB-ULLOWC8ViLKYDcO0u2jOjs1yPv2LQ-aCIiAQ94XLzrxDDa6nE0PXFSbauJOWQKK-CfqCjKEJkW37M2pU1iYFcBlVnNUm9UsDeMWZx-hzZoMy6t4O4H_NvvPPIE7u9orTtmX6jXxIdM70BISFRGtvcmks5iCY7vcY_S2iWrTmmU4KgW5lgyhLZUjoBIex8fE_12yX9LEPYrrI15dJ2Z3aKm6zZ3Bq9tCHkmqAF4L5c3OPtiLlkyuC7EIxVg9EslgbJ4p5lYwOJPNH1tHwj9rRdnwUn1a0SaWg58Y-fwIShMqOd5ZpAATzWOYQHdHnpWGlfXyepwmeK694T3bPAMd_i3fG0sCT7wEkmcQrigVV0sQP8Sgh5VFc8qU4mWQqt6LzRNZcQIdsY-3dCd3LPl-HoJeDmcejp0mK-q2xqQ-ec12ZdDN2fndKonBqPvE476bQw_3a5_O2r42UtzajcQMl9xGy6vzIbYK0lEJ8irbeidz2DBR8sbK4fC24I0nlttg78QPkKEvmJZ9OJxeiqUqZHHYitNx62pZq8cbhN-jx_dy19vrRj2PPs_DGnm79IUzontU1AVvm36uj0iPAhkNRxgJvxnoeNNK1fBy_1SVHSAl5f5sqTaCE-91sGttrMbRHk67smaBQ94qB5Ag-baOSgTZiUs9D4PU7HfwjCwlXZLwX7ITreMw07mqFphdNsl_dsyQssFhVh3q4Oglc0LbDj5Y2FJ3-OpTfMh43LYon7s1-4OblU_aENWZEfRpNya1M40tXgCfofd6YYF40shLVYdyt0sL19vf-_oJ0ZFBlPb1EifqTstB9hzQZkpS9UHC8JoJS51cLY1xI_w3tQx6_cMfbMx1hOcjJs86PhOwiFM6ItjK3lE3ppRy3ttDryplhja4jKrwncn9HH-vxCQCxZgQTlqy2KjWjxOceSoUZXyFPJNrhuoWDTWGz4sXUj7wUnW1_f2EREIV0thJ79cJN12ZSVi4pJdTxokKcipeRB1XRuz4X-kcabTzg7HKRRi4PZhHxRYcTJp9VYxjGVu4V-Mbz-J5INZfqwc65rgzgUDW5axY2l5zho12MWsaWvnkmyZNCRW4XIgNVobeIkYDlr0f4F_MgMcj16SddBmhApPIKMXvIRCi9dVWW9dblFpQOEnMj5j3snwxKCfxsPEKizup8XQ7rsWUh6w_ZK0GUzd8TfqOLTLO9rXfVZOc8z2Y2yWouzScupQpyiMT-csLVudMdDH_g2bsKaXYhfgk0zSudVzTr7kUqbYGPhksXt502o107l-n1VkYSv3-lnlWMfwO3w9aVV4Q3JaZtCtXrATChquvnA4FHrk7NZmLDWUXw-W37rNUIqSt6cORCfVy-1-MWAmev-ZWa0165RqnuyYm0B-EhAgJ3H-0eA0AdmOqOLf3Vwusw64T_FcCQxkPuC64Gf9SEJA2D_-K0gOwN99t-PFg207yj46iog6MiNhGSrIVLdRvRnskKks94ahNgsKyeKnDKbR9gYzKCrFL8rlq-Yud-Hf4T2PYhZ2RRdA91D5egjWPGuPctltA2ZgDCRqNUsQK_B71_NSLOWjVSs-m0BVBTgNhBlGri_TH6o73chvRWug0snqET1YsVddP9_SUTcfhUxwtELsV8loatzEPaFSZk1UQkESggXl-QrainDdOn4enkFMKURlsU68ev3qP1pG-gC1eIo6-vybmD2SSLQcZEb36lWHP2_AW1mPgOMaJ_Fsw6v-ktTCS_yBwTJEs2EtnPgliAvpZv0BK2PjJcMejO7KtKz_JzLPFn9NNEpzLxz_0QK2b4MmoIRlIiE0uJ0xsyZwdRDKad0RU1_r_ryUjj4ZKtEb3EcoDEbceCKaooy5qjcNws91X_QH2dlZxIEGAbk-biAEkju9w3C7VQALSvAcAEyUVYPCbw402-PP3Jt23JC09cCaBJ8uzjQcXRK-ZwVhPH7ps5AoIXwPZMOXvU01ie8XAeuiclY3A2F5C26fuP-Rm63YtfRoRPP2oIbH6bx_EJoyXszg6lr9T0-VZZaK1FcTyEMLqyqlQi8G2HYR68Pp_kkj3HQOOYvrzG9EyBwk7FKoK6lDeTonS0raUxXRaWQtDT34LZGI-POaQoclSVYszlB5xb9QtwKLjpmV9jDguQkwLk7CZOl4Y67lEjnsQ1EPDBzmY3ZAxSbV9Jr0lIMT9G3iMTg0tHWx4zTCIJ5YctPSJa4PI17CSW4r9gYcKSuQrDobLYGqTLrpPsflmWDOHS_ksDgUpEqQsmIEcvpTMd2UgrbCXVeKS6C2hUsQyjXYEKNHmB6-ZTAC9dff-3azejW8P-A8VJ5QjjxaDy4U11oyzCXGi_JaaLXnwxP5DcOg9vveW0OAmek_kuAq9vN1mSFpZQiXuzEe80r8Aq5cbngFNiMEQkjk_5-Ar6IvL1Mrc58q572lVVNMEMv2u8OBLo2nOotRlnacPl1iYKNgzTji9JXMc56YYGscf82vDy82hCNYUFP-2AHBn6lc55ETrrm2H4alkc9STzlVd73bWZ1gTo0wjND3dmH2NndWCgnAIFDWAQnUHIC5xRlMWPiq7iobDdXRstKe-H4VubH7l2XxWpBFY1wOopWbKO_05qVDs_JKWjBjlsZGIM0Cfa3PJtF7KRKeWdFi_7DK1t0XgJqHo4kUro8tbUGltq8DDoNm-XGKxPJ4URPYukJ4R9pYOLfGVcrCnBOcckmrhAE0eosJbv5nZQCSilvKgf78ovthXyzdLvk-fUTuK8Z_dxLTLRGw13uELl27_ltWRBO28DG8RrmJMul3b0blOmP2UTkzAA_BfOnGKddYl_5tvfYjVSZgd5uwC_nIfK4CqYDQ8nsIBSCWxoN1ejSUElLi7lm3TBbl8JaHVXQ7VD_kr7VLkB9IdYZW_qlvZUg4zaqMDHPmmi6U_Uun0NrfY-dJPtGRew2y87rca6raO7EZGTJVB5LavgzvyH5Xy923lurNTRVLp3wR-JcbGd3rhijpgslwbyGwV7V3KV8VFyhI48mDSS2EEYGeTKBjb86iaQDRgJpY2q8c_jiscgip910L-4FfsxPFWmhO-qOlx7I6TkR2Xg8v7A0FRMTbOoJsdUmqXcgO2ZyjgP5Mj99R5ePmIMSuquMoa30vEgjjlK2E1y9OfHDQ46X5fO0ShNBnB-nTe5TrfeOGi1syXNHd6sTOoYJWV0g&cid=CAQSKQDICaaNmsXJCVo9Ac-Saw2b0AoumTGbZKwxsCjwWgdl_dkI4WlgTU73GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=8495324371951075000&adk=4022746785&idt=184&cac=0&dtd=76

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae37c3d9fee0f895d2b531803b679e5103f350019c2eec9a8443737d982216f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416370&bpp=465&bdt=249&idt=723&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44802209%2C31078363%2C31078297&oid=2&pvsid=674343852142438&tmod=1108981091&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.nh2g25xcfuqc&fsb=1&dtd=816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F5A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMa4balXZQQBePjYSHz-S4&google_cver=1

43 B
339 B

259ms
175ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMa4balXZQQBePjYSHz-S4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNXIQ5P-rI3L01KRmywVIYDnEaei4m3qIgbJ6YJB_l0X9JeEakgsRZ660wGPuHastxFUCzgpsu9dUomXGfYl6Y2wbnugU9M6-fWkwePZB4KZJemRb4QdmEdGC-FKEzjc0rm6-v5V1KlvWzwfqqwHaYYqsI_RV5dK6ABEdfCdFHzZbRURDkQ
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SegfkO%2BorREitZ%2Bq0dwI6namdWdjCxAEeJK0hLC8k49204V13yvz2ibR%2BxaiVeO5a%2Bknxta1REjKcUxd7MtjPVQlIaw4b1pxZ5LtgJ5nnYTz5F9blZfQ4oO%2BGtcZ0zu5BSfb%2F2znWp6hqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 810041728ec8f15c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMa4balXZQQBePjYSHz-S4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F5A2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRs-AuVXtGgNPYPT1wiTNAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMa4balXZQQBePjYSHz-S4&google_cver=1

43 B
550 B

87ms
86ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMa4balXZQQBePjYSHz-S4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNXIQ5P-rI3L01KRmywVIYDnEaei4m3qIgbJ6YJB_l0X9JeEakgsRZ660wGPuHastxFUCzgpsu9dUomXGfYl6Y2wbnugU9M6-fWkwePZB4KZJemRb4QdmEdGC-FKEzjc0rm6-v5V1KlvWzwfqqwHaYYqsI_RV5dK6ABEdfCdFHzZbRURDkQ
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vvEc9IfHMjp6lO%2FQb6mqgTlkRQ5aMskAuN07xNZr5PKOifemBCv%2BWcdQjQ6wL73CJ%2BaNDAqFzRoFqGyOP%2BtglNdF%2BFJBCBtOoft1cnZcttm7WLidjMItFVJzErAHBnX9ZbMwHTyVlWUxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 810041741fe4f15c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMa4balXZQQBePjYSHz-S4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F5A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH7XZUtLCHy297nyXOPCbH8&google_cver=1

43 B
837 B

213ms
129ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH7XZUtLCHy297nyXOPCbH8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNXIQ5P-rI3L01KRmywVIYDnEaei4m3qIgbJ6YJB_l0X9JeEakgsRZ660wGPuHastxFUCzgpsu9dUomXGfYl6Y2wbnugU9M6-fWkwePZB4KZJemRb4QdmEdGC-FKEzjc0rm6-v5V1KlvWzwfqqwHaYYqsI_RV5dK6ABEdfCdFHzZbRURDkQ

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
an-x-request-uuid: d7fa6d9c-82c5-4b2b-b575-a4407679613e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.106.22; 176.10.106.22; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH7XZUtLCHy297nyXOPCbH8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F5A2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D

170 B
232 B

49ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
an-x-request-uuid: fbff3ac4-1f3c-439d-878a-4ee567a712d4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D
x-proxy-origin: 176.10.106.22; 176.10.106.22; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CB4 42 B
63 B 125ms
87ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9gGqSvtjG7lN8Wx4S3gn24tysw6YHG4e-ScywE-LfUiuBLkePNpjaUORXz7t36m-HpgRoFsh_m4r9kiuVZjyXJ_9TqTBDaSXsLC7etHNdbVd0a_w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046731&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416399&bpp=586&bdt=312&idt=1282&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3296754740&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31077328%2C31078202%2C44801992%2C31078297%2C31078320&oid=2&pvsid=1126824095258659&tmod=870526254&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tebbifqzo4sw&fsb=1&dtd=1367

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CB4 0
20 B 116ms
78ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16457825925526996319&x=1&ct=119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0CB4 89 KB
31 KB 329ms
313ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 0CB4 3 KB
1 KB 389ms
375ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 0CB4 20 KB
8 KB 283ms
268ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0CB4 0
0 87ms
71ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRF6gt_jNJaHInn4ce3ZEnyMRjU5k4aAQaW3YN2el-UaRw0b28isXi-h_8TKjpxBNDdwD1BIAqz3WYup-nQEIXuigkgg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046731&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416399&bpp=586&bdt=312&idt=1282&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3296754740&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31077328%2C31078202%2C44801992%2C31078297%2C31078320&oid=2&pvsid=1126824095258659&tmod=870526254&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tebbifqzo4sw&fsb=1&dtd=1367
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0CB4 182 KB
57 KB 327ms
312ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:58 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1504 466 B
235 B 296ms
277ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhi9hsHjATAB&v=APEucNVdLocKe8ZFBqb8uFsrGqbY4jFVhxJ8GNy-bkjzy4z9fqWVnEmb9hFUcJ5FDlpbGJfA5sFhlWCqJoDSLXiXCi5NvFwBzY4YEnUABQ0_jfFkdI9OFdFosGTz6X26tgjh_lCnhi0SPDJqs_M-JkZW5ximoGvvX7WCBRb47g1lQgokd8vE9_0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046729&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416472&bpp=584&bdt=354&idt=1036&shv=r20230928&mjsv=m202309270101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44803491%2C44759876%2C31078258%2C42531706%2C44795922%2C31078273%2C21065725&oid=2&pvsid=550367111497294&tmod=2104231237&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.m8xkzx8ml5rm&fsb=1&dtd=1172

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046729&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416472&bpp=584&bdt=354&idt=1036&shv=r20230928&mjsv=m202309270101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44803491%2C44759876%2C31078258%2C42531706%2C44795922%2C31078273%2C21065725&oid=2&pvsid=550367111497294&tmod=2104231237&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.m8xkzx8ml5rm&fsb=1&dtd=1172
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C1BF 89 KB
31 KB 304ms
283ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame C1BF 3 KB
1 KB 104ms
82ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame C1BF 20 KB
8 KB 105ms
84ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C1BF 0
0 99ms
74ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdjOUBZ2nVCng9SbgTWlHAsosGbSJ64P5KEK0cSGyZoYv1cIRvRVFKMUfRZmSD5w7NciFF81gEa1Nsq1o7wAOQVvbtKw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046729&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416472&bpp=584&bdt=354&idt=1036&shv=r20230928&mjsv=m202309270101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44803491%2C44759876%2C31078258%2C42531706%2C44795922%2C31078273%2C21065725&oid=2&pvsid=550367111497294&tmod=2104231237&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.m8xkzx8ml5rm&fsb=1&dtd=1172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1BF 182 KB
57 KB 299ms
278ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 22:06:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1BF 42 B
63 B 323ms
303ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BP2F6kwVjWcZ6l6HQI9U0iaf0Jv_Gh0emSprrsXpQTYj5DhkmCaHi6qTGLhSXyX0X9lr9NxEMUPb4mrp__jrsqk37VLA3YEgebJL2BEQGbv5E_Vh0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1BF 0
20 B 322ms
302ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7616871572526922315&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A37E 466 B
235 B 287ms
275ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiVuML1ATAB&v=APEucNWBJdNZb1cG92SS-h2SyjioWmEN16SVLKAqSi0n7_ZrWn2fa3XCmw58qoNB6h7ooNBo1w-2klI3C-t8G2qxMoet6iX3ld7vBi5rXKBZ59xmidTRm_6YcK-hs6SIGnLEN0ioe-ouRcVFTTZMZFq9smVO7-rn4ikrgT4AlN8ROEMm3PjCpZg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046731&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416399&bpp=586&bdt=312&idt=1282&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3296754740&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31077328%2C31078202%2C44801992%2C31078297%2C31078320&oid=2&pvsid=1126824095258659&tmod=870526254&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tebbifqzo4sw&fsb=1&dtd=1367
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B603 0
20 B 307ms
302ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7843805389453&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B603 0
20 B 306ms
302ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7843805389453&version=m202309260101&ct=77&x=1&cor=1955136241202316300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
ad.doubleclick.net/dbm/ Frame B603 16 KB
12 KB 505ms
106ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dmkf1QX5o4AaPPcV95EKUNJkgf9KvEtQAH_Vb7GkxvZEAFuixLDHNaE4_jLxpsXQFSk0XJiSpEJdZ0xEnez6Gmm39FenVYLkGek-V7cUJIYXe3yQwzqZDo5iwhLJnir1wkgZdlemCm8SdOf2OuhSqyAlZEHRKWhhsyImi8GM_T_SoCdWw&cry=1&dbm_d=AKAmf-CzpgH6ExtYd60t480Q9wPMm6UZH_F1ny8QqpBFpE9zU5yRoF5WH4aWxpG8ibxNlplPzNJy1xB1BOqnwOSPRQDUqrPXBxHJ8IyB3uRboRz2zsG0eB21Ox31dgNCKXK9chus3VLhlGql_9dfPNUFhmenEKdAYiqMspChvzQg5V2E-4shKjdF1DpIJlO4I0KJshVK-QenNaK8nWOO2NqpWnMQzqpfenk92DVBCSGgqRIRFHUbAYYkGL7IF1-g2QiUe5JPfyZnVVeM2GJ9ojj62bJWAp4nSCnctb5ZHcgNYSANbmaxCu_Xy1vmDDS2OPSPi2-jEjn-9CdRJtNwKz9gS5MbVW_lTeIb8J6z5-9j_4HeSjBqHYjaFnrbSdxekoH8GM7Gg7sc6LDyj703B4f0odzvpUDWoYiDZwX7SlRfo6GgPEj4mg5jfvUBh7AWwf_KEXyQdaixgxK-eb-NdA0LIN-JMpNSJi7yY4_jtbFQZlj7ZbHhNOvw5o_jPGtE7gLy1UXVlwSSO6iqVM9qxg7-iBnccFocPew-l8fSLVZbhE0czbn-qdNxBUm0DgWeB4z0z7Niq02OwJQMM5KSiZdBePgaYH1mvF3HYkCrG4anQfImQtO9LveMjnRqhVlXY9lIDWqgUsxnecqHMo__vW9IMNq9Xd3yUBJblEegR2KZMp22Vh_pH0cY5ysvZvYkL5ffYg_qJr_pnnKjuAbW2ERwB1bGG90RMxRr3GyrCECmAomY9diUSNosvkcO2Bur1EIIfTPQ1jtTJpk7YTvQfAlgpJ6xW4aCTw7sxupOdlj1o6RM-M17yfm5XBtduNiO_vfJedh1XrAK9d2b65aAb3_RCISS2dax2jr9d5s4OYU7e4AfVvHpUBoDhQAAkGConMPFJTWGrI6B_rJPdIfcG2OZrCP7NmEZkulHU2O23l84Q8hjAagAKiHcdCRNgsPbuvDChXRFt4hJeDl8MRqN5z284RKM3Kf6mBcHYw2gBrNaY2HbaP0Qw6FKiSHKMdjC6SMytx4rkIbRZnVGp-F2ryFrIWoV9bhY4TefVAvbRQUfvDRMiWPSDhZERxqkvdguG6HaIw3Lq4BqJKHlzhcZ8BEesgvMjPo2YqBA7fMd2Egb5oUXiTjaN0gjUV4zvFO1ryFXETwQ97Z_KDHKeouUBXSdbTX6HUAQPCCTTidqvIsaluLf0A4229APwwQg3oe-h_DSwr2zZ882LTHsTO57ghSypJ__RO-Fz-utryGpEp5lBy6qmoyZxD537i0o9Uz0utdMc-uVAldhiQVtX9V7TRZustZVG2dDs4CPzYr6moAgm20j0sE7w8vb_rstZfknVH3lc-tX2_Z5FASBAFrFc5bcTiTVngrQTJqPdgT-j1G_5EPdFXVkJANc77iJXULo477oea7I6adIlUAGJ7x_pf_fxoQdR1L2gsS61tPmEM27UlBx-DbOfyEvmVtDSbHqeLBLearYMttbByXOMlndeYOCU_6q1mMSFLBuP2v4GMrNWPZt_l-u9_LLzk-Ze-EHas2oaxTfUwETyosH59oxGwnlBDrqZhsvPC_xw5qUzwCeV9tixz1sYFvnZlahs5WrfFj0BdF_NNe0XaUNj7nL1_mUcr9Q_XG-rhPYGpbYO1jPqT1i3z1L5GGn-JbtpqjN4KoUCDiN_N5t8aTTvefCSKftB0Dj78Ai0KNKd-L4GZmeRXutGf3C8YXyN1sTV6MSW9yE0sI4taWiByTn1GbwtSNCTSujut4Rasey_OZ3wanEaD_LGFq0we39MOrTKkpmcq4lGVUSmqjhU0FEigOdMZcldaXyvh5vF9FZM0t5r9prkgUvjHtyfZU9iudOneCBDuqAIRIe-3gu7DTktYdjDJvC8leOrxfmUE2DTjQhR6flmhcqePtItJPHckDOL--5pYcXyS0N7VjzzuM4TdzBh5JvUpZiIjWdEZwh-yCRl7hFh0_lC2MzxwDlg4EMuMycBU3y_n1asnJE_c5h6mjYJxsif0lNsUHVHbtj5YMoFoFpF6oKmr1BkQxiHxvmRpns1qacu_50WXPQ5aCwTZH6HT-J2_EbAtNqN3tluo5Hlv_jeuy2E_1aNw2DUGDpTM_ENDcIELk72rAMsARNTvj9pvzzCbRqTjqYt0P1dhbL3vnZmAJpM7NU06EiX5pnL7Hta9-POpKgi9WhcQ9qhV0fHPvu4CC2V3DEv3JG9oidcWXnAMVOfkizS_tbKuI2LSSN7yKJrnVpFU7I_hqCjDTyU9HxhsIyDt9KGH8_7mBMuVfUGWCl_sY37VBonqwOsFfmyYXcSpDkmdHq2AYNtlvj7ih3H7qscX8EgTg6hgwJOehhlXaMR-HOW1svLZhcZ_1gAbbq470c5Wvxs_4j2WjvC988z3hIqNZw7n4xrpy1pOqwTNYJs54_VFZeMVA6eDQbQNicinkaGaso2ucQ-BjU4bSMFrdcsMrk5MWJ_4UPiUQ6uyApNNUwhn-HxPywu9uk2fsFcdAxZQQrUyinnqnOlFuKR6WR5oju3ffUyTnmoaz64p4yNYG6Zf1we5f6WAV7MEclfLXCByCF-7CWjzi-xSmU_-JugJzPWPf0r4XlKo4SejKO5sZMDnM2d5PGlonZYtRyl4eRJchtrkQiHImAwD_q2SZnKKw5O0QC-ddZ3i_vUszBXyaDKjXG3IrW-3OUkZv_YhY9q6Z93JHlf_-S1yyJhf14_Gzt89RTNdsRkkrzA8gGP7COaC6-4taeHKR7J8bxcZeZ6qkrnuWDMwVfuMVGW-AggE56TDROrgAVsavTjIZ1bFdtCdWzWQeF4--g-Li3FSzmaI78cBpldJFBGUKzjifCuJH0Hc--1tmqvfvkiwLEA0-0oBaCiPoiebjRhWEY3FbA1uIXhORcz884iCkIN50_PhvPlNXk8EYMogUx1t1_-L9zDGgT2NUb1_n07GEwf2FUMUT15kH_lo14GNDUbVlXyi4lzvC2zH3nWW8G87umKxtsFbA-dfVopre7m0n7avrjLZIdoAbwkeXxxnzOee8dpPo_JVPRkhmLJ1ORiyyuRwGFFrhpkLjFng-8xk6_7zNpRad8xWYiYNdPBiT-Xq6H_BkPgpbOLMfiKFJqKmH1tbi6xFKZDWYtHo5_aCnid8krfiOA1Isvyf7xc0_EJjCrFSjBiPz_Ghg29nQEoRN5NsOWS56KA6irQcAxBqNyNptIy6vrUREuwl2SyUBOTEzWfqX6go4OVs-Q91KTbHqoO7PyMX--OQKDfj38ixTLIMDKl4g3ExpTDNhnnLxX8ELbOC8LpGJY5dRYtOvKlcjDr7qSZtFKB4JtYyO1Fz8Hf2fgb968dE-uFefm3gg2MXNAkefBjN7c0LEdRy1WZw3vp3cE5QHvP9a8KI3d8qrWLHdo-3R0ZD585vHmsBDE4COTCV91bGDTX8ug7T68iEOKwl8h_1VwXNaDi1C4sRDu1xaC6DRECKGL5-YThGJ0apkRtnZQ-kKHa55E9MDnDW-8UHKQfrBN5dWDHoV8-ZhaoygTXXptcJg0u_vzt4sGq3slydL4x8mpj2IAHg3szyDnGdB9kF_LkpYBFjo3Lym0rdSo6utEuBZMRVhvSuk1JEMz8K-cN2ZQ5YwEmmD0757Q7L31IJ9ErOTRv-QkSUPn7s_R1ucknWbnGHQoXrnk_ZTZlEvpnk3ks2hAkCYH-wCipKuPb3cYert0fnEkHbQwvyGpOG71&cid=CAQSKQDICaaNsIbGpyFAIVxBK4zNDE4TjrwUAhdO8CUMFvaa0jXGnb-b53sFGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=1955136241202316300&adk=2124396030&idt=375&cac=0&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

1daef2b0485fc115b6360d9689082ade5364e9eeb42268f6817e19e961800264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12191
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2C87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELY76ntuZunpYQ593m975sU&google_cver=1

43 B
172 B

202ms
128ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELY76ntuZunpYQ593m975sU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNXms1vFFPkAGV-CQEdF1jhdQGbelMRzHC5oSnEzMwMDAkcHBEWgGElw6Fbi9AuRMSDRwkDcOTGBohx2fkBvpMznU8tRRFe9HgSn8qnJDxmjxJsDUTW4cXEnFVMO-83WC1NV0w7QqlA7Y1jhpf__FQAeaRUkG8Jhf9SZYRkXYMFSUdniuxE
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELY76ntuZunpYQ593m975sU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2C87
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjA5ZmIwOGItMDYxZS0yNzc1LWZhNTUtNmNjM2Y5MGYxYmY4

170 B
243 B

48ms
24ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjA5ZmIwOGItMDYxZS0yNzc1LWZhNTUtNmNjM2Y5MGYxYmY4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNXms1vFFPkAGV-CQEdF1jhdQGbelMRzHC5oSnEzMwMDAkcHBEWgGElw6Fbi9AuRMSDRwkDcOTGBohx2fkBvpMznU8tRRFe9HgSn8qnJDxmjxJsDUTW4cXEnFVMO-83WC1NV0w7QqlA7Y1jhpf__FQAeaRUkG8Jhf9SZYRkXYMFSUdniuxE

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 Oct 2023 22:06:58 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjA5ZmIwOGItMDYxZS0yNzc1LWZhNTUtNmNjM2Y5MGYxYmY4
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 2C87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEHplsTI6OdQqUzwU5gtWVY0&google_cver=1

23 B
278 B

570ms
499ms

Image
image/gif

23.35.237.56

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEHplsTI6OdQqUzwU5gtWVY0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNXms1vFFPkAGV-CQEdF1jhdQGbelMRzHC5oSnEzMwMDAkcHBEWgGElw6Fbi9AuRMSDRwkDcOTGBohx2fkBvpMznU8tRRFe9HgSn8qnJDxmjxJsDUTW4cXEnFVMO-83WC1NV0w7QqlA7Y1jhpf__FQAeaRUkG8Jhf9SZYRkXYMFSUdniuxE
Protocol: H2
Server: 23.35.237.56 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 02 Oct 2023 22:06:58 GMT
pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEHplsTI6OdQqUzwU5gtWVY0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C87
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjRkODAzYjctZjQ4Yi00NzljLWIzZDAtY2NmM2VhMTNhNjc0

170 B
188 B

122ms
111ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjRkODAzYjctZjQ4Yi00NzljLWIzZDAtY2NmM2VhMTNhNjc0

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
server: akka-http/10.2.10
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjRkODAzYjctZjQ4Yi00NzljLWIzZDAtY2NmM2VhMTNhNjc0
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Mon, 02 Oct 2023 22:06:58 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1E78 41 KB
14 KB 345ms
34ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DidXCxKGkRUMD6NVTOkANJP_9yB5NFgk6_EJiQUCDYQSXI4ETnZNd4novvVekBmQZL0nRXlloq2WaXmJzTaI57mW38fnfrm3_SJ_3T-yg3z72Xi8nWfVW3Yf44e5GatdsGHDuIHwRBVFKF-qru5gg72zg7ytDCEH3qZr9GOPVS4FL2Zc8&cry=1&dbm_d=AKAmf-ADYhKCSc-ONWIxAzT-7P6rmjWUFA7kQBQVvUcAyThFR-T8zkr2cgJAfCz1UaPTjkmdMtiuwYAP6zDVwPzNqvvuxzunyZu4oE_vgroR9ffhC14VCzkDVmCFTtjrw6ercxdAO_GQlCFacs5bQjUMQy2y94bA2FKEpAnteyQGTB-bse6ZgdaZMT1-xygt2gkaHyG9uSaw-X2EsTVRM7BIPQSSXEbd7VcO-q1wFko8zxMSfUL7PnFBf2TMOLhonRQOBZepBton7BerO0HT_XLYzgytmXaaNBQbIB_k6R4hzgNHlrxI14M--Wns5EotbW028IQE6wsqp-eNtg62kcfTVImIl_MDS6K0Vj_o_QeA70b2peshp1ThMVlGgt3Zw6-EZ0KzIOYhEz2DUDR-TUk46Tj0KqRWKs3ZpPbJemfuLvdvKYCraNh7Znay59uB97BZ1DefbuAQoS362L2GNQX9G0l7j3CBz7thSydWkSzXM4erpCsEwqVQvyqz4TxuTPki2sDaGVcS4DserB-ULLOWC8ViLKYDcO0u2jOjs1yPv2LQ-aCIiAQ94XLzrxDDa6nE0PXFSbauJOWQKK-CfqCjKEJkW37M2pU1iYFcBlVnNUm9UsDeMWZx-hzZoMy6t4O4H_NvvPPIE7u9orTtmX6jXxIdM70BISFRGtvcmks5iCY7vcY_S2iWrTmmU4KgW5lgyhLZUjoBIex8fE_12yX9LEPYrrI15dJ2Z3aKm6zZ3Bq9tCHkmqAF4L5c3OPtiLlkyuC7EIxVg9EslgbJ4p5lYwOJPNH1tHwj9rRdnwUn1a0SaWg58Y-fwIShMqOd5ZpAATzWOYQHdHnpWGlfXyepwmeK694T3bPAMd_i3fG0sCT7wEkmcQrigVV0sQP8Sgh5VFc8qU4mWQqt6LzRNZcQIdsY-3dCd3LPl-HoJeDmcejp0mK-q2xqQ-ec12ZdDN2fndKonBqPvE476bQw_3a5_O2r42UtzajcQMl9xGy6vzIbYK0lEJ8irbeidz2DBR8sbK4fC24I0nlttg78QPkKEvmJZ9OJxeiqUqZHHYitNx62pZq8cbhN-jx_dy19vrRj2PPs_DGnm79IUzontU1AVvm36uj0iPAhkNRxgJvxnoeNNK1fBy_1SVHSAl5f5sqTaCE-91sGttrMbRHk67smaBQ94qB5Ag-baOSgTZiUs9D4PU7HfwjCwlXZLwX7ITreMw07mqFphdNsl_dsyQssFhVh3q4Oglc0LbDj5Y2FJ3-OpTfMh43LYon7s1-4OblU_aENWZEfRpNya1M40tXgCfofd6YYF40shLVYdyt0sL19vf-_oJ0ZFBlPb1EifqTstB9hzQZkpS9UHC8JoJS51cLY1xI_w3tQx6_cMfbMx1hOcjJs86PhOwiFM6ItjK3lE3ppRy3ttDryplhja4jKrwncn9HH-vxCQCxZgQTlqy2KjWjxOceSoUZXyFPJNrhuoWDTWGz4sXUj7wUnW1_f2EREIV0thJ79cJN12ZSVi4pJdTxokKcipeRB1XRuz4X-kcabTzg7HKRRi4PZhHxRYcTJp9VYxjGVu4V-Mbz-J5INZfqwc65rgzgUDW5axY2l5zho12MWsaWvnkmyZNCRW4XIgNVobeIkYDlr0f4F_MgMcj16SddBmhApPIKMXvIRCi9dVWW9dblFpQOEnMj5j3snwxKCfxsPEKizup8XQ7rsWUh6w_ZK0GUzd8TfqOLTLO9rXfVZOc8z2Y2yWouzScupQpyiMT-csLVudMdDH_g2bsKaXYhfgk0zSudVzTr7kUqbYGPhksXt502o107l-n1VkYSv3-lnlWMfwO3w9aVV4Q3JaZtCtXrATChquvnA4FHrk7NZmLDWUXw-W37rNUIqSt6cORCfVy-1-MWAmev-ZWa0165RqnuyYm0B-EhAgJ3H-0eA0AdmOqOLf3Vwusw64T_FcCQxkPuC64Gf9SEJA2D_-K0gOwN99t-PFg207yj46iog6MiNhGSrIVLdRvRnskKks94ahNgsKyeKnDKbR9gYzKCrFL8rlq-Yud-Hf4T2PYhZ2RRdA91D5egjWPGuPctltA2ZgDCRqNUsQK_B71_NSLOWjVSs-m0BVBTgNhBlGri_TH6o73chvRWug0snqET1YsVddP9_SUTcfhUxwtELsV8loatzEPaFSZk1UQkESggXl-QrainDdOn4enkFMKURlsU68ev3qP1pG-gC1eIo6-vybmD2SSLQcZEb36lWHP2_AW1mPgOMaJ_Fsw6v-ktTCS_yBwTJEs2EtnPgliAvpZv0BK2PjJcMejO7KtKz_JzLPFn9NNEpzLxz_0QK2b4MmoIRlIiE0uJ0xsyZwdRDKad0RU1_r_ryUjj4ZKtEb3EcoDEbceCKaooy5qjcNws91X_QH2dlZxIEGAbk-biAEkju9w3C7VQALSvAcAEyUVYPCbw402-PP3Jt23JC09cCaBJ8uzjQcXRK-ZwVhPH7ps5AoIXwPZMOXvU01ie8XAeuiclY3A2F5C26fuP-Rm63YtfRoRPP2oIbH6bx_EJoyXszg6lr9T0-VZZaK1FcTyEMLqyqlQi8G2HYR68Pp_kkj3HQOOYvrzG9EyBwk7FKoK6lDeTonS0raUxXRaWQtDT34LZGI-POaQoclSVYszlB5xb9QtwKLjpmV9jDguQkwLk7CZOl4Y67lEjnsQ1EPDBzmY3ZAxSbV9Jr0lIMT9G3iMTg0tHWx4zTCIJ5YctPSJa4PI17CSW4r9gYcKSuQrDobLYGqTLrpPsflmWDOHS_ksDgUpEqQsmIEcvpTMd2UgrbCXVeKS6C2hUsQyjXYEKNHmB6-ZTAC9dff-3azejW8P-A8VJ5QjjxaDy4U11oyzCXGi_JaaLXnwxP5DcOg9vveW0OAmek_kuAq9vN1mSFpZQiXuzEe80r8Aq5cbngFNiMEQkjk_5-Ar6IvL1Mrc58q572lVVNMEMv2u8OBLo2nOotRlnacPl1iYKNgzTji9JXMc56YYGscf82vDy82hCNYUFP-2AHBn6lc55ETrrm2H4alkc9STzlVd73bWZ1gTo0wjND3dmH2NndWCgnAIFDWAQnUHIC5xRlMWPiq7iobDdXRstKe-H4VubH7l2XxWpBFY1wOopWbKO_05qVDs_JKWjBjlsZGIM0Cfa3PJtF7KRKeWdFi_7DK1t0XgJqHo4kUro8tbUGltq8DDoNm-XGKxPJ4URPYukJ4R9pYOLfGVcrCnBOcckmrhAE0eosJbv5nZQCSilvKgf78ovthXyzdLvk-fUTuK8Z_dxLTLRGw13uELl27_ltWRBO28DG8RrmJMul3b0blOmP2UTkzAA_BfOnGKddYl_5tvfYjVSZgd5uwC_nIfK4CqYDQ8nsIBSCWxoN1ejSUElLi7lm3TBbl8JaHVXQ7VD_kr7VLkB9IdYZW_qlvZUg4zaqMDHPmmi6U_Uun0NrfY-dJPtGRew2y87rca6raO7EZGTJVB5LavgzvyH5Xy923lurNTRVLp3wR-JcbGd3rhijpgslwbyGwV7V3KV8VFyhI48mDSS2EEYGeTKBjb86iaQDRgJpY2q8c_jiscgip910L-4FfsxPFWmhO-qOlx7I6TkR2Xg8v7A0FRMTbOoJsdUmqXcgO2ZyjgP5Mj99R5ePmIMSuquMoa30vEgjjlK2E1y9OfHDQ46X5fO0ShNBnB-nTe5TrfeOGi1syXNHd6sTOoYJWV0g&cid=CAQSKQDICaaNmsXJCVo9Ac-Saw2b0AoumTGbZKwxsCjwWgdl_dkI4WlgTU73GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=8495324371951075000&adk=4022746785&idt=184&cac=0&dtd=76

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 426921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Sep 2024 23:31:37 GMT

GET
H/1.1 200
OK etoqsikfebn1 Show response
hal9000.redintelligence.net/zone/ Frame 1E78 11 KB
4 KB 1300ms
715ms Script
text/html 138.201.84.244

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/etoqsikfebn1?subid=&gdpr=&gdpr_consent=&rnd=1696284417362995&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh4edAT8bZfOTFsqQiM0P14GDeKblvaBp7Y2cp8kP8C4QASDTy84wYJUCyAEJqQLMHPVS6pyxPqgDAcgDmwSqBPABT9DgOoxYjOuSgbHmfFQz4uVvmG6YBz8EoOpKtvUsqnvzSbOHvW52u-1VLXvwGYQGWeDbqLLif60-yJbMgC5QbRiWih-iba-6W0lBKclwjrmACbEewXhbWn4TGx47SLLVZggiyVrpg3hO33-iQePcTCpj1mqmqh8DDpnkh7hxbFIMsjPERCsNlvUXuaNjyV01siN5z2HDnO56RIw8w9yQ_hqxoRRzmkeFStB3XxqYgi3vloODoOyMUkb6qHSwKylkEUjjzPq50oaswj25rO7habjOHBGgLou5VUS723ARsVerXad0vcUf4OIibcoES-MlwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIs5iK8a_YgQMVSgiiAx3XwAAPEAEYASAAEgK3B_D_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmsXJCVo9Ac-Saw2b0AoumTGbZKwxsCjwWgdl_dkI4WlgTU73GAE%26sig%3DAOD64_3M-gNpTiliXhRYAdNT2boDzqhDwQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-BWiiszezRl0ffRA1mAAg4mnOiw_2m1Rqq7ZGYOShdHE5hXkfd4fpav0Z6vQ1Phl7qvj28oDmzal-CFOHFmDql7ZWCqXwpDI41sQFfjBTecJ1O8gbAIuOZpJqRCe0dMje7YOZnYUrjrb-wfsnwSPqG_2mWxdIvVPL5cZO96Y61tW0FZbfE%26cry%3D1%26dbm_d%3DAKAmf-AzfVWzqHpz_3LRjDZtOgw9wNLA6kasUblq1iItCNX6Cmv_7ptLkwOuYxpVnrciEJmDAJPpBNkRFrwQ7BXAS_I-IpEYiOFZzV6pLARaaUc64xwg7IlZMTjhWt3X-qE8KYnktfwFDHcKpZgxT8uFx5Vz_-A_lv9iuKBp1iipS5Wk2VUrH_eLHIO6LhHGyg0GbsNHAxfvzq1TtGWRMAu-WfvbcH34GUq3cMQW_FT_O3siRrKrsSVONTAHNHhtg9M7Ata2ktZM4rz1ly8QIVLLwtb5wu0lN-1pOoj95jX_D1WHM78PrYecR4NNHY1o7aTZ1eB_LUpQ-cTnZXVkIDTMUU1lvGxUR_ZmOWZGU81_DDebiGWxWWJZEgXhKLpuAueGu0cbLjqFQR0qKkUIczFSs386tOXc9fPXC0P8AYujE6Ruo8JNkz4NcfimHH8KZS-i_uXvasLFVpJAL-Uv_OgTrggghIvwoC3EpHaJBmxaoISsMRgJHC89s03IbuI3SrW037n3C9MG1TJrIcMmByyq3xbWR6XywvzotdWFBUn6BHIODZbgauM%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416370&bpp=465&bdt=249&idt=723&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44802209%2C31078363%2C31078297&oid=2&pvsid=674343852142438&tmod=1108981091&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.nh2g25xcfuqc&fsb=1&dtd=816
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a9fcb2d46652ad940d27a495ceeb22ce9a2e5567a69e75c281d3e83ffb12851a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 22:06:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4152
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET

partner
sync.search.spotxchange.com/ Frame A37E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKD9iCz-zHXGDEvYOqSbwc&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame A37E 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A37E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS15T3c5aktORTJ1SEROejhOWkhDUGdzU0M1MndIeXJzNn5B

170 B
188 B

72ms
63ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS15T3c5aktORTJ1SEROejhOWkhDUGdzU0M1MndIeXJzNn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiVuML1ATAB&v=APEucNWBJdNZb1cG92SS-h2SyjioWmEN16SVLKAqSi0n7_ZrWn2fa3XCmw58qoNB6h7ooNBo1w-2klI3C-t8G2qxMoet6iX3ld7vBi5rXKBZ59xmidTRm_6YcK-hs6SIGnLEN0ioe-ouRcVFTTZMZFq9smVO7-rn4ikrgT4AlN8ROEMm3PjCpZg

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS15T3c5aktORTJ1SEROejhOWkhDUGdzU0M1MndIeXJzNn5B
date: Mon, 02 Oct 2023 22:07:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

partner
sync.search.spotxchange.com/ Frame 1504
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKD9iCz-zHXGDEvYOqSbwc&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 1504 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1504
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS15T3c5aktORTJ1SEROejhOWkhDUGdzU0M1MndIeXJzNn5B

170 B
188 B

71ms
61ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS15T3c5aktORTJ1SEROejhOWkhDUGdzU0M1MndIeXJzNn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhi9hsHjATAB&v=APEucNVdLocKe8ZFBqb8uFsrGqbY4jFVhxJ8GNy-bkjzy4z9fqWVnEmb9hFUcJ5FDlpbGJfA5sFhlWCqJoDSLXiXCi5NvFwBzY4YEnUABQ0_jfFkdI9OFdFosGTz6X26tgjh_lCnhi0SPDJqs_M-JkZW5ximoGvvX7WCBRb47g1lQgokd8vE9_0

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS15T3c5aktORTJ1SEROejhOWkhDUGdzU0M1MndIeXJzNn5B
date: Mon, 02 Oct 2023 22:07:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1BF 0
20 B 216ms
204ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5168335600233&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1BF 0
20 B 214ms
205ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5168335600233&version=m202309260101&ct=76&x=1&cor=7616871572526923000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C1BF 89 KB
37 KB 198ms
176ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUwwPY-XZgKUd11GpWub9Jjh78-l7hiUVBkbrZGfjSBmWGKEYmAR5mnE4VdIINJkRIacIA1bMnwKDOQj7TtSSkHZLDyQ&cry=1&dbm_d=AKAmf-BZQ_PeA4x5sgu0olRWNyG6bt-oNSeRXKNpNO_Q-P6ajcz8G0VdcnN33g1cTx_2BRVDOgNZMvW_G9aGPAGDv3C_IVcAx_x0UYt-9_7K6FB81AHz4zhnVcD_XYf8vyAluz-Ly4TYAFSokA8klyImu4gq0uzgLuhqP72ZhwhY2zOOcEZLIJ9gQURm55IgboRaEklH4Y0G2mm0bgx2UPrTCbv4NKezBjnHPs2Yt26vzDIHbqnI4EtsAfVJIhpjAmwSrqk4T6fUSoU4AdFASL56f09SCY6lOiym8S_-RphqeqwQ-8vk-76KAFfwFnhx7oOScU43iOThfXeekenCBR4EOsZ-i5VvTe8VuVi219KSqZDMCgZoPJ7eBSfk1xc8K8ik-4tXlhqRGwSXgGoWLSRKB8kEX6qyVaHMp71Umm7ecXnDq0-OBK8y7h5yCWHJsY-6ql4IDZzsJ-dZzcoB20dnfbAUT8ATK1IIVO0pIcTbmpBx5SFgevYHqfjEvtCHkFy4JjZlzKbagUOdrZTgzpUSopH5UrhKkrcB3jjN_b6_TraJVyNY6FDDC2O-3PkC9-qqqqSyuvPt-_p5m7pA2Eh3_LJF72_b-P0ovIgMsAAVIy_upmnNXSArcwRug24HitTz7EzIdrFlImKKrTcQG6GVaBQ4-8bV7Ru_wFPKl_wygIEfhHkYJcpMcNa6ru7Cbc6DJQXswK0-vYB-dykpIo-EdWk1BB4hcVqI0sQC5n0ldi87ipAp5XNuTnL5a7N34ctfA9vd26LA1zYTRRWe09m7L6xFRiu0yXFX0yEUCeW24birIq95HN8fhlrvLBcW91Hxy-zvP5o7Cmk-nYb2l9JHMJO5PS_6R-8RZFZJJhtQsicE7gGJB5Po1xG-0j1vIgJZsOkP1AjPjLw7oHN5WrYdu07mjMy-5c2K-bVN6P9oA1BsbGVOFt772qRdV8b-VirUqSLlX_zUIf4b67DFWQkZs1M328Jblx-OHQbM-Lzw-P7GO33U5gAZW1iZ57WUpVErxj6fHP41zidoZ1rmcBVT6L4KlVOh4zYM9fgmD-n3hMWKcQ7UC7RFeLOU4RslB4tpr0M9Vt4VpbyzSkHEx-Tk98nlklogoQPKlMNoQOgL3amXhLHq-CHIbxTA-z603SIsyLVcUAePEAWPRSaV6ZBa3gfslecvXa3MjvYOZV19cicxXv4kP0b5A8nyD-BoiV_9QF5yFpeVCeAl9PcFLCnZou4Vjy5ULJp2fcDkS6xpjo1kcXtyNF9ru-efdPo1N-YWDTwHoAMgHVmHrVaZ6F4y2mI2ZcQ-WZ-o1ekHAtvArofYV0p98GblQa9d84gLzElI6402yTfRv4E2pFzMYe9t0zHAXV2953OMMgfvgYHyYp9sgM0YpMxfpkX-7458JMipmM6PVgrSRqqC5YD23TzvDfn08twSIIJHCC5xa9rNQxFOiuO1U_VaSu2yMMMAdW4ZOCE6rPV5DVt1W_IOLkbIqkHOFMxZn6sFQ0iW-CrEpFeAkfcKFKlzCx_SvMI6xCRsmDqgr7AuTPAgUZeFps2Z2mViy23kfnxvkIflue_twj06z9TBhUGRCiykpfT-s03nSMGkPFEzGTOgKBt0zMZw0upWAUsRcZSD0JAHDTJ6sEx1ET6qsiyvS0cRib1eUF_ptkzU_AziptStQU1UWgkn2AQK0-S9k_VDSrGNYTxvdd01ipbq6bGAwWqGEBQuxHTuGiHkhXNMIzRQYomjKuIHtCpnR9F_GRRSjihoe1-ZNOn38H8LIYPwyc-w0eVWG7oJBN3W35hFDKAqb9nX1_-xISAwvlGa6UaQ2qhySxAb_G5rfV-Lkz3LhKWrzy9hFUeALQX0ch8gK2vREJuonsEjQPxwqBEvfB2YxF9kCLOjKi7n81uGYQoJ98dCeBnkMVGE3-W4qxF_Pviwyvpmn0NxX8DjKLmiNzuqeDgMY2zj3kSILiiyI9O5AgTabrbHMayEz4gFrvCoKRU4aDX_y0GZhTMXDCxw5QOHYJvWDSaAoY7-Mbo7mZR4LhIbuf-meQe6scmKq4y6OuaQ5W_JH3qSbTHv_v43yyormMEfpJ74Fp2bWgxmWzY3pmBz5TjLUHN_nc8Mdgul_NSHq2_jZvBqdTPbtv6oojgCElG71G1lc8ZeUG5yioE0Thti1FGjTp6zjoXGsoDHZWI1bRaUZ8D1c6g--Hwcots0FHMqSufQSRdHFjXSNKwGAfhIaWg2WzwZnvNXQ19y0X-ajjDxSVOcjfoNZ1f1t-bfzt4xLTIm2BPfW_R1rR4zTE_D27L9OUcZsg1O-EIVKNV7wc6B7ZEcbmwfRZ42vokbSnuFZpRx_rJBWTT7RfKjrNB8w0jPos-AVhGdC_sqwdTLyi7PU7iIJSmhSAf_psWc3jXoT4Z9ZX670eYVooYwb4wBC9WMR41n5idPLUgUIKuWvvDo2W87dAMhS-5EquSsmIUbeH5SRIOX1S7YZ8vUB4TUlZuCWy6v64Iyy6VE-A8jEzi3nBX-WWHeslBWRwC6XJ-2LjseM-BXRGUTBWRgAweOZBdLJh5-SdtLCOpVWOgGiydZqe78a41AxKDr51hD8Jdl9NrrUgTB1ncF98zeYArNpmKY6BvIVxiV0Uib5ObdUk9g5PSEcKfdeteC3fLIeI4_OpeGpf8XYYBQ88HHXmHLdQzLZw7wPJyqSGtvId3GROxOgxMyxCIfmVXZQ0GcBNfCf-lNZFBXhR2ReJFY3PtTifgGI6pxvN4tHdpQMS5hmsc206aLAU1MllhkUNwt7nUeYdrOV3i0Jr7zLJvlt2ho0goSywrYGmw7wsIh7diPlX7ce_fsOa15lVsZQxXdq1O86FAiq7HexVZAJ9U5-46iGhlBR3qVe6Jrqo1IRjC9poNdzEJWdFqPHDN_C-lZP5BQW1D3JJL-4Mm9BsKo7LsvQj_KslXNIj5sm1Q8WGUROyE7XBd1jwgDydLeDMC8fRgDCZ81bjjLQmF9zDZJtCa5ZOMSj07GBK4zbgOWsaMuUt6iPXxZbqhNRkBXRLFwd6PwJCAVOEHZjZc8EbW4HPF-7v_Ix2LUVILtNInAD7az2DVrGZ0-HfbswaOmQvFZzF241Lb6c7h156krM6QKgfYwN3Sh89Q2F--5mvyq-YfUjd4NvuFomyywJJakEy2B3-0PXrb8Z1jdc6ouwVUC-HZFkUQV6zUdEbB7DzhoQGsTChov_AIzInTBprNh3ZWSOQymv-8O0fIuVewsgZFrZ01SFp7oqn20qhOMOdxiQKVm3c6lYGMjkfn7gtz2YlLceTfotqXF1ibDCQpbYqskXAF7sJ6bs_EaBg8yK7jgrcP2J0j5mGnzQ-B_ciqC9c6Npkh8FkMwYj9_T0D_RnUywGuN2IGNlayolRftreWyqz_Eollk10JtWVqlzXl70t0N6t4YyPvpPd3n5YT9T_TuftdBzES-8YEZCp6t30At&cid=CAQSKQDICaaN_6iD_tedOZaf9Y0DMabIvKCJaYa4j9MAdnSgtTiMZVe0QwL7GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=7616871572526923000&adk=2993637451&idt=431&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a35f35f62d3080dd2652b476e351f84b1324719eacacd9c3b6594f9063ed0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046729&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416472&bpp=584&bdt=354&idt=1036&shv=r20230928&mjsv=m202309270101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44803491%2C44759876%2C31078258%2C42531706%2C44795922%2C31078273%2C21065725&oid=2&pvsid=550367111497294&tmod=2104231237&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.m8xkzx8ml5rm&fsb=1&dtd=1172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38109
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CB4 0
20 B 210ms
205ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1998739366569&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CB4 0
20 B 208ms
195ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1998739366569&version=m202309260101&ct=119&x=1&cor=16457825925526997000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0CB4 88 KB
37 KB 195ms
181ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZo9LPW4JT92wnPJbMrJVN0_oZmBvXSVFDc22RLF0znAP3Ks1idLfJ_6vyb5YmM2evcNyrmxx9AIKbufTpL29Bp-pVsWSB70zJXrtp1jI-Y_sSVHheEYNFIj2eEH6sLOyHE9NgkTLXnLVrHPv39jhNj-DxumgDsf4rrtjOM0b5cQgl3p0&cry=1&dbm_d=AKAmf-DC65_VOkkwl3nvzoAI_uLuLUEkyTKTqBCLHdikMI6moXRtYCVxxlgUN103Y1MvzBJ43vXF28YXjYJLJtdhhSJ3aWDhAzGSv2_Ro5nkDaXbKn9HxQfKFbKhz7KGKJgZNXsGr_3iPw7Z7_GPek0ukvQtHOF62W06VDx0Jwm4KCFQIZg2JXUkp5GSAaPBlMhpKQICZ2A6blm3gVygsD7q9b1LhW1oCW7yMwPEDnfTUuTmRv4bPbRTMut4go0hQaw9sVX_3ZUYSwbBGEVl1diB9EC5e172wMEMdGCWScKggXcGx22VpLc0cfgvigVF4SQy8sXU1powDAeXOc3WRdepLLJbfxNYr0mtNjb_qPxZuG_81TDYaOywKxyvNoMEfetVVHf77h55dmH7SrEZMytU6-oy8Y2cO_u93tWobKTz6a0yiXCt8A0P_J3R3ljkYIWlwFUripOnTZ2nAzbFIMgnD6Uy4AhIWEUypAG10KdFoG651CXD8-skjL9S8kz4Afe2PIF7wc3HMIxXCH9vV--3sM1y3UNI039ZAK2OWrrvTRyzPFsXCYGqxCCkYzGov8IZ4k9x4mXeKjYTYZtXLPmPbw_b_ln-kkhkYZBhv6TLCF0ZS-XN5Cuksuo6hUFbcjVJnz097GhhCs7O90CDZLOnLWN1IRVEnkvnSnI9LrxJAiIFhHVUWhZi-8bYuViDPtsXFr9hgdL1fEEmvV2Hm6inPBJavO3LpPF66XNxRrx-Kd2EMTvDqBW3RZ20F2VuumJfQkDNGKFUZl8LpW5CdjG4ClsGth7HUnJ_RKl3ODxXo0BEKHMDPnMeDEn0x4lPtYXAf0HmfaQDpHyA0tegSWWcSVRD0fTBZ74O7HZxLsSoYKLBrpFDGqFLJH6zC907ftrrDgmvSeCZ8lwXRTKpg_IReCjPofWfAZqJiKArOzobqvwH55x1NEnXGuRYzdejktsAqi_hIeBDLJdK0abby7tCZpwSdyEgRaZKK-x-OIn0BuvzF8gfFFdnNli1GlYDv0CxUjGyuJ1K2KqNN8S5ApyPO2ARX3XVnJKvjN5KVDivRP5bo0sUmEjT3p9RGBCLee4Pp-SrJq2_lFRoDnuz5RQipjTAWNRNjILhvL_5gEtEi0npuuBeSO0f-ODeRphQjzoE_3PafZS5OOqPsWQ0ErfKRq3XLsCBh7BFyJmwBBbvY1H52R2Jpu204ybUsTv3wtZyUmBfVweRW87zEO3Tg7OYWLIsOwYy85a0Hf1xYxlATCvXvGTft8FLo95Yz_ww7WzqghV-S45huSINhAqCPBhdFm8M6JkmHUXbgYtr-saItSCSjHiiCyGTqV35DyPkQ7LMNh1rHMadP0eLHYzw0pESnw_Qwpq4ghRf2HrUcGGWApjG4Ca9zc-vPtDU3Bgl0GaeTvN0m7u2f9q48NLSTwL8NHBwvHgLQabJcj9U_QaA5XaLamKdknsG0q0f7oU7bwzW6MhaVl6mg5iehZXewv9iiMZH3-1udJWHvEBJmWb8sSjf8xK7M42p76kGHan1Cvef50T1qeZQB5ZhV3XZufzUJAUvl33ei_ltTbYUKZaQLTfToFn-MvdfbqbEGEyGjylxA3KcocuOc3TZTZ-1MFtQV6DfgTpbuMGjpX6SQxYoxePtYKafHvTaqI5u7k4rr9KbqY3iXy3T_ic4IppxhjtN5ljeSGGSeyynOtfvH7t1jur45EH3-0LqBIFhLPfW-xcgEervn8MOzpyHbMh094_gkJKCMAYKz9W-UNpq0gKx7bGfAmbQp0NP7x7tHu4bHwV3VHndHC4zty0k2BdFOyeYW2KZTvD-09T6lkZXM54A0h2OEwZqpa1MH76KrDPzwcGL6d0GhFjJLWa9NoSYNkA3Whl1AitqNkZfNYybTQxI-a8EBWC9U2S7hIp2_kQSthMtPHF_opJg5GFToqnZBQwEua9LP4ZeXUGf1ng7wj5XTgMbPlynvyCws9SNnC-4u1bh3vqGeSD7Cp38rRTzUoXHr0_rzkwcf-q2ob1TIm5ozfvVJzP0eODr3obxzSDdgt8ohOBS3RNEdUud7aJverU0GKFibIcJHzxCmSkFswwCy7Hyc2HTWj0I1-XEPZXQ94kZJukO8gt2b_CebwvWL2ykV5cON1OyvcaQISHyd4UjiMPKdBdR0RH_II5V1jVzqmnOsv2OC5iupbAA4E61lotqaNZf6xfqoPFaXUoRxHD1vX5EZl6Z0htP4nNlBf2pkQ9ofgYKq-mlo9q57GbZDuH4DUVHngpjr0yiwJSVf24725HDs2jJ_m-OOkib8lKqSDe4AOYw49FI5LT1hW1eSlt1OEPYochtZ5IIV2DfwVeS1Pc1XdFxrDgjidxY7OjOl8QSMDe0B-tv1kZ2Zpl_DjCBr841uuNPENsoa_fTYzfiBk9XnZlx97pgo5knO2hVsK1ct5KaVDUA_2s5gp-N_wT20-MkJpPaVsBCXqWjD2kefZMZOvvUQ-cm8iifVtBqOIkK9JOl-Cv7QsPiWNyE8D7HwguBXNVdkitSViy6E01hmzy_O5Q7UCNyqB5WsAmyGkLnXQa4iREoT2eCQhagBwoqgXJDxQb7kWyFxIMeqJTN31LGBne1bOG8fsOmJ0tQ9h6bjjQHinnwAgkPJYjkwuNpt4FyK6PFklHjYopWDyQldPS3y8rweHBJ1nBtNPBeXVDoX2WljJ_jr7TotoX90Kze7V5RcBwlPqdMovHzEGaDK03XWTrcKVZJWEGhkKV_qjn4D4nHbahcqpRID3P8oNUVRw7oynxPThWmsEppWbj5nIMtDXw1yQ--4uDy1iWLTN7l_bbEhIsSQpixVgXfCqaXDjMgA3CFMv4AMs-9b0NlHOVzWYJIZnz1Q-FSBS7KFvRru5EBHNRUPojnEY6XTLrsxCIGI1TljfAKXIuJu-WJVSLj43GuTjyP0mPIWIsDGTdHpBGerwzS7VWhzlysCACc5nERLs68XOPJ6QF2LDZAfd9uq4_hXlR3TfPzPxeaO_YuX7RK3dme6QzZb5lbld2ikuDK_tn_CpfLMMO--BlZ7NTI5PDMVbisWP7vwSkWPIRiKr00sB8QMfbTF_sMKbk782IRBYw4M5W5ouPNYMUkVvPSYLZwfmcP1jehsE6bOJWbytPENR2tZozkI28F9S0N9AdzqAfCXqTEiDMxe1wDb4vpd6moEveDUlKyrbbplPreXZexlY7GRb4W0W8fQMomJF0e2bqYTXb6tbRFYU0P6EBP6PN7XPgVfCdWdu6uzCFJD9ALazLGGNTmHCxYIQb_5l1Y-IrZW7XO8XWYBMqsqKzY1bLI4EDtOb6AoFk_PlX6k2OLwA5QBJzZZTQxMb2kJ-7wBClPwGBiRp1fN4HXFxe36OQwdJSgFTFNvguvP6_ZLYCoWLfphW1zjGaCmBfrD0WMwuNt--12fJFRxCAKYtXyh2zTPxBzqaEE3Lrfv5dER7GXi3JAKecfovgLIhlzRCH55p_ZMhkqYNFAD_BtWmw4e2-c5XEXFJfn8goK9HRd7AJ7U6fDohXJkytOpOxzghCgV_ng-sY57o7Hac_ofP5BEpHLxrk&cid=CAQSKQDICaaNMWIT8QCN4mDZDwQ9gVKX46hi17_ZZLbIKFwKH09Go3Q7ceG-GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=16457825925526997000&adk=2307692975&idt=482&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed42f35661bd645e6e4ebe7de01c98cfea2b2a97db63d37d110c2d4ddf4954b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046731&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416399&bpp=586&bdt=312&idt=1282&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3296754740&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31077328%2C31078202%2C44801992%2C31078297%2C31078320&oid=2&pvsid=1126824095258659&tmod=870526254&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tebbifqzo4sw&fsb=1&dtd=1367
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37747
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2DC4 38 KB
13 KB 230ms
39ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 58948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 05:44:30 GMT
expires: Tue, 01 Oct 2024 05:44:30 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B603 41 KB
14 KB 150ms
70ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dmkf1QX5o4AaPPcV95EKUNJkgf9KvEtQAH_Vb7GkxvZEAFuixLDHNaE4_jLxpsXQFSk0XJiSpEJdZ0xEnez6Gmm39FenVYLkGek-V7cUJIYXe3yQwzqZDo5iwhLJnir1wkgZdlemCm8SdOf2OuhSqyAlZEHRKWhhsyImi8GM_T_SoCdWw&cry=1&dbm_d=AKAmf-CzpgH6ExtYd60t480Q9wPMm6UZH_F1ny8QqpBFpE9zU5yRoF5WH4aWxpG8ibxNlplPzNJy1xB1BOqnwOSPRQDUqrPXBxHJ8IyB3uRboRz2zsG0eB21Ox31dgNCKXK9chus3VLhlGql_9dfPNUFhmenEKdAYiqMspChvzQg5V2E-4shKjdF1DpIJlO4I0KJshVK-QenNaK8nWOO2NqpWnMQzqpfenk92DVBCSGgqRIRFHUbAYYkGL7IF1-g2QiUe5JPfyZnVVeM2GJ9ojj62bJWAp4nSCnctb5ZHcgNYSANbmaxCu_Xy1vmDDS2OPSPi2-jEjn-9CdRJtNwKz9gS5MbVW_lTeIb8J6z5-9j_4HeSjBqHYjaFnrbSdxekoH8GM7Gg7sc6LDyj703B4f0odzvpUDWoYiDZwX7SlRfo6GgPEj4mg5jfvUBh7AWwf_KEXyQdaixgxK-eb-NdA0LIN-JMpNSJi7yY4_jtbFQZlj7ZbHhNOvw5o_jPGtE7gLy1UXVlwSSO6iqVM9qxg7-iBnccFocPew-l8fSLVZbhE0czbn-qdNxBUm0DgWeB4z0z7Niq02OwJQMM5KSiZdBePgaYH1mvF3HYkCrG4anQfImQtO9LveMjnRqhVlXY9lIDWqgUsxnecqHMo__vW9IMNq9Xd3yUBJblEegR2KZMp22Vh_pH0cY5ysvZvYkL5ffYg_qJr_pnnKjuAbW2ERwB1bGG90RMxRr3GyrCECmAomY9diUSNosvkcO2Bur1EIIfTPQ1jtTJpk7YTvQfAlgpJ6xW4aCTw7sxupOdlj1o6RM-M17yfm5XBtduNiO_vfJedh1XrAK9d2b65aAb3_RCISS2dax2jr9d5s4OYU7e4AfVvHpUBoDhQAAkGConMPFJTWGrI6B_rJPdIfcG2OZrCP7NmEZkulHU2O23l84Q8hjAagAKiHcdCRNgsPbuvDChXRFt4hJeDl8MRqN5z284RKM3Kf6mBcHYw2gBrNaY2HbaP0Qw6FKiSHKMdjC6SMytx4rkIbRZnVGp-F2ryFrIWoV9bhY4TefVAvbRQUfvDRMiWPSDhZERxqkvdguG6HaIw3Lq4BqJKHlzhcZ8BEesgvMjPo2YqBA7fMd2Egb5oUXiTjaN0gjUV4zvFO1ryFXETwQ97Z_KDHKeouUBXSdbTX6HUAQPCCTTidqvIsaluLf0A4229APwwQg3oe-h_DSwr2zZ882LTHsTO57ghSypJ__RO-Fz-utryGpEp5lBy6qmoyZxD537i0o9Uz0utdMc-uVAldhiQVtX9V7TRZustZVG2dDs4CPzYr6moAgm20j0sE7w8vb_rstZfknVH3lc-tX2_Z5FASBAFrFc5bcTiTVngrQTJqPdgT-j1G_5EPdFXVkJANc77iJXULo477oea7I6adIlUAGJ7x_pf_fxoQdR1L2gsS61tPmEM27UlBx-DbOfyEvmVtDSbHqeLBLearYMttbByXOMlndeYOCU_6q1mMSFLBuP2v4GMrNWPZt_l-u9_LLzk-Ze-EHas2oaxTfUwETyosH59oxGwnlBDrqZhsvPC_xw5qUzwCeV9tixz1sYFvnZlahs5WrfFj0BdF_NNe0XaUNj7nL1_mUcr9Q_XG-rhPYGpbYO1jPqT1i3z1L5GGn-JbtpqjN4KoUCDiN_N5t8aTTvefCSKftB0Dj78Ai0KNKd-L4GZmeRXutGf3C8YXyN1sTV6MSW9yE0sI4taWiByTn1GbwtSNCTSujut4Rasey_OZ3wanEaD_LGFq0we39MOrTKkpmcq4lGVUSmqjhU0FEigOdMZcldaXyvh5vF9FZM0t5r9prkgUvjHtyfZU9iudOneCBDuqAIRIe-3gu7DTktYdjDJvC8leOrxfmUE2DTjQhR6flmhcqePtItJPHckDOL--5pYcXyS0N7VjzzuM4TdzBh5JvUpZiIjWdEZwh-yCRl7hFh0_lC2MzxwDlg4EMuMycBU3y_n1asnJE_c5h6mjYJxsif0lNsUHVHbtj5YMoFoFpF6oKmr1BkQxiHxvmRpns1qacu_50WXPQ5aCwTZH6HT-J2_EbAtNqN3tluo5Hlv_jeuy2E_1aNw2DUGDpTM_ENDcIELk72rAMsARNTvj9pvzzCbRqTjqYt0P1dhbL3vnZmAJpM7NU06EiX5pnL7Hta9-POpKgi9WhcQ9qhV0fHPvu4CC2V3DEv3JG9oidcWXnAMVOfkizS_tbKuI2LSSN7yKJrnVpFU7I_hqCjDTyU9HxhsIyDt9KGH8_7mBMuVfUGWCl_sY37VBonqwOsFfmyYXcSpDkmdHq2AYNtlvj7ih3H7qscX8EgTg6hgwJOehhlXaMR-HOW1svLZhcZ_1gAbbq470c5Wvxs_4j2WjvC988z3hIqNZw7n4xrpy1pOqwTNYJs54_VFZeMVA6eDQbQNicinkaGaso2ucQ-BjU4bSMFrdcsMrk5MWJ_4UPiUQ6uyApNNUwhn-HxPywu9uk2fsFcdAxZQQrUyinnqnOlFuKR6WR5oju3ffUyTnmoaz64p4yNYG6Zf1we5f6WAV7MEclfLXCByCF-7CWjzi-xSmU_-JugJzPWPf0r4XlKo4SejKO5sZMDnM2d5PGlonZYtRyl4eRJchtrkQiHImAwD_q2SZnKKw5O0QC-ddZ3i_vUszBXyaDKjXG3IrW-3OUkZv_YhY9q6Z93JHlf_-S1yyJhf14_Gzt89RTNdsRkkrzA8gGP7COaC6-4taeHKR7J8bxcZeZ6qkrnuWDMwVfuMVGW-AggE56TDROrgAVsavTjIZ1bFdtCdWzWQeF4--g-Li3FSzmaI78cBpldJFBGUKzjifCuJH0Hc--1tmqvfvkiwLEA0-0oBaCiPoiebjRhWEY3FbA1uIXhORcz884iCkIN50_PhvPlNXk8EYMogUx1t1_-L9zDGgT2NUb1_n07GEwf2FUMUT15kH_lo14GNDUbVlXyi4lzvC2zH3nWW8G87umKxtsFbA-dfVopre7m0n7avrjLZIdoAbwkeXxxnzOee8dpPo_JVPRkhmLJ1ORiyyuRwGFFrhpkLjFng-8xk6_7zNpRad8xWYiYNdPBiT-Xq6H_BkPgpbOLMfiKFJqKmH1tbi6xFKZDWYtHo5_aCnid8krfiOA1Isvyf7xc0_EJjCrFSjBiPz_Ghg29nQEoRN5NsOWS56KA6irQcAxBqNyNptIy6vrUREuwl2SyUBOTEzWfqX6go4OVs-Q91KTbHqoO7PyMX--OQKDfj38ixTLIMDKl4g3ExpTDNhnnLxX8ELbOC8LpGJY5dRYtOvKlcjDr7qSZtFKB4JtYyO1Fz8Hf2fgb968dE-uFefm3gg2MXNAkefBjN7c0LEdRy1WZw3vp3cE5QHvP9a8KI3d8qrWLHdo-3R0ZD585vHmsBDE4COTCV91bGDTX8ug7T68iEOKwl8h_1VwXNaDi1C4sRDu1xaC6DRECKGL5-YThGJ0apkRtnZQ-kKHa55E9MDnDW-8UHKQfrBN5dWDHoV8-ZhaoygTXXptcJg0u_vzt4sGq3slydL4x8mpj2IAHg3szyDnGdB9kF_LkpYBFjo3Lym0rdSo6utEuBZMRVhvSuk1JEMz8K-cN2ZQ5YwEmmD0757Q7L31IJ9ErOTRv-QkSUPn7s_R1ucknWbnGHQoXrnk_ZTZlEvpnk3ks2hAkCYH-wCipKuPb3cYert0fnEkHbQwvyGpOG71&cid=CAQSKQDICaaNsIbGpyFAIVxBK4zNDE4TjrwUAhdO8CUMFvaa0jXGnb-b53sFGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=1955136241202316300&adk=2124396030&idt=375&cac=0&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 426921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Sep 2024 23:31:37 GMT

GET
H/1.1 200
OK etoqsikfebn1 Show response
hal9000.redintelligence.net/zone/ Frame B603 11 KB
4 KB 612ms
58ms Script
text/html 138.201.84.244

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/etoqsikfebn1?subid=&gdpr=&gdpr_consent=&rnd=1696284417588629&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvpVAT8bZdX2I7GYiM0P9Nia2Aim5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCzBz1UuqcsT6oAwHIA5sEqgTwAU_QXl2uNy_l5eVotACSHF3bZYc_LONUrUGLIvvrpixBG2F9EAfU2YqodwkU2r8jtEdG8mGd0Go4U0bL9kXnTdM4Xy4nfA_Rf1yHNwUh2tr-rhLd0szgJM_BAxlQX91pQvnQDvt_GW9HmSbRDcUF0sJvgsK957fQWAvTn50KZF0DQ8UP67qkgbK5xBl1PQLXP7SkC6Fig8AtVJ5B0Beb6pW6EopDSEYRhcnpJg0Uo5oqPm45r-tLR8X0kDsfwXdDEqIM5nP9Qj25qCATS1eVy8W3i1aHNYsOLGeKbc9-9MTPPkhEJrvFjExDUcK7aH7tr8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlfuX8a_YgQMVMQyiAx10rAaLEAEYASAAEgKn_fD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNsIbGpyFAIVxBK4zNDE4TjrwUAhdO8CUMFvaa0jXGnb-b53sFGAE%26sig%3DAOD64_1IpXFu0EJXgAAJ43ilebmH74dAfA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-ADVwgA-k1YwmQybA1ca4_Xp2l83i6pLGeZo2GB6JiRJ9OErDdrVYwllRSNwk7kl3bGQB9flS6HNIIir0unegN3LjRwEK3hd03Fvjbfr1zt9q5bLFRqhIyGvoY1RfkoDjW5Tqh9bWfmHfC5vsY_eo6s9ZwJdUxOAu2l8g6-2SGRxYiB4Lo%26cry%3D1%26dbm_d%3DAKAmf-DxiGJI4jlx-FOzSJ3SMtSKvgH9vj01zjRbNEUb0vl5vyH3iQNHrHiv390OIYMsZE964VjhLbtK-I9OTPLGODC95UPA9K0brcVUnvzmhD0oHegoH4pTE6pvOiWfIve_lKKux1IhFTOT09zhYSgLWxhEaocmKxjoKGMshI21ezpdAEPf9BDTsMvrKw3yPiIgJBXCgiuS8FUv67NAkFkTEsGi06T0tKR07SSi47hJ9OUshW-WbTYFxZ3my9-HKS7LvgBXDbn7thwYEEwmubA-XfUmnDIPRhb9k8URhpZr6GAP5zJgoM4bSA67K6cvSvHzN_2yE0cYOl34nk6TYrmTe3oArRSdVSoczcnW_F7Ld_dB3307CeIsH6SSyUXl0JLqVD50B7Ml3jF5O7VmJAK-XA6zZHdipezThvVv5DDVSpsDUjZri_QNfbIp-nNzJJf6Rpi5ZY7WeKv40bQ_IU_4rhd642SrIgPfhmT_JqRNKP6_Wc6Kf9AdoM_amvHBAbcncEMwB-DgrSQifI1fOU31LncT3JD0CiWHr9y7ef9oGB3ZrAelKXs%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 27bd8369720d58daf2feeb897a838db3ee06d64205a4a2b91d4f4b2a7e61ef85

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 22:06:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4146
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C1BF 111 KB
39 KB 1157ms
63ms Script
text/javascript 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 21:04:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame C1BF 11 KB
4 KB 46ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUwwPY-XZgKUd11GpWub9Jjh78-l7hiUVBkbrZGfjSBmWGKEYmAR5mnE4VdIINJkRIacIA1bMnwKDOQj7TtSSkHZLDyQ&cry=1&dbm_d=AKAmf-BZQ_PeA4x5sgu0olRWNyG6bt-oNSeRXKNpNO_Q-P6ajcz8G0VdcnN33g1cTx_2BRVDOgNZMvW_G9aGPAGDv3C_IVcAx_x0UYt-9_7K6FB81AHz4zhnVcD_XYf8vyAluz-Ly4TYAFSokA8klyImu4gq0uzgLuhqP72ZhwhY2zOOcEZLIJ9gQURm55IgboRaEklH4Y0G2mm0bgx2UPrTCbv4NKezBjnHPs2Yt26vzDIHbqnI4EtsAfVJIhpjAmwSrqk4T6fUSoU4AdFASL56f09SCY6lOiym8S_-RphqeqwQ-8vk-76KAFfwFnhx7oOScU43iOThfXeekenCBR4EOsZ-i5VvTe8VuVi219KSqZDMCgZoPJ7eBSfk1xc8K8ik-4tXlhqRGwSXgGoWLSRKB8kEX6qyVaHMp71Umm7ecXnDq0-OBK8y7h5yCWHJsY-6ql4IDZzsJ-dZzcoB20dnfbAUT8ATK1IIVO0pIcTbmpBx5SFgevYHqfjEvtCHkFy4JjZlzKbagUOdrZTgzpUSopH5UrhKkrcB3jjN_b6_TraJVyNY6FDDC2O-3PkC9-qqqqSyuvPt-_p5m7pA2Eh3_LJF72_b-P0ovIgMsAAVIy_upmnNXSArcwRug24HitTz7EzIdrFlImKKrTcQG6GVaBQ4-8bV7Ru_wFPKl_wygIEfhHkYJcpMcNa6ru7Cbc6DJQXswK0-vYB-dykpIo-EdWk1BB4hcVqI0sQC5n0ldi87ipAp5XNuTnL5a7N34ctfA9vd26LA1zYTRRWe09m7L6xFRiu0yXFX0yEUCeW24birIq95HN8fhlrvLBcW91Hxy-zvP5o7Cmk-nYb2l9JHMJO5PS_6R-8RZFZJJhtQsicE7gGJB5Po1xG-0j1vIgJZsOkP1AjPjLw7oHN5WrYdu07mjMy-5c2K-bVN6P9oA1BsbGVOFt772qRdV8b-VirUqSLlX_zUIf4b67DFWQkZs1M328Jblx-OHQbM-Lzw-P7GO33U5gAZW1iZ57WUpVErxj6fHP41zidoZ1rmcBVT6L4KlVOh4zYM9fgmD-n3hMWKcQ7UC7RFeLOU4RslB4tpr0M9Vt4VpbyzSkHEx-Tk98nlklogoQPKlMNoQOgL3amXhLHq-CHIbxTA-z603SIsyLVcUAePEAWPRSaV6ZBa3gfslecvXa3MjvYOZV19cicxXv4kP0b5A8nyD-BoiV_9QF5yFpeVCeAl9PcFLCnZou4Vjy5ULJp2fcDkS6xpjo1kcXtyNF9ru-efdPo1N-YWDTwHoAMgHVmHrVaZ6F4y2mI2ZcQ-WZ-o1ekHAtvArofYV0p98GblQa9d84gLzElI6402yTfRv4E2pFzMYe9t0zHAXV2953OMMgfvgYHyYp9sgM0YpMxfpkX-7458JMipmM6PVgrSRqqC5YD23TzvDfn08twSIIJHCC5xa9rNQxFOiuO1U_VaSu2yMMMAdW4ZOCE6rPV5DVt1W_IOLkbIqkHOFMxZn6sFQ0iW-CrEpFeAkfcKFKlzCx_SvMI6xCRsmDqgr7AuTPAgUZeFps2Z2mViy23kfnxvkIflue_twj06z9TBhUGRCiykpfT-s03nSMGkPFEzGTOgKBt0zMZw0upWAUsRcZSD0JAHDTJ6sEx1ET6qsiyvS0cRib1eUF_ptkzU_AziptStQU1UWgkn2AQK0-S9k_VDSrGNYTxvdd01ipbq6bGAwWqGEBQuxHTuGiHkhXNMIzRQYomjKuIHtCpnR9F_GRRSjihoe1-ZNOn38H8LIYPwyc-w0eVWG7oJBN3W35hFDKAqb9nX1_-xISAwvlGa6UaQ2qhySxAb_G5rfV-Lkz3LhKWrzy9hFUeALQX0ch8gK2vREJuonsEjQPxwqBEvfB2YxF9kCLOjKi7n81uGYQoJ98dCeBnkMVGE3-W4qxF_Pviwyvpmn0NxX8DjKLmiNzuqeDgMY2zj3kSILiiyI9O5AgTabrbHMayEz4gFrvCoKRU4aDX_y0GZhTMXDCxw5QOHYJvWDSaAoY7-Mbo7mZR4LhIbuf-meQe6scmKq4y6OuaQ5W_JH3qSbTHv_v43yyormMEfpJ74Fp2bWgxmWzY3pmBz5TjLUHN_nc8Mdgul_NSHq2_jZvBqdTPbtv6oojgCElG71G1lc8ZeUG5yioE0Thti1FGjTp6zjoXGsoDHZWI1bRaUZ8D1c6g--Hwcots0FHMqSufQSRdHFjXSNKwGAfhIaWg2WzwZnvNXQ19y0X-ajjDxSVOcjfoNZ1f1t-bfzt4xLTIm2BPfW_R1rR4zTE_D27L9OUcZsg1O-EIVKNV7wc6B7ZEcbmwfRZ42vokbSnuFZpRx_rJBWTT7RfKjrNB8w0jPos-AVhGdC_sqwdTLyi7PU7iIJSmhSAf_psWc3jXoT4Z9ZX670eYVooYwb4wBC9WMR41n5idPLUgUIKuWvvDo2W87dAMhS-5EquSsmIUbeH5SRIOX1S7YZ8vUB4TUlZuCWy6v64Iyy6VE-A8jEzi3nBX-WWHeslBWRwC6XJ-2LjseM-BXRGUTBWRgAweOZBdLJh5-SdtLCOpVWOgGiydZqe78a41AxKDr51hD8Jdl9NrrUgTB1ncF98zeYArNpmKY6BvIVxiV0Uib5ObdUk9g5PSEcKfdeteC3fLIeI4_OpeGpf8XYYBQ88HHXmHLdQzLZw7wPJyqSGtvId3GROxOgxMyxCIfmVXZQ0GcBNfCf-lNZFBXhR2ReJFY3PtTifgGI6pxvN4tHdpQMS5hmsc206aLAU1MllhkUNwt7nUeYdrOV3i0Jr7zLJvlt2ho0goSywrYGmw7wsIh7diPlX7ce_fsOa15lVsZQxXdq1O86FAiq7HexVZAJ9U5-46iGhlBR3qVe6Jrqo1IRjC9poNdzEJWdFqPHDN_C-lZP5BQW1D3JJL-4Mm9BsKo7LsvQj_KslXNIj5sm1Q8WGUROyE7XBd1jwgDydLeDMC8fRgDCZ81bjjLQmF9zDZJtCa5ZOMSj07GBK4zbgOWsaMuUt6iPXxZbqhNRkBXRLFwd6PwJCAVOEHZjZc8EbW4HPF-7v_Ix2LUVILtNInAD7az2DVrGZ0-HfbswaOmQvFZzF241Lb6c7h156krM6QKgfYwN3Sh89Q2F--5mvyq-YfUjd4NvuFomyywJJakEy2B3-0PXrb8Z1jdc6ouwVUC-HZFkUQV6zUdEbB7DzhoQGsTChov_AIzInTBprNh3ZWSOQymv-8O0fIuVewsgZFrZ01SFp7oqn20qhOMOdxiQKVm3c6lYGMjkfn7gtz2YlLceTfotqXF1ibDCQpbYqskXAF7sJ6bs_EaBg8yK7jgrcP2J0j5mGnzQ-B_ciqC9c6Npkh8FkMwYj9_T0D_RnUywGuN2IGNlayolRftreWyqz_Eollk10JtWVqlzXl70t0N6t4YyPvpPd3n5YT9T_TuftdBzES-8YEZCp6t30At&cid=CAQSKQDICaaN_6iD_tedOZaf9Y0DMabIvKCJaYa4j9MAdnSgtTiMZVe0QwL7GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=7616871572526923000&adk=2993637451&idt=431&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:53:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame C1BF 30 KB
11 KB 130ms
126ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:53:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C1BF 41 KB
13 KB 116ms
111ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 313714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8535 1 KB
643 B 394ms
150ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 52106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 07:38:34 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 07:38:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 0CB4 111 KB
39 KB 1149ms
116ms Script
text/javascript 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 21:04:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame 0CB4 11 KB
4 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZo9LPW4JT92wnPJbMrJVN0_oZmBvXSVFDc22RLF0znAP3Ks1idLfJ_6vyb5YmM2evcNyrmxx9AIKbufTpL29Bp-pVsWSB70zJXrtp1jI-Y_sSVHheEYNFIj2eEH6sLOyHE9NgkTLXnLVrHPv39jhNj-DxumgDsf4rrtjOM0b5cQgl3p0&cry=1&dbm_d=AKAmf-DC65_VOkkwl3nvzoAI_uLuLUEkyTKTqBCLHdikMI6moXRtYCVxxlgUN103Y1MvzBJ43vXF28YXjYJLJtdhhSJ3aWDhAzGSv2_Ro5nkDaXbKn9HxQfKFbKhz7KGKJgZNXsGr_3iPw7Z7_GPek0ukvQtHOF62W06VDx0Jwm4KCFQIZg2JXUkp5GSAaPBlMhpKQICZ2A6blm3gVygsD7q9b1LhW1oCW7yMwPEDnfTUuTmRv4bPbRTMut4go0hQaw9sVX_3ZUYSwbBGEVl1diB9EC5e172wMEMdGCWScKggXcGx22VpLc0cfgvigVF4SQy8sXU1powDAeXOc3WRdepLLJbfxNYr0mtNjb_qPxZuG_81TDYaOywKxyvNoMEfetVVHf77h55dmH7SrEZMytU6-oy8Y2cO_u93tWobKTz6a0yiXCt8A0P_J3R3ljkYIWlwFUripOnTZ2nAzbFIMgnD6Uy4AhIWEUypAG10KdFoG651CXD8-skjL9S8kz4Afe2PIF7wc3HMIxXCH9vV--3sM1y3UNI039ZAK2OWrrvTRyzPFsXCYGqxCCkYzGov8IZ4k9x4mXeKjYTYZtXLPmPbw_b_ln-kkhkYZBhv6TLCF0ZS-XN5Cuksuo6hUFbcjVJnz097GhhCs7O90CDZLOnLWN1IRVEnkvnSnI9LrxJAiIFhHVUWhZi-8bYuViDPtsXFr9hgdL1fEEmvV2Hm6inPBJavO3LpPF66XNxRrx-Kd2EMTvDqBW3RZ20F2VuumJfQkDNGKFUZl8LpW5CdjG4ClsGth7HUnJ_RKl3ODxXo0BEKHMDPnMeDEn0x4lPtYXAf0HmfaQDpHyA0tegSWWcSVRD0fTBZ74O7HZxLsSoYKLBrpFDGqFLJH6zC907ftrrDgmvSeCZ8lwXRTKpg_IReCjPofWfAZqJiKArOzobqvwH55x1NEnXGuRYzdejktsAqi_hIeBDLJdK0abby7tCZpwSdyEgRaZKK-x-OIn0BuvzF8gfFFdnNli1GlYDv0CxUjGyuJ1K2KqNN8S5ApyPO2ARX3XVnJKvjN5KVDivRP5bo0sUmEjT3p9RGBCLee4Pp-SrJq2_lFRoDnuz5RQipjTAWNRNjILhvL_5gEtEi0npuuBeSO0f-ODeRphQjzoE_3PafZS5OOqPsWQ0ErfKRq3XLsCBh7BFyJmwBBbvY1H52R2Jpu204ybUsTv3wtZyUmBfVweRW87zEO3Tg7OYWLIsOwYy85a0Hf1xYxlATCvXvGTft8FLo95Yz_ww7WzqghV-S45huSINhAqCPBhdFm8M6JkmHUXbgYtr-saItSCSjHiiCyGTqV35DyPkQ7LMNh1rHMadP0eLHYzw0pESnw_Qwpq4ghRf2HrUcGGWApjG4Ca9zc-vPtDU3Bgl0GaeTvN0m7u2f9q48NLSTwL8NHBwvHgLQabJcj9U_QaA5XaLamKdknsG0q0f7oU7bwzW6MhaVl6mg5iehZXewv9iiMZH3-1udJWHvEBJmWb8sSjf8xK7M42p76kGHan1Cvef50T1qeZQB5ZhV3XZufzUJAUvl33ei_ltTbYUKZaQLTfToFn-MvdfbqbEGEyGjylxA3KcocuOc3TZTZ-1MFtQV6DfgTpbuMGjpX6SQxYoxePtYKafHvTaqI5u7k4rr9KbqY3iXy3T_ic4IppxhjtN5ljeSGGSeyynOtfvH7t1jur45EH3-0LqBIFhLPfW-xcgEervn8MOzpyHbMh094_gkJKCMAYKz9W-UNpq0gKx7bGfAmbQp0NP7x7tHu4bHwV3VHndHC4zty0k2BdFOyeYW2KZTvD-09T6lkZXM54A0h2OEwZqpa1MH76KrDPzwcGL6d0GhFjJLWa9NoSYNkA3Whl1AitqNkZfNYybTQxI-a8EBWC9U2S7hIp2_kQSthMtPHF_opJg5GFToqnZBQwEua9LP4ZeXUGf1ng7wj5XTgMbPlynvyCws9SNnC-4u1bh3vqGeSD7Cp38rRTzUoXHr0_rzkwcf-q2ob1TIm5ozfvVJzP0eODr3obxzSDdgt8ohOBS3RNEdUud7aJverU0GKFibIcJHzxCmSkFswwCy7Hyc2HTWj0I1-XEPZXQ94kZJukO8gt2b_CebwvWL2ykV5cON1OyvcaQISHyd4UjiMPKdBdR0RH_II5V1jVzqmnOsv2OC5iupbAA4E61lotqaNZf6xfqoPFaXUoRxHD1vX5EZl6Z0htP4nNlBf2pkQ9ofgYKq-mlo9q57GbZDuH4DUVHngpjr0yiwJSVf24725HDs2jJ_m-OOkib8lKqSDe4AOYw49FI5LT1hW1eSlt1OEPYochtZ5IIV2DfwVeS1Pc1XdFxrDgjidxY7OjOl8QSMDe0B-tv1kZ2Zpl_DjCBr841uuNPENsoa_fTYzfiBk9XnZlx97pgo5knO2hVsK1ct5KaVDUA_2s5gp-N_wT20-MkJpPaVsBCXqWjD2kefZMZOvvUQ-cm8iifVtBqOIkK9JOl-Cv7QsPiWNyE8D7HwguBXNVdkitSViy6E01hmzy_O5Q7UCNyqB5WsAmyGkLnXQa4iREoT2eCQhagBwoqgXJDxQb7kWyFxIMeqJTN31LGBne1bOG8fsOmJ0tQ9h6bjjQHinnwAgkPJYjkwuNpt4FyK6PFklHjYopWDyQldPS3y8rweHBJ1nBtNPBeXVDoX2WljJ_jr7TotoX90Kze7V5RcBwlPqdMovHzEGaDK03XWTrcKVZJWEGhkKV_qjn4D4nHbahcqpRID3P8oNUVRw7oynxPThWmsEppWbj5nIMtDXw1yQ--4uDy1iWLTN7l_bbEhIsSQpixVgXfCqaXDjMgA3CFMv4AMs-9b0NlHOVzWYJIZnz1Q-FSBS7KFvRru5EBHNRUPojnEY6XTLrsxCIGI1TljfAKXIuJu-WJVSLj43GuTjyP0mPIWIsDGTdHpBGerwzS7VWhzlysCACc5nERLs68XOPJ6QF2LDZAfd9uq4_hXlR3TfPzPxeaO_YuX7RK3dme6QzZb5lbld2ikuDK_tn_CpfLMMO--BlZ7NTI5PDMVbisWP7vwSkWPIRiKr00sB8QMfbTF_sMKbk782IRBYw4M5W5ouPNYMUkVvPSYLZwfmcP1jehsE6bOJWbytPENR2tZozkI28F9S0N9AdzqAfCXqTEiDMxe1wDb4vpd6moEveDUlKyrbbplPreXZexlY7GRb4W0W8fQMomJF0e2bqYTXb6tbRFYU0P6EBP6PN7XPgVfCdWdu6uzCFJD9ALazLGGNTmHCxYIQb_5l1Y-IrZW7XO8XWYBMqsqKzY1bLI4EDtOb6AoFk_PlX6k2OLwA5QBJzZZTQxMb2kJ-7wBClPwGBiRp1fN4HXFxe36OQwdJSgFTFNvguvP6_ZLYCoWLfphW1zjGaCmBfrD0WMwuNt--12fJFRxCAKYtXyh2zTPxBzqaEE3Lrfv5dER7GXi3JAKecfovgLIhlzRCH55p_ZMhkqYNFAD_BtWmw4e2-c5XEXFJfn8goK9HRd7AJ7U6fDohXJkytOpOxzghCgV_ng-sY57o7Hac_ofP5BEpHLxrk&cid=CAQSKQDICaaNMWIT8QCN4mDZDwQ9gVKX46hi17_ZZLbIKFwKH09Go3Q7ceG-GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=16457825925526997000&adk=2307692975&idt=482&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:53:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 0CB4 30 KB
11 KB 91ms
68ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:53:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0CB4 41 KB
13 KB 89ms
66ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 313715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4CCC 1 KB
643 B 331ms
150ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 52106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 07:38:34 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 07:38:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0CB4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45e1ba1ff44ae99b197af9e8d8ca6316e9b37b8044426e054fc956d4bd0709b9

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 171B 38 KB
13 KB 323ms
157ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 58950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 05:44:30 GMT
expires: Tue, 01 Oct 2024 05:44:30 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DC4 38 KB
15 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 527322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:17 GMT

GET
H/1.1

200
OK

request.php Show response
hal900024.redintelligence.net/ Frame B603
Redirect Chain

https://hal900024.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e9c4e53151&subid=&uid=c72e4c185c458d78&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900024.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e9c4e53151&subid=&uid=c72e4c185c458d78&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
936 B

241ms
127ms

Script
application/x-javascript

138.201.84.252

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e9c4e53151&subid=&uid=c72e4c185c458d78&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvpVAT8bZdX2I7GYiM0P9Nia2Aim5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCzBz1UuqcsT6oAwHIA5sEqgTwAU_QXl2uNy_l5eVotACSHF3bZYc_LONUrUGLIvvrpixBG2F9EAfU2YqodwkU2r8jtEdG8mGd0Go4U0bL9kXnTdM4Xy4nfA_Rf1yHNwUh2tr-rhLd0szgJM_BAxlQX91pQvnQDvt_GW9HmSbRDcUF0sJvgsK957fQWAvTn50KZF0DQ8UP67qkgbK5xBl1PQLXP7SkC6Fig8AtVJ5B0Beb6pW6EopDSEYRhcnpJg0Uo5oqPm45r-tLR8X0kDsfwXdDEqIM5nP9Qj25qCATS1eVy8W3i1aHNYsOLGeKbc9-9MTPPkhEJrvFjExDUcK7aH7tr8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlfuX8a_YgQMVMQyiAx10rAaLEAEYASAAEgKn_fD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNsIbGpyFAIVxBK4zNDE4TjrwUAhdO8CUMFvaa0jXGnb-b53sFGAE%26sig%3DAOD64_1IpXFu0EJXgAAJ43ilebmH74dAfA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-ADVwgA-k1YwmQybA1ca4_Xp2l83i6pLGeZo2GB6JiRJ9OErDdrVYwllRSNwk7kl3bGQB9flS6HNIIir0unegN3LjRwEK3hd03Fvjbfr1zt9q5bLFRqhIyGvoY1RfkoDjW5Tqh9bWfmHfC5vsY_eo6s9ZwJdUxOAu2l8g6-2SGRxYiB4Lo%26cry%3D1%26dbm_d%3DAKAmf-DxiGJI4jlx-FOzSJ3SMtSKvgH9vj01zjRbNEUb0vl5vyH3iQNHrHiv390OIYMsZE964VjhLbtK-I9OTPLGODC95UPA9K0brcVUnvzmhD0oHegoH4pTE6pvOiWfIve_lKKux1IhFTOT09zhYSgLWxhEaocmKxjoKGMshI21ezpdAEPf9BDTsMvrKw3yPiIgJBXCgiuS8FUv67NAkFkTEsGi06T0tKR07SSi47hJ9OUshW-WbTYFxZ3my9-HKS7LvgBXDbn7thwYEEwmubA-XfUmnDIPRhb9k8URhpZr6GAP5zJgoM4bSA67K6cvSvHzN_2yE0cYOl34nk6TYrmTe3oArRSdVSoczcnW_F7Ld_dB3307CeIsH6SSyUXl0JLqVD50B7Ml3jF5O7VmJAK-XA6zZHdipezThvVv5DDVSpsDUjZri_QNfbIp-nNzJJf6Rpi5ZY7WeKv40bQ_IU_4rhd642SrIgPfhmT_JqRNKP6_Wc6Kf9AdoM_amvHBAbcncEMwB-DgrSQifI1fOU31LncT3JD0CiWHr9y7ef9oGB3ZrAelKXs%26adurl%3D&documentReferer=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=4601939364799&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005
Protocol: HTTP/1.1
Server: 138.201.84.252 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7cf26dc4bf4319b83ce5941c06ed83e8b6046bdb208eca56d3043b688cb6cbda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 22:07:00 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 31322700001547304444552012466024
Connection: close
Content-Length: 330
Expires: Mon, 02 Oct 2023 23:07:00 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 22:07:00 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e9c4e53151&subid=&uid=c72e4c185c458d78&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvpVAT8bZdX2I7GYiM0P9Nia2Aim5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCzBz1UuqcsT6oAwHIA5sEqgTwAU_QXl2uNy_l5eVotACSHF3bZYc_LONUrUGLIvvrpixBG2F9EAfU2YqodwkU2r8jtEdG8mGd0Go4U0bL9kXnTdM4Xy4nfA_Rf1yHNwUh2tr-rhLd0szgJM_BAxlQX91pQvnQDvt_GW9HmSbRDcUF0sJvgsK957fQWAvTn50KZF0DQ8UP67qkgbK5xBl1PQLXP7SkC6Fig8AtVJ5B0Beb6pW6EopDSEYRhcnpJg0Uo5oqPm45r-tLR8X0kDsfwXdDEqIM5nP9Qj25qCATS1eVy8W3i1aHNYsOLGeKbc9-9MTPPkhEJrvFjExDUcK7aH7tr8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlfuX8a_YgQMVMQyiAx10rAaLEAEYASAAEgKn_fD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNsIbGpyFAIVxBK4zNDE4TjrwUAhdO8CUMFvaa0jXGnb-b53sFGAE%26sig%3DAOD64_1IpXFu0EJXgAAJ43ilebmH74dAfA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-ADVwgA-k1YwmQybA1ca4_Xp2l83i6pLGeZo2GB6JiRJ9OErDdrVYwllRSNwk7kl3bGQB9flS6HNIIir0unegN3LjRwEK3hd03Fvjbfr1zt9q5bLFRqhIyGvoY1RfkoDjW5Tqh9bWfmHfC5vsY_eo6s9ZwJdUxOAu2l8g6-2SGRxYiB4Lo%26cry%3D1%26dbm_d%3DAKAmf-DxiGJI4jlx-FOzSJ3SMtSKvgH9vj01zjRbNEUb0vl5vyH3iQNHrHiv390OIYMsZE964VjhLbtK-I9OTPLGODC95UPA9K0brcVUnvzmhD0oHegoH4pTE6pvOiWfIve_lKKux1IhFTOT09zhYSgLWxhEaocmKxjoKGMshI21ezpdAEPf9BDTsMvrKw3yPiIgJBXCgiuS8FUv67NAkFkTEsGi06T0tKR07SSi47hJ9OUshW-WbTYFxZ3my9-HKS7LvgBXDbn7thwYEEwmubA-XfUmnDIPRhb9k8URhpZr6GAP5zJgoM4bSA67K6cvSvHzN_2yE0cYOl34nk6TYrmTe3oArRSdVSoczcnW_F7Ld_dB3307CeIsH6SSyUXl0JLqVD50B7Ml3jF5O7VmJAK-XA6zZHdipezThvVv5DDVSpsDUjZri_QNfbIp-nNzJJf6Rpi5ZY7WeKv40bQ_IU_4rhd642SrIgPfhmT_JqRNKP6_Wc6Kf9AdoM_amvHBAbcncEMwB-DgrSQifI1fOU31LncT3JD0CiWHr9y7ef9oGB3ZrAelKXs%26adurl%3D&documentReferer=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=4601939364799&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 02 Oct 2023 23:07:00 +0200

GET
H/1.1

200
OK

request.php Show response
hal90009.redintelligence.net/ Frame 1E78
Redirect Chain

https://hal90009.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=a3751caf48&subid=&uid=2cabc8262947220a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90009.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=a3751caf48&subid=&uid=2cabc8262947220a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

612 B
935 B

282ms
115ms

Script
application/x-javascript

138.201.63.149

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=a3751caf48&subid=&uid=2cabc8262947220a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh4edAT8bZfOTFsqQiM0P14GDeKblvaBp7Y2cp8kP8C4QASDTy84wYJUCyAEJqQLMHPVS6pyxPqgDAcgDmwSqBPABT9DgOoxYjOuSgbHmfFQz4uVvmG6YBz8EoOpKtvUsqnvzSbOHvW52u-1VLXvwGYQGWeDbqLLif60-yJbMgC5QbRiWih-iba-6W0lBKclwjrmACbEewXhbWn4TGx47SLLVZggiyVrpg3hO33-iQePcTCpj1mqmqh8DDpnkh7hxbFIMsjPERCsNlvUXuaNjyV01siN5z2HDnO56RIw8w9yQ_hqxoRRzmkeFStB3XxqYgi3vloODoOyMUkb6qHSwKylkEUjjzPq50oaswj25rO7habjOHBGgLou5VUS723ARsVerXad0vcUf4OIibcoES-MlwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIs5iK8a_YgQMVSgiiAx3XwAAPEAEYASAAEgK3B_D_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmsXJCVo9Ac-Saw2b0AoumTGbZKwxsCjwWgdl_dkI4WlgTU73GAE%26sig%3DAOD64_3M-gNpTiliXhRYAdNT2boDzqhDwQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-BWiiszezRl0ffRA1mAAg4mnOiw_2m1Rqq7ZGYOShdHE5hXkfd4fpav0Z6vQ1Phl7qvj28oDmzal-CFOHFmDql7ZWCqXwpDI41sQFfjBTecJ1O8gbAIuOZpJqRCe0dMje7YOZnYUrjrb-wfsnwSPqG_2mWxdIvVPL5cZO96Y61tW0FZbfE%26cry%3D1%26dbm_d%3DAKAmf-AzfVWzqHpz_3LRjDZtOgw9wNLA6kasUblq1iItCNX6Cmv_7ptLkwOuYxpVnrciEJmDAJPpBNkRFrwQ7BXAS_I-IpEYiOFZzV6pLARaaUc64xwg7IlZMTjhWt3X-qE8KYnktfwFDHcKpZgxT8uFx5Vz_-A_lv9iuKBp1iipS5Wk2VUrH_eLHIO6LhHGyg0GbsNHAxfvzq1TtGWRMAu-WfvbcH34GUq3cMQW_FT_O3siRrKrsSVONTAHNHhtg9M7Ata2ktZM4rz1ly8QIVLLwtb5wu0lN-1pOoj95jX_D1WHM78PrYecR4NNHY1o7aTZ1eB_LUpQ-cTnZXVkIDTMUU1lvGxUR_ZmOWZGU81_DDebiGWxWWJZEgXhKLpuAueGu0cbLjqFQR0qKkUIczFSs386tOXc9fPXC0P8AYujE6Ruo8JNkz4NcfimHH8KZS-i_uXvasLFVpJAL-Uv_OgTrggghIvwoC3EpHaJBmxaoISsMRgJHC89s03IbuI3SrW037n3C9MG1TJrIcMmByyq3xbWR6XywvzotdWFBUn6BHIODZbgauM%26adurl%3D&documentReferer=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3057491656808&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416370&bpp=465&bdt=249&idt=723&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44802209%2C31078363%2C31078297&oid=2&pvsid=674343852142438&tmod=1108981091&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.nh2g25xcfuqc&fsb=1&dtd=816
Protocol: HTTP/1.1
Server: 138.201.63.149 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 403aef0f448998bd58e4e5d998c95ddde4187bf2083f736a942a8bb0c7a0ae9a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 22:07:00 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 96537100001314904444552012466009
Connection: close
Content-Length: 329
Expires: Mon, 02 Oct 2023 23:07:00 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 22:07:00 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=a3751caf48&subid=&uid=2cabc8262947220a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh4edAT8bZfOTFsqQiM0P14GDeKblvaBp7Y2cp8kP8C4QASDTy84wYJUCyAEJqQLMHPVS6pyxPqgDAcgDmwSqBPABT9DgOoxYjOuSgbHmfFQz4uVvmG6YBz8EoOpKtvUsqnvzSbOHvW52u-1VLXvwGYQGWeDbqLLif60-yJbMgC5QbRiWih-iba-6W0lBKclwjrmACbEewXhbWn4TGx47SLLVZggiyVrpg3hO33-iQePcTCpj1mqmqh8DDpnkh7hxbFIMsjPERCsNlvUXuaNjyV01siN5z2HDnO56RIw8w9yQ_hqxoRRzmkeFStB3XxqYgi3vloODoOyMUkb6qHSwKylkEUjjzPq50oaswj25rO7habjOHBGgLou5VUS723ARsVerXad0vcUf4OIibcoES-MlwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIs5iK8a_YgQMVSgiiAx3XwAAPEAEYASAAEgK3B_D_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmsXJCVo9Ac-Saw2b0AoumTGbZKwxsCjwWgdl_dkI4WlgTU73GAE%26sig%3DAOD64_3M-gNpTiliXhRYAdNT2boDzqhDwQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-BWiiszezRl0ffRA1mAAg4mnOiw_2m1Rqq7ZGYOShdHE5hXkfd4fpav0Z6vQ1Phl7qvj28oDmzal-CFOHFmDql7ZWCqXwpDI41sQFfjBTecJ1O8gbAIuOZpJqRCe0dMje7YOZnYUrjrb-wfsnwSPqG_2mWxdIvVPL5cZO96Y61tW0FZbfE%26cry%3D1%26dbm_d%3DAKAmf-AzfVWzqHpz_3LRjDZtOgw9wNLA6kasUblq1iItCNX6Cmv_7ptLkwOuYxpVnrciEJmDAJPpBNkRFrwQ7BXAS_I-IpEYiOFZzV6pLARaaUc64xwg7IlZMTjhWt3X-qE8KYnktfwFDHcKpZgxT8uFx5Vz_-A_lv9iuKBp1iipS5Wk2VUrH_eLHIO6LhHGyg0GbsNHAxfvzq1TtGWRMAu-WfvbcH34GUq3cMQW_FT_O3siRrKrsSVONTAHNHhtg9M7Ata2ktZM4rz1ly8QIVLLwtb5wu0lN-1pOoj95jX_D1WHM78PrYecR4NNHY1o7aTZ1eB_LUpQ-cTnZXVkIDTMUU1lvGxUR_ZmOWZGU81_DDebiGWxWWJZEgXhKLpuAueGu0cbLjqFQR0qKkUIczFSs386tOXc9fPXC0P8AYujE6Ruo8JNkz4NcfimHH8KZS-i_uXvasLFVpJAL-Uv_OgTrggghIvwoC3EpHaJBmxaoISsMRgJHC89s03IbuI3SrW037n3C9MG1TJrIcMmByyq3xbWR6XywvzotdWFBUn6BHIODZbgauM%26adurl%3D&documentReferer=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3057491656808&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 02 Oct 2023 23:07:00 +0200

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3C80 22 KB
8 KB 282ms
168ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 63238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B4FE 22 KB
8 KB 206ms
172ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 63238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 6 KB
2 KB 129ms
34ms Document
text/html 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4571cef1c66f92770825229730d7177b785ccc7ecf91d6cbedbf8dc3d7e01356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 179035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2130
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 20:23:05 GMT
expires: Sun, 29 Sep 2024 20:23:05 GMT
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C1BF 0
0 199ms
88ms Fetch
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso3SX5suRD62J9nNeP696p2QjEBEFU2XI0c5FH0GBsgQ6HLAbHPWdRrwdvRIJhVWWFr1IIZ7ZYj2K0XBf6lHsS6wkc65EPfxip9kToplJ2lytyqsfVOgkTX4DtiXP5Itg1mUuKLPK9v2w9GUSEqeqTfgu4MopsoUM4_b8-ZdOW3H3o1kmdULasWtks3nOXhezHOux55OUvwJwu8Nf__Dkb9y0YH1bZpUV0icX2sNP2BbEQ9MKRcUFRq9Zz0R2C4OPDLHOx8KVNPXUbJM5BIUhCDemn6oynXQ_yzu6DIDQg463WlKlZ30wl2yvDtdUcMaOZNkBuVQ0maG-5SK7hI54ALuaTQkWwACbw_kOFtkN9TelWVQLNfa3SWCczrmrZFdw0KBJLYxzJR4OZu2lGlv910sQ58VbT4b1zWgCI7kPl8tXQKx8nRnht0koZA88mGue0w4nvgfZ5cr6Cz_3JiK_5FDtcaNAOunQf7UnCta3FUtic4Bt5ntzh3rJTP6t5Og_-es7fP4hri0S-woBoV5UdHcd2f6YtHU7t9c5-F2ZvrvScTjb7y1GntP6cqvVuXmSgXYFswsa_iX83a5iXJmQeAJcYM7W_DCAjXM-vu7D4N1pJ0h4bHRgWzxL3QKrVLojiJ2vmYegJio2JRAl_4WJW8QSqOk6bwOWBNI5GJCFGf0-DTR6DSJvwvrVbclJwVATRujXBFOmiIbwtpPDoOUubh1fbP-Mev3V5DWDSgEWh9bvwlpqTyxWPHtPEWaWZ078O9_irLyZs2VaEdfZ_Y10D2WRGKgCRIYvfiicqB-YSVZHEXH0SPssG7yimOVZlrhABfR8OcCLjOfodh37d9OBa4r1KUmbOf7Z3jNiX7Stu_I713ZAMRIzHTRa3XOAn5vhxUhTxa5em7HvO8whUjM-ezLHejJJdS3IiQtQQno5oN3W4X8fVZb6M1SOP9YyJb4laNsdWghG2UILbILHblDf7aJelHxl5_4TeAkMJJnO893g29Dovb9nDHMRMBaRNEnPpWL3WpLMGLDoekOFDmoc1FDh4IWdjQsJGkpXFIY2gZdQpvKOiwe4Mz6F5dp4Iv_VJ6_lbOZVDln8dzMht0df208WcD4kzb8tc-HCS6JrQ5t3l28nXRb0_UGPMvnpTXqxagJj0-Vg87soMvrNzFaYNeInlhijmhIbVaB4DMOlWG-jRQGKacsElimdwN6o8OxEeWja_TTv1RIXUVADOPMPyznfY07-PclQrbYpqVhCyak_BLxkb3l3lHnHnn2VhhgMwkMCm&sai=AMfl-YQBdgl2jBA-cgvGY7ukXH223a7VQVyh2B3RPnspmMsu59Qqm2paq2gBwQBvNkzMKXKyG-bSUeEBR_nRbs18bCRxVSIi5Q7FRIeX7PR9eo6oLAS6w5hqZXec4aylHIEMwLc8_qLpetpm9G1VOM7kpM-sK5hDaaRO68kXdwIHplJkMrXNgaDwASXZEisX36dLi6cPmgM57mFZ&sig=Cg0ArKJSzNVUUoMQlVnjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1398&cbvp=1&cstd=1391&cisv=r20230927.42346&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Oct 2023 22:07:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8535
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB6e5wbF1lSizAdyrhVQm90&google_cver=1&google_push=AXcoOmRqx_kEMychL05HDhUcCaXmlU4MA-W1iXYIm2bhWCYzfKuKWbqD_5jpLI2wh2-v2QQw6trpz8atFkKQ0eL8HbbZjqZhB0IL
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU3NTY2OTk3ODQ4ODEzMjkyMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB6e5wbF1lSizAdyrhVQm90&google_cver=1

43 B
398 B

292ms
106ms

Image
image/gif

2001:678:cb4:bbbb::11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB6e5wbF1lSizAdyrhVQm90&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB6e5wbF1lSizAdyrhVQm90&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8535 35 B
463 B 314ms
69ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOehtMOYbV5BSHAcxF2uVHQ&google_cver=1&google_push=AXcoOmSOIQQvLgvCAVwk7VqO-HJNLHHxNHHMJVX0z27PjZaBEfvjw6pguZdB2EtDGmM3YI1l_kdKj3lgR101jZ-7U4tbzsvftOE-

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8535
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELfyAGLxFrJ2_QhzAB4w_VY&google_cver=1&google_push=AXcoOmRwXOKLxqGmXrN_jve0Zr59tpBV431Q6MQIexZnQtAhDHrbG3ghXcHy0SpmGZm2PT9fZMDtYCp6lv2...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRwXOKLxqGmXrN_jve0Zr59tpBV431Q6MQIexZnQtAhDHrbG3ghXcHy0SpmGZm2PT9fZMDtYCp6lv2oMDRnDHizasug8QZl&google_hm=GRSCq_tjTruRp-KzphO7vhY

170 B
188 B

103ms
82ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRwXOKLxqGmXrN_jve0Zr59tpBV431Q6MQIexZnQtAhDHrbG3ghXcHy0SpmGZm2PT9fZMDtYCp6lv2oMDRnDHizasug8QZl&google_hm=GRSCq_tjTruRp-KzphO7vhY

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRwXOKLxqGmXrN_jve0Zr59tpBV431Q6MQIexZnQtAhDHrbG3ghXcHy0SpmGZm2PT9fZMDtYCp6lv2oMDRnDHizasug8QZl&google_hm=GRSCq_tjTruRp-KzphO7vhY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 8535 43 B
363 B 611ms
364ms Image
image/gif 178.250.7.11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR6d8gW57EqqzfZ20eCUR8UvvuhREi4b9ru18Pg5goDM8DaOHAUke-2KihL_dG3l3eSVg_ParWsxraJ4OTNgZxG-AYAxZtB&google_gid=CAESEKfxs87ibjxzBOTtL3zDtq8&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:06:59 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 228527
expires: Mon, 02 Oct 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8535
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECYfGS8i8EzeA_F4DPjGNBc&google_cver=1&google_push=AXcoOmTFhB91BUdMflr_YAjJ12jyxJ8SEvmUZvdSnr7EQhiB9nB6of119eNxx0XGWhFVNiVxhQE8gXWs...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECYfGS8i8EzeA_F4DPjGNBc&google_cver=1&google_push=AXcoOmTFhB91BUdMflr_YAjJ12jyxJ8SEvmUZvdSnr7EQhiB9nB6of119eNxx0XGWhFVNiVxhQE...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM4Mjk2ODg4NzkwNjMzNjI4Mw&google_push=AXcoOmTFhB91BUdMflr_YAjJ12jyxJ8SEvmUZvdSnr7EQhiB9nB6of119eNxx0XGWhFVNiVxhQE8gX...

170 B
188 B

58ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM4Mjk2ODg4NzkwNjMzNjI4Mw&google_push=AXcoOmTFhB91BUdMflr_YAjJ12jyxJ8SEvmUZvdSnr7EQhiB9nB6of119eNxx0XGWhFVNiVxhQE8gXWsCbAHxm1PqT5EeW6eFxI

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM4Mjk2ODg4NzkwNjMzNjI4Mw&google_push=AXcoOmTFhB91BUdMflr_YAjJ12jyxJ8SEvmUZvdSnr7EQhiB9nB6of119eNxx0XGWhFVNiVxhQE8gXWsCbAHxm1PqT5EeW6eFxI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8535
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_hm=ZRs_AuVXtGgNPYPT1wiTNAAABJ8AAAAB&google_nid=index&google_push=AXcoOmSALzrWOWlv2BVo7hV9Qp1xbsSpoHTYZ...

170 B
188 B

149ms
103ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_hm=ZRs_AuVXtGgNPYPT1wiTNAAABJ8AAAAB&google_nid=index&google_push=AXcoOmSALzrWOWlv2BVo7hV9Qp1xbsSpoHTYZci-EiMYegic0ZcCgfxmn1nXim1NSLjCuKBq0qa1YObQjw8wzWbnaUE1gcpm8Xgr

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQAH7U%2BED%2FbQ%2F5lkL1AXqTAtgz3Ez7tzRCJvwavcrVyserU5AaSNu2bi3ebtzmp%2FQymZ0M22d%2BF36DwSxj1ZLeb0%2FFIBkUxx3vBkJI4FM0yx%2F%2FcIIUh8jXBJ9XUoshxb2kOK48YDAkYxCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_hm=ZRs_AuVXtGgNPYPT1wiTNAAABJ8AAAAB&google_nid=index&google_push=AXcoOmSALzrWOWlv2BVo7hV9Qp1xbsSpoHTYZci-EiMYegic0ZcCgfxmn1nXim1NSLjCuKBq0qa1YObQjw8wzWbnaUE1gcpm8Xgr
cache-control: no-cache
cf-ray: 8100417bfed3f15c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8535
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJw6Ukmke8AC9dAZcLp8TsE&google_cver=1&google_push=AXcoOmRpmmkpmCIszvoOrVboh5OxYEKbR2aG75ao3CgU04VutpgyXKSfY49_e8ka5Ucb14p3yembwqIld0ABgukU...
https://sync.outbrain.com/cookie-sync?p=smaato&uid=0810b101f0&gdpr=0&gdpr_consent=

0
145 B

828ms
159ms

Image
text/plain

70.42.32.255

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smaato&uid=0810b101f0&gdpr=0&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046729&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416472&bpp=584&bdt=354&idt=1036&shv=r20230928&mjsv=m202309270101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44803491%2C44759876%2C31078258%2C42531706%2C44795922%2C31078273%2C21065725&oid=2&pvsid=550367111497294&tmod=2104231237&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.m8xkzx8ml5rm&fsb=1&dtd=1172
Protocol: HTTP/1.1
Server: 70.42.32.255 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 22:07:01 GMT
Cache-Control: no-cache
X-TraceId: 4031be22c54c18b80ee42de474d33b0e
Content-Length: 0

Redirect headers

date: Mon, 02 Oct 2023 22:07:00 GMT
via: 1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P3
x-cache: Miss from cloudfront
location: https://sync.outbrain.com/cookie-sync?p=smaato&uid=0810b101f0&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ZBGSBFJwYkEyXb7b5rxYy-zno8e0NEyBB9K5IICaMJ5bupWd2xpPKg==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8535 0
12 B 86ms
41ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsoJTLzgRffOWlyoliCx0Gq2bMreqt4szsxH2vEQdgTfmU9XWQ30fysKr8QLyM3dG-R5cS

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CCC
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELfyAGLxFrJ2_QhzAB4w_VY&google_cver=1&google_push=AXcoOmTlXMjL2u4UMk5OSJVgcPlIn65afmMXI3HsEoMNHrOKfx-fXzVOXBcQgQNFpbdSd8WypOzgdTKzYSV...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTlXMjL2u4UMk5OSJVgcPlIn65afmMXI3HsEoMNHrOKfx-fXzVOXBcQgQNFpbdSd8WypOzgdTKzYSV2Z_O9JwULx0P4ZbBY&google_hm=p3Ya500CQJavdYrYkVZNzhY

170 B
188 B

103ms
81ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTlXMjL2u4UMk5OSJVgcPlIn65afmMXI3HsEoMNHrOKfx-fXzVOXBcQgQNFpbdSd8WypOzgdTKzYSV2Z_O9JwULx0P4ZbBY&google_hm=p3Ya500CQJavdYrYkVZNzhY

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTlXMjL2u4UMk5OSJVgcPlIn65afmMXI3HsEoMNHrOKfx-fXzVOXBcQgQNFpbdSd8WypOzgdTKzYSV2Z_O9JwULx0P4ZbBY&google_hm=p3Ya500CQJavdYrYkVZNzhY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CCC
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJ9eF7CbfPZg__R6v-EtTe8&google_cver=1&google_push=AXcoOmSKmcDeD3pTgGkUdTWKZVxWsV8thRDvo5weP5HPi6LGQ-T1MNYRhsgjx_GRGmoQW3HPuray-AFjr35AdoKH...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ns6KKSOlRpUxAcAixJbE6Q&google_push=AXcoOmSKmcDeD3pTgGkUdTWKZVxWsV8thRDvo5weP5HPi6LGQ-T1MNYRhsgjx_GRGmoQW3HPuray-AFjr35AdoKHnUuE_nq1Cr6h

170 B
188 B

124ms
103ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ns6KKSOlRpUxAcAixJbE6Q&google_push=AXcoOmSKmcDeD3pTgGkUdTWKZVxWsV8thRDvo5weP5HPi6LGQ-T1MNYRhsgjx_GRGmoQW3HPuray-AFjr35AdoKHnUuE_nq1Cr6h

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 Oct 2023 22:07:00 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ns6KKSOlRpUxAcAixJbE6Q&google_push=AXcoOmSKmcDeD3pTgGkUdTWKZVxWsV8thRDvo5weP5HPi6LGQ-T1MNYRhsgjx_GRGmoQW3HPuray-AFjr35AdoKHnUuE_nq1Cr6h
x-host: tde-deliveryengine-production-8b9d7bc7f-rxtz6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CCC
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELXi6sHDVOc7o74MXVouTNc&google_cver=1&google_push=AXcoOmS3EjIFCq25LKiBME10_UvqFR2IH2mU9Hy9142r5br1CigOpAGv3rpRi3IN1gShVPAucR02THr7RldgUQy5IQzsxvQxVuUr
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS3EjIFCq25LKiBME10_UvqFR2IH2mU9Hy9142r5br1CigOpAGv3rpRi3IN1gShVPAucR02THr7RldgUQy5IQzsxvQxVuU...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ3NTQ0MzI5ODk4OTg3MDkxNDEwOA%3D%3D&google_push=AXcoOmS3EjIFCq25LKiBME10_UvqFR2IH2mU9Hy9142r5br1CigOpAGv...

170 B
188 B

88ms
71ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ3NTQ0MzI5ODk4OTg3MDkxNDEwOA%3D%3D&google_push=AXcoOmS3EjIFCq25LKiBME10_UvqFR2IH2mU9Hy9142r5br1CigOpAGv3rpRi3IN1gShVPAucR02THr7RldgUQy5IQzsxvQxVuUr

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ3NTQ0MzI5ODk4OTg3MDkxNDEwOA%3D%3D&google_push=AXcoOmS3EjIFCq25LKiBME10_UvqFR2IH2mU9Hy9142r5br1CigOpAGv3rpRi3IN1gShVPAucR02THr7RldgUQy5IQzsxvQxVuUr
date: Mon, 02 Oct 2023 22:07:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 4CCC
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELsrUKdTX6-TS0BD5kSZ3e0&google_cver=1&google_push=AXcoOmTGFAdBISLI4fP3qYH9uGqP_AYpSpwN5PXmatFAP15e18qNc9eDPvKQcLcU50ew8kmcautNWJvfhYZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGFAdBISLI4fP3qYH9uGqP_AYpSpwN5PXmatFAP15e18qNc9eDPvKQcLcU50ew8kmcautNWJvfhYZMa1fp28WdV8YwjRJ3Rw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

316ms
291ms

Image
text/plain

51.38.120.206

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.38.120.206 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 4CCC
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJu97tel1VKH...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YjRkODAzYjctZjQ4Yi00NzljLWIzZDAtY2NmM2VhMTNhNjc0&google_push=AXcoOmTtMj9LL1D-kwcn8_6gxf9rp4VnztXAIcjHpv4g2QoqK9tDbqlfvNQ45dIl9OFgn...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

131ms
77ms

Image
image/gif

23.35.237.56

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046731&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416399&bpp=586&bdt=312&idt=1282&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3296754740&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31077328%2C31078202%2C44801992%2C31078297%2C31078320&oid=2&pvsid=1126824095258659&tmod=870526254&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tebbifqzo4sw&fsb=1&dtd=1367
Protocol: H2
Server: 23.35.237.56 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 02 Oct 2023 22:07:01 GMT
pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CCC
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmTK0jpVyd0o8...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmTK0jpVyd0o8RGErt2R-3ogRUmGfn...

170 B
188 B

87ms
60ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmTK0jpVyd0o8RGErt2R-3ogRUmGfnn_b59l3bDydj2QGq7e1hAVZAeFE-woTZUMcpPvrWhUsKY-l_3UE7ZBabInA7liQgBudQ

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
an-x-request-uuid: e8033397-5932-4801-9aa2-341b4507a997
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmTK0jpVyd0o8RGErt2R-3ogRUmGfnn_b59l3bDydj2QGq7e1hAVZAeFE-woTZUMcpPvrWhUsKY-l_3UE7ZBabInA7liQgBudQ
x-proxy-origin: 176.10.106.22; 176.10.106.22; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET /
csync.loopme.me/ Frame 4CCC 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4CCC 0
12 B 87ms
49ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IN522aAaTxtc9QXwxRDczBCoBn__NIrT9Vs-Q2QBFQerUJ4u64wzGww5_bebIf9ixDLGkIVeF92g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7134276477144658872/ Frame 3612 257 KB
57 KB 49ms
43ms Document
text/html 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7134276477144658872/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

46361a17d3faff6c797c808a5dd959c1e6783afc193d59202adb15cb26d14121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 598635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 58343
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 23:49:45 GMT
expires: Tue, 24 Sep 2024 23:49:45 GMT
last-modified: Tue, 05 Sep 2023 08:09:56 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0CB4 0
0 96ms
87ms Fetch
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3ZhWHQpv6TN1JcLhd8yKeiYd6t85Lm71i_ukg_NEDMkD7XAhqUEDqpiFiZJk63QsecPidvZ3Bitdbr8MJCDknxJ8Od6pWk7rW14riVaHTdU9P-BfyaFXQ57IDA0EHlRvQZUdn8CMNez-kvIyt24DV7QpR5vlt4-6QZVy0xVzKy6DUHoSL3Sqf4dIU1sTVqoQX81h5zgY2d4BuDiPUxj2rx3RKiC74zcdFV3l2sdy71_5YiO-8n4rkyQe90WNq-n1taNiaTjlhYFW4iunoKLWGnbwOuTixAQe9yiFqX_CnB1T_oma0OD6sZMHlS6uDZFlB17L_0MdgAwe9UyfS7x9t7koeic06rnAbZ2GfG9FaqhE6tUm2a0BjrT9yBpg6K3dwaEKtdgh98WAl549-7Rf6KAeTmyibRUZ7hkNv6soDyzgVQEECzFjlCs1TwHCBjDnGmnZLPZ-eNByTep4VAYybE7dWeeUZpbKENbOYFLtjOOrDXOwLg_rk3ZPA0DEMdxM8kk99VuYgd4s8IIc6vBGWn4JaJcmd7Y6AZAea7TaXw53ugY2RQy62GTXe2A2vB78IGBEOvDsKo7JugNKqqhLBEBJOKRv1Pedn2SpbQcJpQv4_Lx24-ZS7hJfcrZzd6doh_nwyYLS9ocYYKBGFNNoqlmAkzZRSyhmpbz5N9aMD-887enYrNBMK6yJwXyO0ZVlqNL5oAKzdxcdfihZjGxY3LkCKHbbyE7q1-DjU09mhaj2B2J_wH_kvO7o9VQjf8sl_WRQZ804j7-o_et7npAvhhjDIyhcB8LUnul3i1J8rw8VIrJY2vzUI4rZu-vK_rlEz8a7bKSSL-M4v68Mhldtd-PEYqMtkdGiERnb44m8pU98YMK7RsDzuYaaAh21KBSyLriG4qtV_FivczgD6zwycGv0B6tlvgzdJ3xG_5QjcTfZ_z5ip5jZ5GB-SH9d3twpFIcInMbn5nuwt-ffVk-yEOyYHWsLEL4wHHrAwoW_YyfiYXOQKnnYnc68xFWHSio-EL9ga3LCxBI2kfwrrL1GufprdgWrRRY25wJ01hMW1n295i0rZz0ukBbe8HK-FfzAYu1wz8xdZaBH2_cEwJ4Em0PC8W5dgJjYkAXtfZm84wXzgn_soSdMks92H5xfj5MPPBEubx4W-wZnArgVhFgus0q5RopP5VTSLcRum90pQ1zgWbcd5E9SG5IO-iLj_1K2DEdyJRtfP6etmspaEJUZDOIicshkbvL-JNClxwr-TTy1ebkI&sai=AMfl-YRXs3bT_u274WciubQLJLYItvPpo740aQrofVl0Pno6SL4UMoi4UnLuVe5yu5C-1uS59P5De_qDSFgpwaCkOal45ldGIS5vJKilthNAcsRfIEOtP1aGOZ11yvuyhiH7F1osGVf2Z24rDBb3alv48WWCvS9NM7Ugl_zmyjhLOW9dqXJfxjxgtJpZjdsHWrYuZQOgre9VxRTJ&sig=Cg0ArKJSzJZNL6gMP6WvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1446&cbvp=1&cstd=1442&cisv=r20230927.93193&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Oct 2023 22:07:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 171B 38 KB
15 KB 60ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 527323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:17 GMT

GET
H3 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C80 38 KB
15 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 527323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:17 GMT

GET
H3 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B4FE 38 KB
15 KB 131ms
63ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 527323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:17 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 1AF3 236 KB
63 KB 278ms
108ms Script
text/javascript 2a02:26f0:480:f::213:7edc

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7edc -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:00 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Mon, 02 Oct 2023 22:22:00 GMT

GET
H3 200 300x250_kia-flex_stonic.js Show response
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 41 KB
6 KB 132ms
64ms Script
application/x-javascript 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/300x250_kia-flex_stonic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

52488fafd33704070fdc449396ed61295f48c8bccd25ebe7db981143368c22b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 04:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410255
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6144
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 04:09:25 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90009.redintelligence.net/ Frame 231E 7 KB
3 KB 246ms
71ms Document
text/html 138.201.63.149

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request_content.php?s=96537100001314904444552012466009&a=ebf5af1c
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=a3751caf48&subid=&uid=2cabc8262947220a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh4edAT8bZfOTFsqQiM0P14GDeKblvaBp7Y2cp8kP8C4QASDTy84wYJUCyAEJqQLMHPVS6pyxPqgDAcgDmwSqBPABT9DgOoxYjOuSgbHmfFQz4uVvmG6YBz8EoOpKtvUsqnvzSbOHvW52u-1VLXvwGYQGWeDbqLLif60-yJbMgC5QbRiWih-iba-6W0lBKclwjrmACbEewXhbWn4TGx47SLLVZggiyVrpg3hO33-iQePcTCpj1mqmqh8DDpnkh7hxbFIMsjPERCsNlvUXuaNjyV01siN5z2HDnO56RIw8w9yQ_hqxoRRzmkeFStB3XxqYgi3vloODoOyMUkb6qHSwKylkEUjjzPq50oaswj25rO7habjOHBGgLou5VUS723ARsVerXad0vcUf4OIibcoES-MlwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIs5iK8a_YgQMVSgiiAx3XwAAPEAEYASAAEgK3B_D_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmsXJCVo9Ac-Saw2b0AoumTGbZKwxsCjwWgdl_dkI4WlgTU73GAE%26sig%3DAOD64_3M-gNpTiliXhRYAdNT2boDzqhDwQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-BWiiszezRl0ffRA1mAAg4mnOiw_2m1Rqq7ZGYOShdHE5hXkfd4fpav0Z6vQ1Phl7qvj28oDmzal-CFOHFmDql7ZWCqXwpDI41sQFfjBTecJ1O8gbAIuOZpJqRCe0dMje7YOZnYUrjrb-wfsnwSPqG_2mWxdIvVPL5cZO96Y61tW0FZbfE%26cry%3D1%26dbm_d%3DAKAmf-AzfVWzqHpz_3LRjDZtOgw9wNLA6kasUblq1iItCNX6Cmv_7ptLkwOuYxpVnrciEJmDAJPpBNkRFrwQ7BXAS_I-IpEYiOFZzV6pLARaaUc64xwg7IlZMTjhWt3X-qE8KYnktfwFDHcKpZgxT8uFx5Vz_-A_lv9iuKBp1iipS5Wk2VUrH_eLHIO6LhHGyg0GbsNHAxfvzq1TtGWRMAu-WfvbcH34GUq3cMQW_FT_O3siRrKrsSVONTAHNHhtg9M7Ata2ktZM4rz1ly8QIVLLwtb5wu0lN-1pOoj95jX_D1WHM78PrYecR4NNHY1o7aTZ1eB_LUpQ-cTnZXVkIDTMUU1lvGxUR_ZmOWZGU81_DDebiGWxWWJZEgXhKLpuAueGu0cbLjqFQR0qKkUIczFSs386tOXc9fPXC0P8AYujE6Ruo8JNkz4NcfimHH8KZS-i_uXvasLFVpJAL-Uv_OgTrggghIvwoC3EpHaJBmxaoISsMRgJHC89s03IbuI3SrW037n3C9MG1TJrIcMmByyq3xbWR6XywvzotdWFBUn6BHIODZbgauM%26adurl%3D&documentReferer=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3057491656808&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 53c424641f7d862ab91dbcf5b3968530e44d96731b7405f96417a2c76b4d0ffa

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2285
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Oct 2023 22:07:00 GMT
Expires: Mon, 02 Oct 2023 23:07:00 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5A88 1 KB
643 B 75ms
47ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 52106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 07:38:34 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 07:38:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DC4 0
20 B 117ms
86ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvalsAj8bZfL5DZyZrASW4bjoCgAAAAA4AeAEAg&bg=!IiGlIW7NAAZN1Q_XbdU7ADQBe5WfOF-Fe6AUP4EyJ2mxp__QGKs7VmFmXtvINTf9Xi-BjoHnr3gBslqVbKazI0ql_pJqAgAAAlJSAAAACmgBB5kDJp-Oy7yPmjgjIXFJwC9LC_i6ZSySEcJg95vCw84vnivB1tN5N4T7KC5N6pWPn_fIgmfJLJXsxpjUW8JTe5_ih0ROCaWr9x7bzHAD2OxqXyJ-jeGMsndgY6NkYE1-W8HV7Ro2sJeczfHtr-hWb8PyvJvZV2ZCEnZcUECntuP9IUTNVtGsErRoM21llszojJGmiIlS8cpDh5I3cp-I2TMFf6f6UQUxZQWCgqRJ98DTpLMu2UD3HqumAIMUSweT--yNQw5pUSbvxqGC2HKCUSYDddaZvEovlb6NCrN6iZL2WrtHeW8EjCiOAT3kuSp7Ym_D3lg-CWxuzHz3nwuvO1l61cOQpGhkKb2yU8Kp3ggwb_TERFzd-0aFT6Vw1F_OKG3QAscQOMyjA-2M7cKKcaMcwU3Hl4zT2cXtDUrxEaMnQMPwe7-m_Xm1HdUAYX6S5-lNPuFB2f69lSOLMH8v1qTrN4DkKl83NGYWuwUH1SZjHKObxBZn-uS5Tbe_-y_kZOZk2o-f3WcEs5Ihc8ZzGqEh3TtNgaDfvFniwusGFe9zwJke7_pMbkPGrXLkLFQeydJzOoCqLKuA5EXlrC2Qx3Dl4hzUxo6BVeN7_v71ab-sjnM2qWbyZHR2NgZxcOXrvi82wEboapq4mhthr_-6Ds9fM8G5TYCXJnS-HshNtypwU4ILKlJA_V_lxBb_HnopnTSGmlPjqMTNZtNYzV7GcL3keiU5TEZIpz32EoeFRpmf04MULHxbHdg8GEDXVSK5Mgo00AQaaGZso97Ec6CcyYNA-egdZZd-t3z0xlGdjX2x8BPyLrqCXe7Uyaibc2Js37oTdvt_NZwnhXRzA27pqtOMPsXYhnowTHBam1T3TtlAz9Sv5rSyvg89XGxD5UPkpTRhMFBRO-JKLdMy0yoemhdCGDK4Q-GL-BvVUya4sPSvd4IbjK-fxQElOIhn4b-UbHPuOMYBY9Lsq_QC6RE3DSxup2YhsDM7HCMTLBFHMwsl5dlJHK9TI1aCdW2QBrz-mimSYgzesMeTyyXD0w-zWjqrNLsPAVxKTCIh0vgGSku6eFN2maYvMuTe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame 569E 7 KB
3 KB 283ms
76ms Document
text/html 138.201.84.252

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request_content.php?s=31322700001547304444552012466024&a=72e44cab
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=e9c4e53151&subid=&uid=c72e4c185c458d78&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvpVAT8bZdX2I7GYiM0P9Nia2Aim5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCzBz1UuqcsT6oAwHIA5sEqgTwAU_QXl2uNy_l5eVotACSHF3bZYc_LONUrUGLIvvrpixBG2F9EAfU2YqodwkU2r8jtEdG8mGd0Go4U0bL9kXnTdM4Xy4nfA_Rf1yHNwUh2tr-rhLd0szgJM_BAxlQX91pQvnQDvt_GW9HmSbRDcUF0sJvgsK957fQWAvTn50KZF0DQ8UP67qkgbK5xBl1PQLXP7SkC6Fig8AtVJ5B0Beb6pW6EopDSEYRhcnpJg0Uo5oqPm45r-tLR8X0kDsfwXdDEqIM5nP9Qj25qCATS1eVy8W3i1aHNYsOLGeKbc9-9MTPPkhEJrvFjExDUcK7aH7tr8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlfuX8a_YgQMVMQyiAx10rAaLEAEYASAAEgKn_fD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNsIbGpyFAIVxBK4zNDE4TjrwUAhdO8CUMFvaa0jXGnb-b53sFGAE%26sig%3DAOD64_1IpXFu0EJXgAAJ43ilebmH74dAfA%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-ADVwgA-k1YwmQybA1ca4_Xp2l83i6pLGeZo2GB6JiRJ9OErDdrVYwllRSNwk7kl3bGQB9flS6HNIIir0unegN3LjRwEK3hd03Fvjbfr1zt9q5bLFRqhIyGvoY1RfkoDjW5Tqh9bWfmHfC5vsY_eo6s9ZwJdUxOAu2l8g6-2SGRxYiB4Lo%26cry%3D1%26dbm_d%3DAKAmf-DxiGJI4jlx-FOzSJ3SMtSKvgH9vj01zjRbNEUb0vl5vyH3iQNHrHiv390OIYMsZE964VjhLbtK-I9OTPLGODC95UPA9K0brcVUnvzmhD0oHegoH4pTE6pvOiWfIve_lKKux1IhFTOT09zhYSgLWxhEaocmKxjoKGMshI21ezpdAEPf9BDTsMvrKw3yPiIgJBXCgiuS8FUv67NAkFkTEsGi06T0tKR07SSi47hJ9OUshW-WbTYFxZ3my9-HKS7LvgBXDbn7thwYEEwmubA-XfUmnDIPRhb9k8URhpZr6GAP5zJgoM4bSA67K6cvSvHzN_2yE0cYOl34nk6TYrmTe3oArRSdVSoczcnW_F7Ld_dB3307CeIsH6SSyUXl0JLqVD50B7Ml3jF5O7VmJAK-XA6zZHdipezThvVv5DDVSpsDUjZri_QNfbIp-nNzJJf6Rpi5ZY7WeKv40bQ_IU_4rhd642SrIgPfhmT_JqRNKP6_Wc6Kf9AdoM_amvHBAbcncEMwB-DgrSQifI1fOU31LncT3JD0CiWHr9y7ef9oGB3ZrAelKXs%26adurl%3D&documentReferer=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=4601939364799&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d56788546f8882cc295d17050b33127dc6d0b5372324675c5cc1f7b8e9023fc5

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2285
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Oct 2023 22:07:00 GMT
Expires: Mon, 02 Oct 2023 23:07:00 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 3612 32 KB
11 KB 88ms
69ms Script
text/javascript 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7134276477144658872/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134276477144658872/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 07:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 07:13:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CCC8 1 KB
643 B 207ms
202ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 52106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 07:38:34 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 07:38:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B603 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c19fffc1c9f12740a06cb09965119435abf0a2ac36e2b866cd80b40c4bfa50b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 231E 89 KB
32 KB 367ms
191ms Script
text/javascript 2a00:1450:4001:82a::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=96537100001314904444552012466009&a=ebf5af1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 06:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 06:08:09 GMT

GET
H/1.1 200
OK S-120x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 231E 33 KB
34 KB 1183ms
266ms Image
image/gif 88.99.69.161

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-120x600.gif
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=96537100001314904444552012466009&a=ebf5af1c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e5b7f02b23fdfaa750168663e07aa8da6df9b31692b4e470097c1122b3fe2678

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 22:07:02 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-8530"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 34096

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 569E 89 KB
32 KB 402ms
252ms Script
text/javascript 2a00:1450:4001:82a::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=31322700001547304444552012466024&a=72e44cab

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 06:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 06:08:09 GMT

GET
H/1.1 200
OK S-120x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 569E 33 KB
34 KB 1151ms
259ms Image
image/gif 88.99.69.161

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-120x600.gif
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=31322700001547304444552012466024&a=72e44cab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e5b7f02b23fdfaa750168663e07aa8da6df9b31692b4e470097c1122b3fe2678

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 22:07:02 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-8530"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 34096

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A88
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED-Oj1yRurj03awpCwf0zHA&google_push=AXcoOmQgwhrLYay8hIZllPbTs2JxMFAE3qz3QQfMbeGQr0K88rbgz5aB4t...

170 B
188 B

131ms
58ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED-Oj1yRurj03awpCwf0zHA&google_push=AXcoOmQgwhrLYay8hIZllPbTs2JxMFAE3qz3QQfMbeGQr0K88rbgz5aB4tEGV7NtLISw-R3XIT7WtUhT0qURXsV3UIGf3NrM6bSCXg

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mxp6935-MXP
pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1696284421.472546,VS0,VE99
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED-Oj1yRurj03awpCwf0zHA&google_push=AXcoOmQgwhrLYay8hIZllPbTs2JxMFAE3qz3QQfMbeGQr0K88rbgz5aB4tEGV7NtLISw-R3XIT7WtUhT0qURXsV3UIGf3NrM6bSCXg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A88
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEL2Kmd2PO6RRUl0-11ADnsQ&google_cver=1&google_push=AXcoOmQ8FQgNiAFQj6sboocQgr_lkDP-Xjmd6dYWBEvAAkI0kPT4QYAR9sLQ1_jmXvrY65uTtGOD0qts7BwmVWsCf7TATo3iclJG
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7C893F04B3F44E2EB53E55DD4AC4CF3A&google_push=AXcoOmQ8FQgNiAFQj6sboocQgr_lkDP-Xjmd6dYWBEvAAkI0kPT4QYAR9sLQ1_jmXvrY65uTtGOD0qts7BwmVWs...

170 B
188 B

97ms
80ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7C893F04B3F44E2EB53E55DD4AC4CF3A&google_push=AXcoOmQ8FQgNiAFQj6sboocQgr_lkDP-Xjmd6dYWBEvAAkI0kPT4QYAR9sLQ1_jmXvrY65uTtGOD0qts7BwmVWsCf7TATo3iclJG

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 Oct 2023 22:07:01 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7C893F04B3F44E2EB53E55DD4AC4CF3A&google_push=AXcoOmQ8FQgNiAFQj6sboocQgr_lkDP-Xjmd6dYWBEvAAkI0kPT4QYAR9sLQ1_jmXvrY65uTtGOD0qts7BwmVWsCf7TATo3iclJG
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 01 Oct 2023 22:07:01 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5A88 70 B
148 B 680ms
309ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB55vSqLgQlm9wuCw-htb98&google_cver=1&google_push=AXcoOmTqOx2zhmdHIjrOHP9X55D5YSKewBjYRlH31RnWgBdP3xE_AjtcJVY8yWuX5b5De__2Vu2dYUgkxZyDSEc8AXYiSZ6K7ikpFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416370&bpp=465&bdt=249&idt=723&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1059045037&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44802209%2C31078363%2C31078297&oid=2&pvsid=674343852142438&tmod=1108981091&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.nh2g25xcfuqc&fsb=1&dtd=816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A88
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJ9eF7CbfPZg__R6v-EtTe8&google_cver=1&google_push=AXcoOmSkz-884LIs-7nm6PKQ5kBcc3NuLnlSIPnW04IAyuF88xnjd9CB6nC10l4V2Ft8gosWUK01ieWohrl8rW5k...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ns6KKSOlRpUxAcAixJbE6Q&google_push=AXcoOmSkz-884LIs-7nm6PKQ5kBcc3NuLnlSIPnW04IAyuF88xnjd9CB6nC10l4V2Ft8gosWUK01ieWohrl8rW5kaC6XtiLdbNZZwA

170 B
188 B

59ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ns6KKSOlRpUxAcAixJbE6Q&google_push=AXcoOmSkz-884LIs-7nm6PKQ5kBcc3NuLnlSIPnW04IAyuF88xnjd9CB6nC10l4V2Ft8gosWUK01ieWohrl8rW5kaC6XtiLdbNZZwA

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 Oct 2023 22:07:01 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ns6KKSOlRpUxAcAixJbE6Q&google_push=AXcoOmSkz-884LIs-7nm6PKQ5kBcc3NuLnlSIPnW04IAyuF88xnjd9CB6nC10l4V2Ft8gosWUK01ieWohrl8rW5kaC6XtiLdbNZZwA
x-host: tde-deliveryengine-production-8b9d7bc7f-r4nw4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A88
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEC1DoqRYEOzgxkDvaeSroPM&google_cver=1&google_push=AXcoOmRMgQ-vCjB0SoVjid6PaGEJqJJDl-fnPNXQ93IXh8mNA00JVtrU2TtJ0AInsDEbS-Ax1BIwH_N57d-vArqDD9JMjPoLuIDpOA
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRMgQ-vCjB0SoVjid6PaGEJqJJDl-fnPNXQ93IXh8mNA00JVtrU2TtJ0AInsDEbS-Ax1BIwH_N57d-vArqDD9JMjPoLuIDpOA&google_hm=Q6bpfWbvwP8JwXrN4PTvIg==

170 B
188 B

58ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRMgQ-vCjB0SoVjid6PaGEJqJJDl-fnPNXQ93IXh8mNA00JVtrU2TtJ0AInsDEbS-Ax1BIwH_N57d-vArqDD9JMjPoLuIDpOA&google_hm=Q6bpfWbvwP8JwXrN4PTvIg==

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRMgQ-vCjB0SoVjid6PaGEJqJJDl-fnPNXQ93IXh8mNA00JVtrU2TtJ0AInsDEbS-Ax1BIwH_N57d-vArqDD9JMjPoLuIDpOA&google_hm=Q6bpfWbvwP8JwXrN4PTvIg==
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 231

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A88
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN5xbSMRB_DolOpHG1DyfB0&google_cver=1&google_push=AXcoOmTsiYBa4OqpVBINBSjPWjYeZ0KblxUmaAdjv-VOymrJ42OLMfkmPRx-yS3C5f6a67c7rj2bMduisj75sl524...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN5xbSMRB_DolOpHG1DyfB0&google_cver=1&google_push=AXcoOmTsiYBa4OqpVBINBSjPWjYeZ0KblxUmaAdjv-VOymrJ42OLMfkmPRx-yS3C5f6a67c7rj2bMduisj75sl524...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTsiYBa4OqpVBINBSjPWjYeZ0KblxUmaAdjv-VOymrJ42OLMfkmPRx-yS3C5f6a67c7rj2bMduisj75sl524s1kuF3ofGb6rg&google_hm=Ha7vsGZHZMxLK6-HQcOJ...

170 B
188 B

96ms
95ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTsiYBa4OqpVBINBSjPWjYeZ0KblxUmaAdjv-VOymrJ42OLMfkmPRx-yS3C5f6a67c7rj2bMduisj75sl524s1kuF3ofGb6rg&google_hm=Ha7vsGZHZMxLK6-HQcOJhSem

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 02 Oct 2023 22:07:02 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTsiYBa4OqpVBINBSjPWjYeZ0KblxUmaAdjv-VOymrJ42OLMfkmPRx-yS3C5f6a67c7rj2bMduisj75sl524s1kuF3ofGb6rg&google_hm=Ha7vsGZHZMxLK6-HQcOJhSem
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A88
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEL0_BrtcKhsV6boFw5RGIEU&google_cver=1&google_push=AXcoOmSsEBz0YPwgyP3UTV7oJfmguc7cUdlxQWEevqn7ZF80v5kMZ8D3RjTySJ9RkoH393lWwbfU21AhZ8Yy__PXgaTvm8...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEL0_BrtcKhsV6boFw5RGIEU&google_cver=1&google_push=AXcoOmSsEBz0YPwgyP3UTV7oJfmguc7cUdlxQWEevqn7ZF80v5kMZ8D3RjTySJ9RkoH393lWwbfU21AhZ8Yy__PX...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=AdB3Lg18QOmS7UXC-ldTkg&google_push=AXcoOmSsEBz0YPwgyP3UTV7oJfmguc7cUdlxQWEevqn7ZF80v5kMZ8D3RjTySJ9RkoH393lWwbfU21AhZ8Yy__P...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=AdB3Lg18QOmS7UXC-ldTkg&google_push=AXcoOmSsEBz0YPwgyP3UTV7oJfmguc7cUdlxQWEevqn7ZF80v5kMZ8D3RjTySJ9RkoH393lWwbfU21AhZ8Yy__PXgaTvm8BaMiolUg

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=AdB3Lg18QOmS7UXC-ldTkg&google_push=AXcoOmSsEBz0YPwgyP3UTV7oJfmguc7cUdlxQWEevqn7ZF80v5kMZ8D3RjTySJ9RkoH393lWwbfU21AhZ8Yy__PXgaTvm8BaMiolUg
access-control-allow-origin: *
date: Mon, 02 Oct 2023 22:07:03 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5A88 0
12 B 175ms
137ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IRuJzfgfueXdSz9K8OVqqVes7D9WxvnO4buIsBgjUls43gCB8l10U47Vpk8BfnSZBgofw8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0CB4 0
0 88ms
85ms Fetch
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3ZhWHQpv6TN1JcLhd8yKeiYd6t85Lm71i_ukg_NEDMkD7XAhqUEDqpiFiZJk63QsecPidvZ3Bitdbr8MJCDknxJ8Od6pWk7rW14riVaHTdU9P-BfyaFXQ57IDA0EHlRvQZUdn8CMNez-kvIyt24DV7QpR5vlt4-6QZVy0xVzKy6DUHoSL3Sqf4dIU1sTVqoQX81h5zgY2d4BuDiPUxj2rx3RKiC74zcdFV3l2sdy71_5YiO-8n4rkyQe90WNq-n1taNiaTjlhYFW4iunoKLWGnbwOuTixAQe9yiFqX_CnB1T_oma0OD6sZMHlS6uDZFlB17L_0MdgAwe9UyfS7x9t7koeic06rnAbZ2GfG9FaqhE6tUm2a0BjrT9yBpg6K3dwaEKtdgh98WAl549-7Rf6KAeTmyibRUZ7hkNv6soDyzgVQEECzFjlCs1TwHCBjDnGmnZLPZ-eNByTep4VAYybE7dWeeUZpbKENbOYFLtjOOrDXOwLg_rk3ZPA0DEMdxM8kk99VuYgd4s8IIc6vBGWn4JaJcmd7Y6AZAea7TaXw53ugY2RQy62GTXe2A2vB78IGBEOvDsKo7JugNKqqhLBEBJOKRv1Pedn2SpbQcJpQv4_Lx24-ZS7hJfcrZzd6doh_nwyYLS9ocYYKBGFNNoqlmAkzZRSyhmpbz5N9aMD-887enYrNBMK6yJwXyO0ZVlqNL5oAKzdxcdfihZjGxY3LkCKHbbyE7q1-DjU09mhaj2B2J_wH_kvO7o9VQjf8sl_WRQZ804j7-o_et7npAvhhjDIyhcB8LUnul3i1J8rw8VIrJY2vzUI4rZu-vK_rlEz8a7bKSSL-M4v68Mhldtd-PEYqMtkdGiERnb44m8pU98YMK7RsDzuYaaAh21KBSyLriG4qtV_FivczgD6zwycGv0B6tlvgzdJ3xG_5QjcTfZ_z5ip5jZ5GB-SH9d3twpFIcInMbn5nuwt-ffVk-yEOyYHWsLEL4wHHrAwoW_YyfiYXOQKnnYnc68xFWHSio-EL9ga3LCxBI2kfwrrL1GufprdgWrRRY25wJ01hMW1n295i0rZz0ukBbe8HK-FfzAYu1wz8xdZaBH2_cEwJ4Em0PC8W5dgJjYkAXtfZm84wXzgn_soSdMks92H5xfj5MPPBEubx4W-wZnArgVhFgus0q5RopP5VTSLcRum90pQ1zgWbcd5E9SG5IO-iLj_1K2DEdyJRtfP6etmspaEJUZDOIicshkbvL-JNClxwr-TTy1ebkI&sai=AMfl-YRXs3bT_u274WciubQLJLYItvPpo740aQrofVl0Pno6SL4UMoi4UnLuVe5yu5C-1uS59P5De_qDSFgpwaCkOal45ldGIS5vJKilthNAcsRfIEOtP1aGOZ11yvuyhiH7F1osGVf2Z24rDBb3alv48WWCvS9NM7Ugl_zmyjhLOW9dqXJfxjxgtJpZjdsHWrYuZQOgre9VxRTJ&sig=Cg0ArKJSzJZNL6gMP6WvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2251&vt=11&dtpt=805&dett=3&cstd=1442&cisv=r20230927.93193&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9571 0
0 342ms
95ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUd3ypNXW-GKa7wFcwahy-cU2uqJfJJYdlqbb9njOh3pQgd2cQND_ohv1H-bhkyPqbHmA7pFbAgGftPa_zwT7NT3lBuOWn31DHTKZNRiSC5SwrU_LLFcXsjiLhsilCBmhuNxsWyhEZHfbMuJnxdJz5Pw_UHAYQXOBD7BKZLgCa3hHuhkwF9ZZXI41dEeNIBxyDjeBjSdkK3zkN1H0cpmUrydSanVkKmAhZXsXy5EHPMlOVUi8Qg_S347v_OgbxaP1s55jjpBZpLYvGX_TO9cxMe1hYrYhUySxb0w-0TyABtQqy87xKCgF6TrRhFu3vCdAiyYZOh1qMJ4YVWRwak0dQkx6PgXTIWzX7-nSQxLK8MQw&sai=AMfl-YSVXyri5fSWtRRl8Lq0M-XwuRojfgmSGU5ysvjpPfkIogXL1kDrQ42sjmcIjm3HKgr4_3HBMTAXmbdZ6Ho&sig=Cg0ArKJSzBL_8xvGzcx3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 02 Oct 2023 22:07:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9571 16 KB
12 KB 339ms
112ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2382a33354f35f71a87941e38f084952021fc840884afbd26150550d725f5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12207
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCC8
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDXNO7LG6_sMRYLbrqxXWLw&google_cver=1&google_push=AXcoOmT07csRckdbLcFX9VXn8NXKclpLVaydAg-IBmEGt-1RusmBKks...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=15acd3e2a9811734&is_secure=true&networkId=14000&version=1&google_gid=CAESEDXNO7LG6_sMRYLbrqxXWLw&google_cver=1&google_push=AXcoOmT07csR...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIPlZxvAlsiAN1DmL9AAAAAAA&expiration=1696370821&google_cver=1&is_secure=true&google_gid=CAESEDXNO7LG6_sMRYLbrqxXW...

170 B
188 B

131ms
57ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIPlZxvAlsiAN1DmL9AAAAAAA&expiration=1696370821&google_cver=1&is_secure=true&google_gid=CAESEDXNO7LG6_sMRYLbrqxXWLw&google_push=AXcoOmT07csRckdbLcFX9VXn8NXKclpLVaydAg-IBmEGt-1RusmBKksL2LeA_dqAjp05V1SOqZIeLRfI7erUWDmbem-nTIQ1jj5x

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIPlZxvAlsiAN1DmL9AAAAAAA&expiration=1696370821&google_cver=1&is_secure=true&google_gid=CAESEDXNO7LG6_sMRYLbrqxXWLw&google_push=AXcoOmT07csRckdbLcFX9VXn8NXKclpLVaydAg-IBmEGt-1RusmBKksL2LeA_dqAjp05V1SOqZIeLRfI7erUWDmbem-nTIQ1jj5x
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCC8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFUurlF-2W5FncU9l5EYStE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFUurlF-2W5FncU9l5EYStE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWVIN2hqSDgxUU5yNDk1&google_gid=CAESEFUurlF-2W5FncU9l5EYStE&google_cver=1&google_push=AXcoOmSvKLE0vb9VIgBPWmbyuH2Cy6ZJnPLaf-UPs4smuOb...

170 B
188 B

151ms
102ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWVIN2hqSDgxUU5yNDk1&google_gid=CAESEFUurlF-2W5FncU9l5EYStE&google_cver=1&google_push=AXcoOmSvKLE0vb9VIgBPWmbyuH2Cy6ZJnPLaf-UPs4smuObHgfjHMFsCipvT1Tux_9EKdmR5IyqaNosxdVB-ludygZ1-8ea29zE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 22:07:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-0848f2daa11a85918@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWVIN2hqSDgxUU5yNDk1&google_gid=CAESEFUurlF-2W5FncU9l5EYStE&google_cver=1&google_push=AXcoOmSvKLE0vb9VIgBPWmbyuH2Cy6ZJnPLaf-UPs4smuObHgfjHMFsCipvT1Tux_9EKdmR5IyqaNosxdVB-ludygZ1-8ea29zE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCC8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED-Oj1yRurj03awpCwf0zHA&google_push=AXcoOmSnVNxE2osSj1QFqKMM6kPurN0vipq9d-RArFVAjCcxYun9Pm2BAc...

170 B
188 B

128ms
54ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED-Oj1yRurj03awpCwf0zHA&google_push=AXcoOmSnVNxE2osSj1QFqKMM6kPurN0vipq9d-RArFVAjCcxYun9Pm2BAcCZxr4o7qtbww9aAbL9GHKpgpm_GetGEVUGMoSU67KY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mxp6935-MXP
pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1696284421.472518,VS0,VE97
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED-Oj1yRurj03awpCwf0zHA&google_push=AXcoOmSnVNxE2osSj1QFqKMM6kPurN0vipq9d-RArFVAjCcxYun9Pm2BAcCZxr4o7qtbww9aAbL9GHKpgpm_GetGEVUGMoSU67KY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CCC8 70 B
149 B 530ms
307ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB55vSqLgQlm9wuCw-htb98&google_cver=1&google_push=AXcoOmR5QRTaO6Q4FUYuM8mmFw7IJggZHl2O6ToBC2T5Q67rgeg9dfv6qA78dBpA72tZ3PSferXJsky4dafbetDu4mm6THFYWZdq
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCC8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBWVksPE0xRZ8lsVSMaPA8Y&google_cver=1&google_push=AXcoOmQaxKD8kofkUvAnzHmOgd2SUXCEzwjwFqNEk1tRVTY6k3_fBHXKkCxxZ-pzOW2VhhPwEU6n7eFQ3F1OI5...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NTQ4NjExMjkyNDQzMjUzNQ%3D%3D&google_push=AXcoOmQaxKD8kofkUvAnzHmOgd2SUXCEzwjwFqNEk1tRVTY6k3_fBHXKkCxxZ-pzOW2VhhPwEU6n7eFQ3F1OI5sVzs...

170 B
188 B

54ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NTQ4NjExMjkyNDQzMjUzNQ%3D%3D&google_push=AXcoOmQaxKD8kofkUvAnzHmOgd2SUXCEzwjwFqNEk1tRVTY6k3_fBHXKkCxxZ-pzOW2VhhPwEU6n7eFQ3F1OI5sVzsI8SnNHVG8W

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NTQ4NjExMjkyNDQzMjUzNQ%3D%3D&google_push=AXcoOmQaxKD8kofkUvAnzHmOgd2SUXCEzwjwFqNEk1tRVTY6k3_fBHXKkCxxZ-pzOW2VhhPwEU6n7eFQ3F1OI5sVzsI8SnNHVG8W
Date: Mon, 02 Oct 2023 22:07:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCC8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_hm=ZRs_AuVXtGgNPYPT1wiTNAAABJ8AAAAB&google_nid=index&google_push=AXcoOmTIu1z-IJV4LtQ1k1_3rZA79vVDy807k...

170 B
188 B

58ms
51ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_hm=ZRs_AuVXtGgNPYPT1wiTNAAABJ8AAAAB&google_nid=index&google_push=AXcoOmTIu1z-IJV4LtQ1k1_3rZA79vVDy807kWZ2O0PB-ssEVWrYpILp3gW-CrIU8t9QLHW2Pvo4YfZ5O_MkUNKTudxaES6dy1w0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDegZRsGnMyqxtv97pOpvWmVXkR1BKuig4isipSI7EVj2jbDvUVELI082wrDOxjUW9cSRg%2F6Jq4YxjraL8yfBXOhqBAgeGbIo%2B3Tvb5LBYEEgjcEcxSeHNEPhH5jesdFx0X6ZU518yUmXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO9GmzC19mnPJeGw9S6-pPw&google_hm=ZRs_AuVXtGgNPYPT1wiTNAAABJ8AAAAB&google_nid=index&google_push=AXcoOmTIu1z-IJV4LtQ1k1_3rZA79vVDy807kWZ2O0PB-ssEVWrYpILp3gW-CrIU8t9QLHW2Pvo4YfZ5O_MkUNKTudxaES6dy1w0
cache-control: no-cache
cf-ray: 810041820e67021d-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCC8
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmQFKk_HipAhY...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmQFKk_HipAhYQRWgvtIW_coDW6M_6...

170 B
188 B

59ms
53ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmQFKk_HipAhYQRWgvtIW_coDW6M_6uwTpK4W6Fi5dr_vor9IQiD8IQhy9c5mvcTuG5PlfilxrtmPxXitAfIsjXYFAz8zEFNbQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:01 GMT
an-x-request-uuid: 99c426e3-716a-4a0a-a73c-abbd0af1a351
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjY0NTA1MDY2NDA2NDQzNg%3D%3D&google_gid=CAESEI39FahE03wZsgy0HvLjzy8&google_cver=1&google_push=AXcoOmQFKk_HipAhYQRWgvtIW_coDW6M_6uwTpK4W6Fi5dr_vor9IQiD8IQhy9c5mvcTuG5PlfilxrtmPxXitAfIsjXYFAz8zEFNbQ
x-proxy-origin: 176.10.106.22; 176.10.106.22; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CCC8 0
12 B 173ms
145ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JAMA-hPkjLvIgYFNLuza8kpSeGpl0DQdsj2qjTfIqSLdqK9PBpZge3Zm0tig3H80OIh7Ly6g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696284416469&bpp=488&bdt=353&idt=955&shv=r20230928&mjsv=m202309260101&ptt=5&saldr=sd&is_amp=1&correlator=6243&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1268681696&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078272&oid=2&pvsid=3424698992440312&tmod=1743415125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vokdku74w9yr&fsb=1&dtd=1005

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 bg_01.jpg
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 22 KB
22 KB 81ms
80ms Image
image/jpeg 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/bg_01.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ed6acf231335236de7b578282457cf6b1ddf399b4d4c384be949cb48dc64d243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 11:25:41 GMT
x-content-type-options: nosniff
age: 556880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22202
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Sep 2024 11:25:41 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C1BF 0
0 73ms
73ms Fetch
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso3SX5suRD62J9nNeP696p2QjEBEFU2XI0c5FH0GBsgQ6HLAbHPWdRrwdvRIJhVWWFr1IIZ7ZYj2K0XBf6lHsS6wkc65EPfxip9kToplJ2lytyqsfVOgkTX4DtiXP5Itg1mUuKLPK9v2w9GUSEqeqTfgu4MopsoUM4_b8-ZdOW3H3o1kmdULasWtks3nOXhezHOux55OUvwJwu8Nf__Dkb9y0YH1bZpUV0icX2sNP2BbEQ9MKRcUFRq9Zz0R2C4OPDLHOx8KVNPXUbJM5BIUhCDemn6oynXQ_yzu6DIDQg463WlKlZ30wl2yvDtdUcMaOZNkBuVQ0maG-5SK7hI54ALuaTQkWwACbw_kOFtkN9TelWVQLNfa3SWCczrmrZFdw0KBJLYxzJR4OZu2lGlv910sQ58VbT4b1zWgCI7kPl8tXQKx8nRnht0koZA88mGue0w4nvgfZ5cr6Cz_3JiK_5FDtcaNAOunQf7UnCta3FUtic4Bt5ntzh3rJTP6t5Og_-es7fP4hri0S-woBoV5UdHcd2f6YtHU7t9c5-F2ZvrvScTjb7y1GntP6cqvVuXmSgXYFswsa_iX83a5iXJmQeAJcYM7W_DCAjXM-vu7D4N1pJ0h4bHRgWzxL3QKrVLojiJ2vmYegJio2JRAl_4WJW8QSqOk6bwOWBNI5GJCFGf0-DTR6DSJvwvrVbclJwVATRujXBFOmiIbwtpPDoOUubh1fbP-Mev3V5DWDSgEWh9bvwlpqTyxWPHtPEWaWZ078O9_irLyZs2VaEdfZ_Y10D2WRGKgCRIYvfiicqB-YSVZHEXH0SPssG7yimOVZlrhABfR8OcCLjOfodh37d9OBa4r1KUmbOf7Z3jNiX7Stu_I713ZAMRIzHTRa3XOAn5vhxUhTxa5em7HvO8whUjM-ezLHejJJdS3IiQtQQno5oN3W4X8fVZb6M1SOP9YyJb4laNsdWghG2UILbILHblDf7aJelHxl5_4TeAkMJJnO893g29Dovb9nDHMRMBaRNEnPpWL3WpLMGLDoekOFDmoc1FDh4IWdjQsJGkpXFIY2gZdQpvKOiwe4Mz6F5dp4Iv_VJ6_lbOZVDln8dzMht0df208WcD4kzb8tc-HCS6JrQ5t3l28nXRb0_UGPMvnpTXqxagJj0-Vg87soMvrNzFaYNeInlhijmhIbVaB4DMOlWG-jRQGKacsElimdwN6o8OxEeWja_TTv1RIXUVADOPMPyznfY07-PclQrbYpqVhCyak_BLxkb3l3lHnHnn2VhhgMwkMCm&sai=AMfl-YQBdgl2jBA-cgvGY7ukXH223a7VQVyh2B3RPnspmMsu59Qqm2paq2gBwQBvNkzMKXKyG-bSUeEBR_nRbs18bCRxVSIi5Q7FRIeX7PR9eo6oLAS6w5hqZXec4aylHIEMwLc8_qLpetpm9G1VOM7kpM-sK5hDaaRO68kXdwIHplJkMrXNgaDwASXZEisX36dLi6cPmgM57mFZ&sig=Cg0ArKJSzNVUUoMQlVnjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2515&vt=11&dtpt=1117&dett=3&cstd=1391&cisv=r20230927.42346&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1488 0
0 140ms
99ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYcVlkKUeKges4hVcQWqadSTvnENMPal5kS1c5s-5uLzMZIW1-YrNDKrkcwu2Rt5FBzvVIWKMc_1bdgzQkCjzk5H9D4ZPf5MWpFt64pm3wBkXnk2MGyzpY_iqUwvzB6Uwl_C5pUqjBOxGjvhD3ALtBfXDgS_YjgYQ3wIx_Nvu-pU13LjWP1MCoZzpp_OAyphu4LZK7k6hkpxADtGNKamqzXYwdVgch3RvoQ8-aEJL9De5yieNBHahUhdSsUPUYHOAcgEgi7UtreWy9HUwSJ_OvNMTVZSFeaRTebxo-rfTaRsGs35rGcYBoMrRgV7sZ46LB2BfJT3nAatCAQMBhy50NPc5kg_9ocaOgR1C-aZQY9g&sai=AMfl-YSn-B6YVO24oj9BUrNSv8wwMSAGRWpFtDF0kjpbR4qIhydO42YsVjR8aes8AN4PhzyFD6udGULpZAJXjb4&sig=Cg0ArKJSzM-_TfXmXdWqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 02 Oct 2023 22:07:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1488 16 KB
12 KB 157ms
116ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10889d1e4c5578622d667f3919410c8ad3d79e5da111b6a1ed08e5dcff3c9469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12060
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9571 17 KB
6 KB 57ms
51ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 22:07:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1488 17 KB
6 KB 349ms
280ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 22:07:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0CB4 42 B
64 B 342ms
282ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaQAfs7tfxn_-SiNSPlsJNiYfQ8o4-aAILZkXKJ6m8CFy4G0EbQ1oG09j1pfPKQiJZspIuIRHUmTvlW6RYKhMRfakKR-t-nBILZkfdaj8YR3CS8mQt0Ih6ul6D_v8m3DHmSZGkcR4F8-da&sai=AMfl-YT3mNmDAgofdsnvoWYsiREa0BZa4kyZdVlZBkWdLcLHjmay1rvl2VZzIsjgFeJYDHR9ZFuUTsXMMi7YEtfho_LqtJVnVqgk8KA&sig=Cg0ArKJSzM1z7DWeFNjoEAE&cid=CAQSKQDICaaNMWIT8QCN4mDZDwQ9gVKX46hi17_ZZLbIKFwKH09Go3Q7ceG-GAE&id=lidar2&mcvt=1139&p=0,0,90,728&mtos=1139,1139,1139,1139,1139&tos=1139,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696284417771&rpt=2911&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg_02.jpg
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 21 KB
21 KB 38ms
30ms Image
image/jpeg 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/bg_02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0e98ac4432231d8d523710acdf4d1df4858250abd499353515d70990172d13ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 08:35:24 GMT
x-content-type-options: nosniff
age: 567097
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21388
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Sep 2024 08:35:24 GMT

GET
H3 200 MdJ.jpg
s0.2mdn.net/sadbundle/7134276477144658872/ Frame 3612 20 KB
20 KB 251ms
250ms Image
image/jpeg 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7134276477144658872/MdJ.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

45cf1c34f494e8163e82fa22773394d46331cbbd1f11ce6eaf9a72a12dcd9e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134276477144658872/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 11:00:56 GMT
x-content-type-options: nosniff
age: 39966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20611
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 08:09:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 11:00:56 GMT

GET
H3 200 5G.png
s0.2mdn.net/sadbundle/7134276477144658872/ Frame 3612 35 KB
35 KB 250ms
250ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7134276477144658872/5G.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0eecc2c8302610b82bccf87de9385ea404b0256f1f57e5d78fe50644ee8ea942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7134276477144658872/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:03:34 GMT
x-content-type-options: nosniff
age: 479008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35856
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 08:09:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Sep 2024 09:03:34 GMT

GET
H/1.1 200
OK viewability Show response
hal90009.redintelligence.net/ Frame 231E 0
150 B 519ms
326ms Script
text/html 138.201.63.149

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/viewability?s=96537100001314904444552012466009&a=70b565e9&vb=m
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=96537100001314904444552012466009&a=ebf5af1c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal90009.redintelligence.net/request_content.php?s=96537100001314904444552012466009&a=ebf5af1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 22:07:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 231E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 569E 0
150 B 251ms
58ms Script
text/html 138.201.84.252

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=31322700001547304444552012466024&a=32e02b0c&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=31322700001547304444552012466024&a=72e44cab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900024.redintelligence.net/request_content.php?s=31322700001547304444552012466024&a=72e44cab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 22:07:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 569E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 btn_cta.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 761 B
788 B 128ms
79ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/btn_cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

68552cca682bb0b73fe0c5bccadba8c66051f3bb0f87e49aafabd3915249eee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:10:29 GMT
x-content-type-options: nosniff
age: 237393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 761
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Sep 2024 04:10:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 380D 13 KB
5 KB 381ms
33ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 33517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 45D2 829 B
1 KB 462ms
94ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

53f64feb425fe3a3ec0aa0b0a028753b4b05ba41429240b3d74d8e13278b3bf6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OrzT2DA7QdHVhh8m38-afw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OrzT2DA7QdHVhh8m38-afw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:07:03 GMT
expires: Mon, 02 Oct 2023 22:07:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CB4 0
20 B 135ms
107ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1998739366569&version=m202309260101&ct=119&x=1&cor=16457825925526997000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 942D 13 KB
5 KB 377ms
44ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 33517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 55DE 829 B
767 B 449ms
94ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

965f871ab46ff5e01dc90daa892e3ae2d1992a7006f82fef7027c2e690f8bc4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mo-Abglnf5herWKtgPTzAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mo-Abglnf5herWKtgPTzAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:07:03 GMT
expires: Mon, 02 Oct 2023 22:07:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9571 42 B
64 B 125ms
110ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6mMmaS5TBcIRJnmXs_jedDXgWIdauazTT8smwmwlVbwPzz2ZDjUyfG7sOhqdlaps0gn4cJyCEX79mgTw2UDUiBxFmTIvepVHVoHHOIyOMWYUsW4uwnTVyoATFgivs&sig=Cg0ArKJSzHVnGegn-XJ2EAE&id=lidar2&mcvt=1101&p=0,0,90,728&mtos=1101,1101,1101,1101,1101&tos=1101,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696284415866&rpt=5406&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 headline_01.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 3 KB
3 KB 66ms
51ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/headline_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b5c65add0a4bea9851dc68fb6c41b9f17fb77e0f0c28e4de680e4813f0b6ea5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 23:39:31 GMT
x-content-type-options: nosniff
age: 253651
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2560
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Sep 2024 23:39:31 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1BF 0
20 B 95ms
95ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5168335600233&version=m202309260101&ct=76&x=1&cor=7616871572526923000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 headline_02.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 2 KB
2 KB 64ms
31ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/headline_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2562707fbb527236c793e1bb96b0a09b2251184a45b12b905c53c5aa0160bb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 11:30:32 GMT
x-content-type-options: nosniff
age: 297391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1748
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Sep 2024 11:30:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC1E 0
0 88ms
87ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskCb1T74bsg5oOVEHzT93LEOBYZM2OKIFl9-VK0lvyfkTMa-QtRpv13TrbE64fh7FqAQBJKxl2lb2eNpejlLh1bD4f9GtZ3gdhCkw4xaWVuxk0yA7jPBgeGasXmg33B-w71Nf9VnGukBOtodmb6nySVYXx95ElWfyxBFTnTK2y2srHIdwOyhiAhozUoH269T3b7xN842_SUzHvoHRsfan1moB4mZl8pOcvneK5ynPoehdC0ThioO9AwEl193YRSHhQY_79m8s5yq3N1SIbOSPRcwohaXeqdwc-0wLjUG4l48VYlXMJZ3Q-WzYWS3aM7Rp4BPpqA3HOY7N13Sr0MxanoeHpC87DXTcvU555PrPzgg&sai=AMfl-YTRlLBM9BRzpzjwhP8LpEwEEKTIMZ-T3l9PpR6iktdhU4auYG5-L85KN39Zjq30Ree2DcHCPTur7EwMjlU&sig=Cg0ArKJSzNsfpPB5SG3EEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 02 Oct 2023 22:07:03 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BC1E 16 KB
12 KB 82ms
82ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5d85e209f317af11106b6110ee078d2d041638b47d15842928a1ca623144eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12164
x-xss-protection: 0

GET
H3 200 icon_check.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 656 B
683 B 32ms
32ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/icon_check.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ce0334984e5f44af91c12d8ed33b76b040558ef5100a1985cb5bc0354ebcab64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 04:02:26 GMT
x-content-type-options: nosniff
age: 324277
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 656
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Sep 2024 04:02:26 GMT

GET
H3 200 kia_flex_white.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 1 KB
2 KB 295ms
100ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/kia_flex_white.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

fb158ee3a60ca46559d0535a2101a6569c76957c58c4da910744adc525d77949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:07:34 GMT
x-content-type-options: nosniff
age: 35969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1515
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 12:07:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BC1E 17 KB
6 KB 126ms
98ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 22:07:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B8E 0
0 148ms
139ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuknvlDm5l2L6WscO6hpJnq3yoQ4mag7gymVWWD65_kerFVNZua0hzkANYt_4Nlb0CG1E1iGh9dXJQop2-qYSbi-IRZJcFEKUJluTI6Ivu1LyB_K1o1mPvH9eGRrOPmlXad8zC3pnnIMKOyW0_9YjfRjflcEi6S7iSL-T_7HfDBHnQmdk0IphvoUkucpQQGFkvwnC0m3rl5M4iWdoXs8KXqcoHxMfBTo3TnUqJTKB3PpayfH8crAY0ymZkHiT4ZC_fZF1Xx-1TYhcJX1Y69QigizLaSk0jDXH5qJgiWYZk_VwN0WRIguqd_8-5g33tmffR9hXnQ55qEyArucsEk96MKOdcvQ93suAvOvYlIN1XMrxk&sai=AMfl-YRSqTkFjIKSnrTRhCOCJkBb734Po9AmFg9rQwsyGuiED40VB94KvIFQQmdChlIFtQbQseKaRhZMNmzt-6s&sig=Cg0ArKJSzFlntMt-a8MgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 02 Oct 2023 22:07:03 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6B8E 16 KB
12 KB 147ms
137ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

888643c844ea79d4c7f9e26d56ef6ae4b9d6a248745028f4e80f637e21446c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12128
x-xss-protection: 0

GET
H3 200 liste_01.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 1 KB
1 KB 32ms
31ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/liste_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1bb6bb2316416b6f3440548ea3ee0ff5472d742c8477b7a3b12234e8703256c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 05:12:42 GMT
x-content-type-options: nosniff
age: 320061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1085
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Sep 2024 05:12:42 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6B8E 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 22:07:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0CFE 13 KB
5 KB 32ms
31ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 33517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A867 829 B
559 B 40ms
39ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

773c2f99ea3cd71dbe0f73380c5101d6f9f69b95663df12278510e738304ab37

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jO3rg2uPo2v9FNpow-NsHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jO3rg2uPo2v9FNpow-NsHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:07:03 GMT
expires: Mon, 02 Oct 2023 22:07:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 liste_02.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 1 KB
1 KB 31ms
30ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/liste_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

85764e3d281c3748129051ff30544d7705cd95ac363e17d599cf0358ed7c0584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 16:37:48 GMT
x-content-type-options: nosniff
age: 192556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1404
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Sep 2024 16:37:48 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E78 0
21 B 64ms
63ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3320803872447&version=m202309260101&ct=77&x=1&cor=8495324371951075000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4FE 0
21 B 66ms
66ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmTvRAj8bZdqGLPGJ9u8Py7KkiAkAAAAAOAHgBAI&bg=!VFelVxjNAAZN1Q_XbdU7ADQBe5WfOMaSj3LMRbSwL13O3-Fsvr8X1JgBZ9Xz6tK2H0cwV2uMkt3rGNnT3e919fvgiOgbAgAACfxSAAAA-2gBB5kDONCniP5IaMsnlrJbKudSDi0rzvVI6EBn4LkXzG26_Z56fA8ZdgDKmwVdTcFrFHwWaDbfTAYaU7COq0Ah_4k6fg13FD-XRkD3diEhDiARmqnR6ZQOc9FWfxbXiMvTMw6sRorfjyKHsr3uJ8wuTViu1eTu85tTVGFlnazzhuUTpvnshv_K1yBy44hCYfOtCQg85P5xCS89MODsqf9zY5kL9DFe2NK1N5aAgKt2y8KS_u5ZuvG5tWQkBuNsLDzp1T0Vt1REHuyiyO0L-TS5RMsEPm-cVyDK14ciVJRrIDJRCFrMMhLils8LPz51nkpXOmkvqVtg68Qbbn_FM6Im6a3xzrlA3GjV4JPoOnBCs2sUgsKmcKA9JWHz2e4NIIURctlmz7pxRikcO-qpSXPvbLuToHpDC6AxxT7d8Rkmmj2LhXUnUs1aXKnSvEOZsWL1GGYRedfFWAwd0eCGIsGzr9ol2xBjpfwu6y8oo6XAuZzoS1tOJQYpk_UqW_uoQWlK6xCwPErkGMu7uXCWS2PLe87hZ-RDO4uxRpeJvNp1LHe06BOPEM6d77QLeHFfXlHzhiMfRzyUhUHggKxv-sWJzLVYM0-Juf1DKyHLsEOC3kOkZiQiuoFY9t-qK5x_BTq-nTMxO9TVwiS6dIu1syKVadZCsBqKVVYDjL-Na54z7k9TDnbR67nUGuzGNt8n0wclyMLFaXJlBwFELk7X0PAI57KHRGO4qTFJWcoaXovS9roDv7sbjA9Gv4l3apPirozA274tbe_8HIkZHob8-9N5G5PctHTB2a2KSjhVkCV_hdFSuswXtL75Kf5YiUPG5I10mcWsmH-TiRu0j9f7WLm_beu_zMT6qlbA03lZiiV-o_Is5zvdRDgQS949B2EkUwkXmfyx1-JSb2dQ5eNkpKLop0eq5pblhT_b-HRfEMBuqX7Fn0NeDAI3XTjxjDWrt4WVXB_dYWD7ADyLUYxc9YBEiZI2DY8_Qlk3T257NZn7fpTp-9MhbTWczt3uq__uAWH5YTA38ZveB_nSYnBqwvfyQaAnlEnmP0BSyjx7_l_ozptQ56jJ-SRp2ATX4i4w-tY3A0HBSZnywE7N0niC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 45D2 0
0 71ms
71ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230928&jk=1126824095258659&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 171B 0
21 B 71ms
70ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwPfnAj8bZYjkKvqnjuwPot2BwAEAAAAAOAHgBAI&bg=!0dKl0p3NAAZN1Q_XbdU7ADQBe5WfONaPrftAgmggBI-ZwXVGPWX-7l5b_Y-9LB4SxP5PuhfU8u4YVcBrd4E-lrp1DQkGAgAACidSAAABi2gBBwoAElWjdkCWOLt5TkBhjpfNVIwvFpkDK94gRySFa_gsyAQ-omLs1IS_p909ZKHBCu3v4N1mwSWQX_wYwroUeF_gKgfu7AGAqDjsvi_OHYXFHqMIFr5hm1CMMO7foVVt2DGLxZYFDfJ7wiP8lvlosoq2Sa9S2forB6hU8mN5kwcfrvckiJ-fmqGsPV-_CqVFJy6BMm6sM7jYADPhSZAzqcsnryztyCgzJMf1GaNwVmtSj1my0pebxevGUY3s1yWnAFm19AsCJhcB0jShXotBuIRLaLNJRgLYWfijpcIssvP_2EwyCQistYkonEtSA5dpsDIO8ufYqrdMlwrTuRhd2UesYOAgCVq2xCWW4bnkHb3PoruiCN2Q-snszvDyZ5RCiX7ITsXC52P7viSsnt2DuOUZx7NFgDIgPilFfN4-ogTfNhnElN98jjoWn8RXcoIHnWet0ZfV-kaUkKfvxKk7hkFy2NfCZKKCBGuKDjonfWdi1Eb1R439gKCSy-sqDVuPjbwnhox1OrYjNsM7BCKmehLBTqjwNdQm-bPRZ4IRDsXxrvw9O-0GSHDRAMYPKbk8w6wBrO47L4BvuOwtIGq8FZKaEm_dVXoESzCRglSMZa0yN72nl48bjvhfgRuipEHmi6EukQVd6d1Sudgusenrtct9ZFXJoSwddzyiFxj8UtIJ-IzooBaLUqH_dqyjkibAlN-hQ1s-cFD5fbgmCDh-LecYuAoAYWmi6E94wERD-NAGhVrSRAToZBAV0NRY1v6o_uxDzTiAK8Q7qRKad8tfUH-aHhYqp8LMcLQE2zbLsfc9xSiY-5MAbJLLfpJ4_dlbIkUQ7uCkOPUGyb_2txh4xGVRAqHjDLIZwQZ5MC2siJp-YapBNYB55zvKEmDGBMp2y-ruyQmstGyj7j5rll5lr8AJuENB5Icn8R_HbZyTnkFyPXXWhDedPv0jpNgkJrr-uzuydqBerHvZzdyA275nH6OkGQ-SvZaoNXGacNifHfxgTOAT9UARz5pe8u5xvmLgc6kCQ7SvK-xbsUyi2_C2JKQj5RJSgk4bJzxQ7Bt8T9A15g5JhZsactaWidciO0fwHqu93B3p1VlBzkPhP7Z6_54cc7w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 55DE 0
0 64ms
64ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230928&jk=550367111497294&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A9B 13 KB
5 KB 137ms
30ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 33519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 706A 829 B
559 B 101ms
48ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

04d092b6b1eb7ffbd37fd2913279bb93e75d8950812c27ed36e2696d4dc7afb7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gatrz3OyuoCAvHQfxGBCeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gatrz3OyuoCAvHQfxGBCeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:07:05 GMT
expires: Mon, 02 Oct 2023 22:07:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 380D 37 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Sep 2024 12:07:56 GMT

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 942D 37 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Sep 2024 12:07:56 GMT

GET
H3 200 liste_03.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 1 KB
1 KB 31ms
31ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/liste_03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

fc4fec40905fbd51adf29ef0554369e7e7ead1adfbaa03adfe158faf2ddd5872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 11:44:14 GMT
x-content-type-options: nosniff
age: 555770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1227
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Sep 2024 11:44:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A867 0
0 106ms
106ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230928&jk=674343852142438&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CFE 37 KB
14 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Sep 2024 12:07:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C80 0
21 B 83ms
81ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO9G4Aj8bZbH5K7ecjuwPkIm4oAMAAAAAOAHgBAI&bg=!6eql6qXNAAZN1Q_XbdU7ADQBe5WfOG0CTuBG4YQrtdiYwtoH6WCkeYg0psM0Pg09LVNFMX6zs4JryEuC6yq-A-KGI59nAgAADDRSAAABQmgBBwoAEheJhCA8DqFdvT_2Vb7dXAFqr5kDVEEOLDyy42NDe5E2TtVgUL1dX2uA0XhxPd3DOC1vDXUqcbeVoNj3l_GNX0culgo0uTPP6LwjpX26rShrCBDBX7b2DWesPUBSvpFFy6Vdp7EduD3E874Mf0Ll-soipdX53ZvzxDyYd3s2662eOWdeFrG2-HzKUrJ7utv9lUpHom8r77STSZjsVr2lZO9nM-i_F9NmoEr-BNPQ5wnssgjZVVIzzxkphVgmRoAbmkaFmcVobxYtUWNmOU4vaGC88Y9vslnTAaNm_9iSuKNv2h8HrBGddA8h4e88Cf7xOZveDe8D_o_AH-0vIuWNHyC7PaDpz83D0iucwIzCVNiKacrgZ8mf4g3e5W1RhjKMr-EuzvJXLgjviVbVBZlWz6uArUYiY0GQxVqkZOoUrmJZZBhASLq2g73iUwU66bBDtUGNzr2JkweEwk8nFy7w22PvBLYR6dcY-m1IKNl00gJmmE-ciZjfiec4Iqv7K8c5Z3PXc523sDPcF3pHXdQHjJjvpaf3MYFsi4drWncxAyzB2ggaQ81Q6qA0tyH1NDGDe5_yy8ikv2jDzDVSXT4znQd0ragROJ18mDfshAh_1qgnaecaCqmr7bTQV4RuMA0cAbaCpgL29W2LYEw6_xDJgN-jKielJnteci3z6rly-xfjP8V6lQW0n-MxoYEv8DLbkKT45-jI4Y5mRIOs4wisx2RUvB1M4Fa_xOBrHl6UM2bmTzjv19JMJtjyto2fulAA0gsMkSUTo_54lCaMlecDBIaCuyf-24t5RCuxVri8opKPbcaNtxny10xH8Wf-lD8IyS7hbKUWl41_4k2P4iYGbh5t6eRLx2J--RdyNyIqhuyjui_mU0qsLvQrZYUDUUP2nX7PC_5cwQmiemctVp0o24GODMqw2tbUqjW6WKIJgfr9NQHwcL2WEjR2SP6CNFUEAlqa31QBEbgwdjdpfbJGrFWgxriwnts6d7KhjDI-5LJg1Mgc2UXqN5aesgl5Tm_sTyKjLNfj-7PFhicZ0yvxj0OyVkzkHD7hwI4ZQ2wemXgojWN4PH-TG_aNnC0Z7cTAfl3YZR8O6pol2IgEGfqcOkQHkob7NL75yDvo2dXIyq8Ybfah84-RAaEAHY7BmQkdmyfZHEujltshQw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 liste_04.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 1 KB
1 KB 31ms
31ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/liste_04.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bdaa45add05fb6a742549affbe0c6351520d4a2d7e2a8677ae431b88c7d8846d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 05:28:02 GMT
x-content-type-options: nosniff
age: 232742
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1187
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Sep 2024 05:28:02 GMT

GET
H3 200 preis.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 2 KB
2 KB 43ms
42ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/preis.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b70afa8f77292ed9a81ba7313e8e8128a8fdf390d82645d18ce022ba184d4997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 05:23:13 GMT
x-content-type-options: nosniff
age: 233031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1732
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Sep 2024 05:23:13 GMT

GET
H3 200 va.png
s0.2mdn.net/sadbundle/15684594703593914141/ Frame 1AF3 4 KB
4 KB 30ms
29ms Image
image/png 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15684594703593914141/va.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0ebb4ecafad7b8a2d4dae2fc1e8785b5c34c603990e975430bda8ccee1ecac01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15684594703593914141/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 07:25:46 GMT
x-content-type-options: nosniff
age: 225678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4106
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Sep 2024 07:25:46 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B603 0
21 B 80ms
79ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7843805389453&version=m202309260101&ct=77&x=1&cor=1955136241202316300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 706A 0
0 80ms
80ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230928&jk=3424698992440312&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A9B 37 KB
14 KB 118ms
106ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Sep 2024 12:07:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 380D 0
10 B 60ms
32ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ceafcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 942D 0
10 B 60ms
33ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?l5mWfw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0CFE 0
10 B 66ms
38ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?phjRUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8A9B 0
10 B 60ms
39ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OnfP8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:07:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BC1E 0
0 72ms
66ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230928&jk=674343852142438&bg=!dnWldTrNAAYEJRtnJCU7ADQBe5WfOLFc6JEk-19D-jjJJjlBRpMHSxkkta9qvFqXVwTMTM3zXm7A62-kqkfL91TS5lwGAgAAA_RSAAAABmgBBwoAjx2Z7VAHvOfmrL_8m_53ttYfa9AKTJuESs7BvtOIRUFBuqQLueu0bm9_57CBWdde6hUlKuSb2zVYe7rn8s3f1rDQRNlpZ_wETIYvyt2yCVqMA1eL063Cd-6l2ihhKMH8n0W4cpIeXT-yv8r0CSnzz0-snQuXhoPE_hMbuyEPp6F0nTpAM_cI6LhYuvjJU4iRmQL84WfFP7OL-sL59t9d9fhOcuv-UEyd3wXKtxjPIDFfxiILJt8ZdzSzoWLPmLBAGekYslnmrG-9HD2wqgj9u_PtyuxoJZN1EudjIkWGiQztPk7PY1U5NmoYohc4gA-v07DsukYr_wp2X9iF4gIWi9d69hWeJv1oNBqb3179qgiDxX4bHQD_BUJKFzzF16pTWBbfoVnJ7qraMXWBgyR936-ggxyy8BK7ef1irYkRKQRXJv9L4kKZrPRrQhLjoD9nnnYZ-ZqsMAA7d_1FIk2R2uaCAx9ChtoGSYwHx9dy4oK86yitW4BBos12uezlz7EQ93m8DeW7nfAhsr36gW2pl0qys1jzrT8mnu0WXY14ZDKuMAl80yb8wSgIG88S3f8-6aUiPTjgg_gPqLBQuRgOlh5Gzns6IDBEes_RIrBU-Aw-VHDQpNvR_SPosCgJBOElPTt6G95uP_pCifIkuuCAFYvo8owHdxwXBgsMLSeZInineKkDTvKMYk-058yxzVxWufbofBgiIpRjpfvZvk_cESBzlbv_WeWL-IMpNt7W2RrYd8dtjHxWd0S6Hr88swSU0HAVBDvOvxPDdf9pV2bjfAB8hzorsX9wwaQTFQjzdVtDEBKSve9LuzqofbQV2Oz4v8cVfE7l8RGZug6ZmGfEQsLuzHfOQWhTOLwssGXFgq8OJBfEYmv3BHe-4v34nSJkmuBvT8WOJw9bUAeAHHx4h-60ykHnMs67VnLKNc1oLES7xph4Gh7xhZhnByAausUHVATFfq7y5WUxMA2MIfLSKxCVKEIxjjdlcW79WCTbsa5unHrlxygeUhRJFw9Tz8mRSPcsc4IeWnZiTzO8OgJLg5RCPNB_M28cplMuAu2blLG2c47DRNdjtUq8dbbCk6WSZzT79qTJnms0Mz_8cb0VbxxnpbjO8__GmirUxfA1WX8jBClugiG_PrLEqQ4LDsmHl-T7IZqPzRzqS2VprAkmzelwmVhEANZevMNaaMO73KmLC5LnD2q9gn4o6wdW_80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1488 0
0 73ms
67ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230928&jk=550367111497294&bg=!sLOls_zNAAYEJRtnJCU7ADQBe5WfOOOyv2vk9KV_0WaLqjNAkQJpDXhIxN6qyPwH97-JSZJTG88n5zmEJTJ6pCPLtPaAAgAAA7ZSAAAAOWgBBwoAU7Cdgl2Dc3AMYqVRS4cPDa1SFh0GwmpExaver_kTgcGdaZPULnJJv5GER3N5FoNndcAqi5w5fz9iAm4Z8x_jAzg2fXloUMy62PyhMbGIsIeJPCn4mQMRLIFlfWsFx_rR1Ja-1lzFFVsxk7-FJ2xYFhtrJ6RCb_XE0mf6use5uvtu4r-_j0xHiPZuoxLbKTtEUd3kYnZVEYYsZNsHYATDI6WdTuJZOD3ZcMj-jIHoMipwUgE_tdKLwtyP6cIOnNiuPlbtLFal1D8YDUwEQklZLNpJxNBGJV90MGhE0juZyz7zfr1Wf5PNeiHvjRmBS2y0VdhmOvv4xZEqNpa0icrU7uAVk9dZEsbqduZDjyd10-x6m4p9qW-8lcHITkPwzevxPT7y0jAe-cdxoGof2BXjqm_cpOhzKEaWI5_UYcYIyLRzpE81Fs_UmKGldr0CHt3VUTrFpnilGSViIBclvqigZ5KoHjUvc59FxoJUD-IxW1jkxKptW4btX-zhX2i9HZyei7NzzoECMuiH9rGqOMJ22Ed_RCz4q_4soct1qSUI_Y7MhogeC7mquDPOcSBRFvzysQn3vAfJTwfAAryIgoyXczdovR1bajn1yU3elD1DhoF60nNPn7qEVfl4NBMf4rAf1vGWTRhJMT2y45muBeHetG--pkzuamRSzMh4fDgIQbkX0boa2-_kdvePxymSZrhaaBNMAeoZfTbrbb214XE2S3RtEj7ZoRwRZ-cV01a7VHzh867bSvCOui6X4jl9Vp98d2STpSKiAfbeASMOBHys1IBGIg5c_VmQCJqmm6ysWcWeVVEPLle_XioUpz0LoNFhXn43PUBVSeW7fMXNZKp21J2e3lB0HCTReiBbPm28TVqTZLjmRUR5GQrergjgAbzHknQTIesvKAIcvCvQnJPxxl00a4-COqiqoRG11HpX1mVPY4zgSKR_v53RK7OschsNeQviTl-bVppL1dk8PH90FQR5jAPQj9HZM9usEdznrWIQEEUPXeH0ejJJG-WS1ItFwgwOK5HwXyzxVdNUaF_esjG299Bkm0RkFdlbh2vD0SiXISslkaG78CR6a2T02or0CaG08gVUBV0uBI9KVqo63tl4ZtUxM3PjU8gmZavVV0QDn92nLKOzL6TQksM46GVGGdcQMVov_yk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9571 0
0 73ms
67ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230928&jk=1126824095258659&bg=!5eal5qnNAAYEJRtnJCU7ADQBe5WfOB1SXnK2nvrMlzBs4hMNOhecjf-F9DAcluO3_Nl5Yixs3r2R2xV6FKPPMucsV-kaAgAAA6tSAAAAGmgBB5kDDKitWz2GgrYSpZ8wXqtTtZqibQ-QRhMo9r9xR2kD6rJXZV66weXlxVtcgZuCQPcryLW4m1mE4PA2TV1v4dupABes5HdwQc3i_Ekn4uXEWUaQ_gGfau1AC1XTJbGKaMMlAOy65-2zaeFHnUAzECeFUmbv_H2czr8bgoF3TBWuZiOh2qbJDpsOmIcz7eL1hcSfCm0IF1LdU6zu53zsmtwa918Toh12OS0N3QxSl3tnmvWcjfZNGianJTXSOB43KJN5b5dA6HeDQMz5iv2VasKwIt8Mt3QzJ5_TF1LHbQp5mOILKs9tay9ZLGh9vMtGshGleWmwaLhT5QiUUJF-uncqwzk3wrQ62_c60hoGy5grG6cn8qyL4zB3yQR_qzHbKK8sj627dWTm_aShlx3cAU9voKK46VANAfOTBZ2_pl-tiQKbQaA0jEsTu451-wCNg72vZUgSnCTHQqWHnYLYIXDBw4XCxQxGAuMKVT32HodMovBKZb7TT7ECZpkzD5LdyDxbyRvAHwbQWNnn4pG0ueom1joRh6KVQXMxvekbZAOzaUAW5Mjfh0QNcTaehbp_iyk-Fr2yLYoZTeiPdGatcvXVd3GmwdPLYJ6P9HN--ChMyWRv-_HhucIrybzTC9n1GXWA4vOcJgE4sScWTdDiKpXV2qxEav9aSTbt4We5aSCFJ4DE7wj0EBLiN6WIyb_X1hO9KWlROFc_Qu4WApzpvW8zxMYd_SWLfRPjGFLrEqknXSBdH86tDfqjYBMd7vXbSQ8S-qumKx9um2pobgIxmpeGF4c9pLz7b7qYXE-qyPFeLcAgGrGv-usXrjvIkTkdbxF5tn0iKcXRtjYJ7S2edAr88bDReV5eUrARkBaDAf9ZvXH2UXIR844cuWFyOV480r1Oa-GJO3YZTzB6ae7MaB1KiWExusFysGpeuQJa4NlTKBjlziG0O_pOmELlnpvNXiJxAzj4vfW868lwEmtBRfzp-ODcpbbpF4YkPeIbgn4rIHrUyqlTu2kdhk1c-Mqb_9APFZ_4dEzSxm1k67TfiQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6B8E 0
0 94ms
94ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230928&jk=3424698992440312&bg=!zM-lz4DNAAYEJRtnJCU7ADQBe5WfOEbjyiI6mym_6Q8gv6-7ZNMcRQGR2p-BP_nyTtdc9evkcrm8fkWWUWGBqw65ZQlOAgAAApRSAAAAGWgBB5kDAGAteJofehcSHy4UNd7jaoNUqM_HN8aLB21924JHFh2CP-lVKEJHaSCjlMamsGPuKIWlMkeJSDkVyzhn8gUapZ4_Wkw2TvjFxSSXQcNYg1O-J8ZYF0VwqgcNnDfPHaVk5EvH2uXglEeiWqyoPaDV4p50hchu80u3XmACbnnaT8zkZ55sRTd2nhbFZnfoCQ9Z0TZuqvLHpioU2lUmeRIOreBaz8IvYFI68yfWTaXRt1VAry4aSC9YIxQuv60uBteLJEBFf8CkTzZdZq6tuYn9uIWlDrDo8FehfJNLKRoXFignwIWzDS8nZHHB6kxW_mMvBe176U5lbZ6U9ACUGeSYq40PsR0OQEoV9O8jQ0wCdtFb5qbNdsUVnxse2AC4e74M1gpqJjIcOPLSn4i4BcBTsqtNPaZusCNzo5_HwSXINMz-L1aTHJz5wE7jcGMsNSt-kHhBO5OQSZTjckvCq6Mdnbqm4YTMbHngv4EUwI2P008JAKbOBZ0uPvPN7KdEo1p2dfs9DFavvyLZ0IiyDjFHUnEcUX9maRV48-AVEqKkikxpkcsWfMUKfnI7iGtGt1NwRjAqhaH6z0LjdfZF5UV5jGMrnZTK6UR-atvFJviy1FFi47m661jVICbDqU1hErFroEoF_1jclMsdzDDR_M7d9XHm7evqRQEEsmPFV5Sy7OYDtHJL1eAKJXsr1-QXzISF4uDhbmQhM1GVYLgCzQ--9aMyOARQWVWe7ta-ZdIFnBpUbnCyV6Q2U8lBMm2qFFal0Ik85y3calzipopBiS1AgsRk_zfYvczoiG3lijhLlftHjFlDq7NfUNLkFUnDqtCT62mTynxktqL5TPhBIr3nLQwePMLBubMgmzCVd_hCn5aOrw_7mxupvxKZCvx0N4BIhC0QA-1TEta9Lxaa7RkqtxFrRBvucaEHa7qAq_yQrQ22HU4q5qP-KKGYXGcgl70PKRk2XmYN9d5lT8sxIW1pv2PvB-3Gjy5LSC5CACasQryyEw_vUXkXd_q6ZRmgnNhXtQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 dc_oe=ChMI2o_d8a_YgQMV8YT9Bx1LGQmREAAYACDN3b5eQhMI57Sn8a_YgQMVHBCiAx26VQ5N;met=1;&timestamp=1696284431271;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0CB4 42 B
401 B 159ms
67ms Image
image/gif 216.58.206.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2o_d8a_YgQMV8YT9Bx1LGQmREAAYACDN3b5eQhMI57Sn8a_YgQMVHBCiAx26VQ5N;met=1;&timestamp=1696284431271;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIsYLd8a_YgQMVN46DBx2QBA40EAAYACDw9OlaQhMInbGj8a_YgQMVbA-iAx13Ng8z;met=1;&timestamp=1696284431478;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C1BF 42 B
107 B 66ms
65ms Image
image/gif 216.58.206.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsYLd8a_YgQMVN46DBx2QBA40EAAYACDw9OlaQhMInbGj8a_YgQMVbA-iAx13Ng8z;met=1;&timestamp=1696284431478;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 22:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKD9iCz-zHXGDEvYOqSbwc&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKD9iCz-zHXGDEvYOqSbwc&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEJHPwXYP0a-w9peBKYlV7Hc&google_cver=1&google_push=AXcoOmS7s4skIv7S7ZtwEaNya4ZrqqLt3PDFxVatIk8ReCEoQa7jlaGC4_8_xXYbDi83k5woBxZNtSBI03hO-NoRosml2e7UoyN0PQ

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 00:47:24	Name: is_unique Value: sc12916097.1696284413.0
.statcounter.com/	1970-01-21 00:47:24	Name: is_visitor_unique Value: 1696284413897177552
.xgcartoon.com/	1970-01-20 23:57:00	Name: _ga Value: amp-e-llb_SCir9oc-IPHYzAfQ
.doubleclick.net/	1970-01-21 00:33:00	Name: IDE Value: AHWqTUliFMD1zxDoRMHRDWhbsHA4YXyf3y1sFiQahGfMcgU-XYBGQGl31mmM1PEZf6s
.openx.net/	1970-01-20 23:57:00	Name: i Value: 4f5c5c18-66ee-4626-b563-fe9257cae665\|1696284418
.adnxs.com/	1970-01-20 17:21:00	Name: uuid2 Value: 5796645050664064436
.casalemedia.com/	1970-01-20 23:57:00	Name: CMID Value: ZRs-AuVXtGgNPYPT1wiTNAAA
.casalemedia.com/	1970-01-20 17:21:00	Name: CMPS Value: 1183
.casalemedia.com/	1970-01-20 17:21:00	Name: CMPRO Value: 1183
.adnxs.com/	1970-01-20 17:21:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HbzpR85W!@wnfH8K6pQK`!5=E<L5?%Lx7@h<ce8lU.ieFo!^?6x_chFRW9H6X$VmbeT%nugO%v4VB%no-86OX[
.teads.tv/	1970-01-20 23:55:34	Name: tt_viewer Value: b4d803b7-f48b-479c-b3d0-ccf3ea13a674
.redintelligence.net/	1970-01-20 17:21:00	Name: 8lcfmzhxc8d6_uid Value: ecc6f13f8289eb20
.yahoo.com/	1970-01-20 23:57:22	Name: A3 Value: d=AQABBAM_G2UCED80ByK33gVN61aNPOpzdtUFEgEBAQGQHGUlZbti0CMA_eMAAA&S=AQAAAlNMjZG0UGSzZhlOzXU57rU
.analytics.yahoo.com/	1970-01-20 23:57:00	Name: IDSYNC Value: 18yl~2e9a
.ctnsnet.com/	1970-01-20 23:57:00	Name: cid_191482abfb634ebb91a7e2b3a613bbbe Value: 1
.ctnsnet.com/	1970-01-20 23:57:00	Name: gid_CAESELfyAGLxFrJ2_QhzAB4w_VY Value: 1
.ctnsnet.com/	1970-01-20 23:57:00	Name: cid_a7761ae74d024096af758ad891564dce Value: 1
.quantserve.com/	1970-01-20 17:21:00	Name: d Value: EDkBCQGLKoEA
.quantserve.com/	1970-01-21 00:41:38	Name: mc Value: 651b3f04-9cb40-e7736-1a471
.3lift.com/	1970-01-20 17:21:00	Name: tluid Value: 3475443298989870914108
.travelaudience.com/	1970-01-21 00:43:05	Name: _tracker Value: %7B%22UUID%22%3A%2236CE8A29-23A5-4695-3101-C022C496C4E9%22%7D
.smaato.net/	1970-01-20 15:41:38	Name: SCM Value: 0810b101f0
.smaato.net/	1970-01-20 15:41:38	Name: SCMo Value: 0810b101f0
.turn.com/	1970-01-20 19:30:36	Name: uid Value: 8575669978488132921
.adform.net/	1970-01-20 15:56:02	Name: C Value: 1
ads.travelaudience.com/	1970-01-21 00:43:05	Name: _tracker Value: %7B%22UUID%22%3A%2236CE8A29-23A5-4695-3101-C022C496C4E9%22%7D
.adform.net/	1970-01-20 16:37:48	Name: uid Value: 3382968887906336283
.w55c.net/	1970-01-21 00:43:05	Name: wfivefivec Value: aeH7hjH81QNr495
.adfarm1.adition.com/	1970-01-20 17:21:00	Name: UserID1 Value: 7285486112924432535
.simpli.fi/	1970-01-20 23:58:26	Name: suid Value: 7C893F04B3F44E2EB53E55DD4AC4CF3A
.dotomi.com/	1970-01-20 15:11:24	Name: DotomiTest Value: 15acd3e2a9811734
.w55c.net/	1970-01-20 15:54:36	Name: matchgoogle Value: 5
.lijit.com/	1970-01-20 23:57:00	Name: ljt_reader Value: Ha7vsGZHZMxLK6-HQcOJhSem
.everesttech.net/	1970-01-20 23:57:00	Name: everest_g_v2 Value: g_surferid~ZRs-BQAU63DyxAAb
.360yield.com/	1970-01-20 17:21:00	Name: tuuid Value: 01d0772e-0d7c-40e9-92ed-45c2fa575392
.360yield.com/	1970-01-20 17:21:00	Name: tuuid_lu Value: 1696284423

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng Message: The resource https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKD9iCz-zHXGDEvYOqSbwc&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKD9iCz-zHXGDEvYOqSbwc&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng Message: The resource https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng Message: The resource https://2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.xgcartoon.com/detail/dubuxiaoyaoguoyu-shizherufeng Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2bf8e48b511b6ab1dea2dceb7af66e58.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.travelaudience.com
ajax.googleapis.com
ap.lijit.com
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cdn.contentspread.net
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900024.redintelligence.net
hal90009.redintelligence.net
ib.adnxs.com
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
r.turn.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-a.xgcartoon.com
sync-tm.everesttech.net
sync.outbrain.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.xgcartoon.com
csync.loopme.me
sync.search.spotxchange.com
104.18.26.193
104.20.219.77
13.248.245.213
138.201.63.149
138.201.84.244
138.201.84.252
142.250.185.226
142.250.186.166
142.250.186.98
151.101.66.49
169.150.222.217
178.250.7.11
185.89.210.20
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.52.2.86
216.58.206.34
23.35.237.56
2600:9000:25e8:6800:1b:5138:8a40:93a1
2606:4700:10::6816:2e93
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:803::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2006
2a02:26f0:480:f::213:7edc
2a02:fa8:8806:12::1370
3.71.149.231
34.98.64.218
35.186.193.173
35.190.0.66
35.204.74.118
35.227.252.103
37.157.4.28
51.38.120.206
52.17.192.80
52.223.40.198
52.29.154.74
70.42.32.255
85.114.159.93
88.99.69.161
0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04d092b6b1eb7ffbd37fd2913279bb93e75d8950812c27ed36e2696d4dc7afb7
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09a35f35f62d3080dd2652b476e351f84b1324719eacacd9c3b6594f9063ed0a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e98ac4432231d8d523710acdf4d1df4858250abd499353515d70990172d13ea
0ebb4ecafad7b8a2d4dae2fc1e8785b5c34c603990e975430bda8ccee1ecac01
0eecc2c8302610b82bccf87de9385ea404b0256f1f57e5d78fe50644ee8ea942
10889d1e4c5578622d667f3919410c8ad3d79e5da111b6a1ed08e5dcff3c9469
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17655e095c2160dcddf6707d15d40631d2ba07c00984090d7b5c21d6fff4d5d9
1aa4a7bb3250246172fb936a76cad3eda063687abf10aeef1780a2fb659a9abc
1bb6bb2316416b6f3440548ea3ee0ff5472d742c8477b7a3b12234e8703256c4
1d09addb98086247a9943cb311409a3cd0488a245b49bd36a446f5c6fc1d78c7
1daef2b0485fc115b6360d9689082ade5364e9eeb42268f6817e19e961800264
2562707fbb527236c793e1bb96b0a09b2251184a45b12b905c53c5aa0160bb4b
26cb939844035ca21eba41bb24c2507dd876370d1c500e5c7c878f842e1cb1f0
27bd8369720d58daf2feeb897a838db3ee06d64205a4a2b91d4f4b2a7e61ef85
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31501eb658d9ad7b1f7ab3beb76ac12347a7e754a054369de1ce77240b1c2b39
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3bc6f8f78a99374ed4c08da7f96cafcc1ecb00c6db176bf9c121c2fe096d1553
3e13443dd371185d6e2a068eb3ab0af5558fbe5b90e475f9cf5a6d78ee55c956
403aef0f448998bd58e4e5d998c95ddde4187bf2083f736a942a8bb0c7a0ae9a
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
41e8d27de84af51f0b58945cd10da49281c4e99293aa0b41c32b9b72a6ca63cf
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
4571cef1c66f92770825229730d7177b785ccc7ecf91d6cbedbf8dc3d7e01356
45cf1c34f494e8163e82fa22773394d46331cbbd1f11ce6eaf9a72a12dcd9e5a
45e1ba1ff44ae99b197af9e8d8ca6316e9b37b8044426e054fc956d4bd0709b9
46361a17d3faff6c797c808a5dd959c1e6783afc193d59202adb15cb26d14121
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a68bb2259e2d754e0bc912953f8cd2b14e9f1b55a46811273f2c9ca00e24833
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c76d926a1f0c5ade31a0fd8581f5361be3332b0cc23cdaf50172fd2858994b2
4d0467eff4d66506a338a9dd34d16eca0ae3e57fb7a10710e1c0659558a5f3d1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52488fafd33704070fdc449396ed61295f48c8bccd25ebe7db981143368c22b0
53c424641f7d862ab91dbcf5b3968530e44d96731b7405f96417a2c76b4d0ffa
53f64feb425fe3a3ec0aa0b0a028753b4b05ba41429240b3d74d8e13278b3bf6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60f5db5d6a45302fed2d4ef12f08c8e299b0ee5e2c488f0e9f9815e4ff4d16d2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655f1d0f44d2f39ac21247aeaca856fe79c31b9d95afaa2cbf1d6c50a0378309
675bf77951206e455265e9bbbe8c87281bd8c5080d29107bd65aad90e262eb26
68552cca682bb0b73fe0c5bccadba8c66051f3bb0f87e49aafabd3915249eee8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c19fffc1c9f12740a06cb09965119435abf0a2ac36e2b866cd80b40c4bfa50b
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
75681547b123727b32d0538f18376da53e07c9c1f952571fa71b7b9b750a1b94
7658953af1a4915cf3f00fc60222b31f77c1fcaaded47fe31af741d737be720d
773c2f99ea3cd71dbe0f73380c5101d6f9f69b95663df12278510e738304ab37
7cf26dc4bf4319b83ce5941c06ed83e8b6046bdb208eca56d3043b688cb6cbda
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8336e6c76dbff8a45c7b8e47b24a517c3caf3cff24b196b7d53568e52a5bc0fe
85764e3d281c3748129051ff30544d7705cd95ac363e17d599cf0358ed7c0584
875d82fa91d8d505f0013431f181d898b0e598e8fd86e034f75490981a2bd21a
888643c844ea79d4c7f9e26d56ef6ae4b9d6a248745028f4e80f637e21446c79
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
94c849575fe72d56d0355d4e41ce8eab134584f902f1e6e6e929c6b5c73e0f1b
965f871ab46ff5e01dc90daa892e3ae2d1992a7006f82fef7027c2e690f8bc4e
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
99db5858d2cda685ace6e29d6ba6fecc637373137069dc6d8f42bc431171cb49
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b22b527a652c53284f5339711a08c2ef2667565d35c09e38f835593e2fdea9c
9f4a0d2a8b1386a90ca2393a5741b99e0546c8990dce7f0c13b7e5d117710130
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0cababc6421d117ad4fd9a9403a20ba77296f2c5fb53284a3f2dc035495f021
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3fe2201aeda9050d5a049b03528e35c36bc20298f05b3e5e2a3574c385b683d
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a9fcb2d46652ad940d27a495ceeb22ce9a2e5567a69e75c281d3e83ffb12851a
aa1305d7baebcaaca830bdaa875d69c9ffaf511c107d90d6c94d505589d6dc67
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
adb5b53c8eb41962e78c46dda123baebc09b0907f556c59bab11078d379ef908
ae37c3d9fee0f895d2b531803b679e5103f350019c2eec9a8443737d982216f1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c2ef39100cf542c6cdc04ab2f6bb6a08e48b866f5e600ea4f7f10bce2e77ab
b2dd6a7af46c08c24d08e1f4d920af28714968e1ccc479c64f5acca7730b8c25
b5366e3de994ace22a53abf4f2ea87382e35ba636ff56d9e144ef65a4ade7c79
b5c65add0a4bea9851dc68fb6c41b9f17fb77e0f0c28e4de680e4813f0b6ea5d
b70afa8f77292ed9a81ba7313e8e8128a8fdf390d82645d18ce022ba184d4997
b99ee275208ffdee7bbd9fdaade2698a3709c3fd608d82d9670ecdc7e05d132d
bdaa45add05fb6a742549affbe0c6351520d4a2d7e2a8677ae431b88c7d8846d
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c00bcad20996af843ae8963a41360ec2487512a339359579538fba3fc5dc51c9
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
c6cf7a78ca75e8731d5aa4d1ed8e5e9bad0c1ae435cedb1bed66d09bb5772734
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
ce0334984e5f44af91c12d8ed33b76b040558ef5100a1985cb5bc0354ebcab64
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
cefd5bd9a30367cb1a5e8dc7168f1515a31a53786b415865c867c221c74b5ace
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d56788546f8882cc295d17050b33127dc6d0b5372324675c5cc1f7b8e9023fc5
d6f226bf73d309afec0f8136aadcd4c31a5fb38158edc76f2be201529cea88e4
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
dee82a159a48478b1cadd64e7fc4b3a2d486a106679f745245aee813585c2bfc
e0a0ed927825c537dc888183260f38bedfa2e3fbd3db6f1cf61627c838a52aae
e2382a33354f35f71a87941e38f084952021fc840884afbd26150550d725f5fb
e37acf544fc6276626a2b2343d4e346a01c42930be09ce31a48e89c815e2fac5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5b7f02b23fdfaa750168663e07aa8da6df9b31692b4e470097c1122b3fe2678
e9b06e5d3c471e02ce6df6f6430ae55c3bada1dfbb2b328ae2ca2d13a4d5c9d2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
ed42f35661bd645e6e4ebe7de01c98cfea2b2a97db63d37d110c2d4ddf4954b3
ed6acf231335236de7b578282457cf6b1ddf399b4d4c384be949cb48dc64d243
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d85e209f317af11106b6110ee078d2d041638b47d15842928a1ca623144eb5
fb158ee3a60ca46559d0535a2101a6569c76957c58c4da910744adc525d77949
fc4fec40905fbd51adf29ef0554369e7e7ead1adfbaa03adfe158faf2ddd5872
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd2fd7506524748fcdd583f706e42285fffbc3aab13e9b92c45011338dcbdc80
fe019b846703531650f1e9548bd0b4c1f5df80cde3a80b3f1270582ed72ce704

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

260 Requests

85 %HTTPS

36 %IPv6

38 Domains

53 Subdomains

34 IPs

4 Countries

3143 kBTransfer

8243 kBSize

36 Cookies

1 Outgoing links

Redirected requests

260 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

260
Requests

85 %
HTTPS

36 %
IPv6

38
Domains

53
Subdomains

34
IPs

4
Countries

3143 kB
Transfer

8243 kB
Size

36
Cookies

260 HTTP transactions
15 data transactions