www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Submission: On September 13 via api (September 13th 2023, 5:25:32 pm UTC) from US — Scanned from DE

Summary HTTP 199 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 10 countries across 25 domains to perform 199 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.218.77 104.20.218.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::ac43:2a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26da:6000:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
1	2600:9000:20c... 2600:9000:20c3:d200:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.158.137.139 18.158.137.139	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
4 12	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 5	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:25e... 2600:9000:25e8:7e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.29.79.55 52.29.79.55	16509 (AMAZON-02) (AMAZON-02)
3 4	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
45	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.182.92 35.214.182.92	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
199	31

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:2a0b (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:6000:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Mumbai, India)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:d200:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.137.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-137-139.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.39.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:7e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.79.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-79-55.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.182.92 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 92.182.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 152 pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	1 MB
45	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 331	197 KB
35	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 396	244 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 389	251 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com — Cisco Umbrella Rank: 918806	319 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	397 KB
6	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
5	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 500 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 658	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 268 secure.adnxs.com — Cisco Umbrella Rank: 519	3 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 980 s.tribalfusion.com — Cisco Umbrella Rank: 2310	2 KB
3	w55c.net ads.w55c.net — Cisco Umbrella Rank: 15828 cti.w55c.net — Cisco Umbrella Rank: 3977 i.w55c.net — Cisco Umbrella Rank: 2564	25 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1045 r.turn.com — Cisco Umbrella Rank: 4512	869 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 670	1 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1698	63 KB
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1104	461 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 406	265 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 876	586 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3499	104 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 885	237 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 870	245 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 641	363 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 192505	922 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2288	247 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 10650	469 B
199	25

	Domain	Requested by
45	s0.2mdn.net	www.xgcartoon.com s0.2mdn.net googleads.g.doubleclick.net
35	tpc.googlesyndication.com	a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com www.xgcartoon.com tpc.googlesyndication.com
31	pagead2.googlesyndication.com	a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
9	securepubads.g.doubleclick.net	cdn.ampproject.org a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com www.googletagservices.com
7	www.googletagservices.com	a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com	cdn.ampproject.org
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.xgcartoon.com
2	ssum-sec.casalemedia.com	2 redirects
2	c1.adform.net	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
1	code.createjs.com	s0.2mdn.net
1	csync.loopme.me	1 redirects
1	secure.adnxs.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	i.w55c.net	googleads.g.doubleclick.net
1	s.ad.smaato.net	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	cti.w55c.net	googleads.g.doubleclick.net
1	t.hspvst.com	googleads.g.doubleclick.net
1	ads.w55c.net	googleads.g.doubleclick.net
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
199	37

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G2	`2022-09-14` - `2023-10-16`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-07-21` - `2023-10-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
ads.w55c.net Amazon RSA 2048 M02	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Frame ID: 1CF56B59CA2EC3E42B94F96D0BFFA933
Requests: 38 HTTP requests in this frame

Frame: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: B3B1EC63EB5081E0ECD210D9AE46D191
Requests: 10 HTTP requests in this frame

Frame: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: CB3E945988E32E5C53514FA7726C8243
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 71E726555AE8C72BE801ED950C1D8005
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js
Frame ID: 72E2F4DA1B16BB5CF4263C90604C55B4
Requests: 1 HTTP requests in this frame

Frame: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 880D00706C565900DE0189749EED842D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230911/r20190131/zrt_lookup.html
Frame ID: A97A4B2E0386AEEA15358FA0A644CD30
Requests: 1 HTTP requests in this frame

Frame: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 3D6450FE8DFA08919FB7F1F13B91D856
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926181&bpp=173&bdt=202&idt=432&shv=r20230911&mjsv=m202309120101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3793223493&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077838%2C44796700%2C31077838&oid=2&pvsid=1028994788146602&tmod=815414458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.f4i64mmocyuk&fsb=1&dtd=447
Frame ID: 7AD54AECB7730776D1650E7A6BE0B6A3
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FEEDAE95C71C82A89C8F8928BB66688D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js
Frame ID: 5C1F667365D10F4480FD63979B12D773
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926504&bpp=168&bdt=127&idt=376&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3797678596&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077327%2C44795922&oid=2&pvsid=190623856967508&tmod=1557077730&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.616m0bwcx3pv&fsb=1&dtd=392
Frame ID: DAC32211D7DD197A9DD6360F28AB0FC0
Requests: 20 HTTP requests in this frame

Frame: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: AA9F53E86C8DFD2C461AF8838E2B27D0
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A0464835FAFF482795EC264EF137D66A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EF94621FADBDD077D1F53CFBAAA8DECE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQqu6YAhjCh-_0ATAB&v=APEucNWTg3bmWIdP5Av7fuIqB4TIAWhIzK0KFSUISIrTEf-tREABlPOG1oBJy7J3a7RzKz10bEqlvkApBcnSHFn3aFmk-CZHdkAcHjHQJNaZ_G7MnyMIQKViGBWy-6I4TfZaM_cHU6FQ7CDxaYYyVLrEp3WjdplmOmmwMir-1XjF4LerMeeTRwo
Frame ID: CED05ADE7C7E38510BEE8D381AF1EF84
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js
Frame ID: E192871221FCF06E0338AA3E889AB26B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B430F7174E9D65CB99EEC97EC88149C8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5CCDD35D3C6E8D7AFE835C88F5483355
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D8AB1613115584BCB087B800B19297B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24B48E9E17BB5D3A8FDE21B41DF338B4
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
Frame ID: 8B288CDE77C4112948AA653B6B36E61D
Requests: 45 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 784BA8C5845A71CE9D602C884990DAF4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CD3A2AF0DA582FD72DFD98EF86EEB34
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍼哆啦A夢（機器貓、小叮噹）新番【國語】免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

199
Requests

94 %
HTTPS

55 %
IPv6

25
Domains

37
Subdomains

31
IPs

10
Countries

2565 kB
Transfer

6292 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGcTGioi9yBgjNkZ6eUeqW8&google_cver=1&google_push=AXcoOmS60nIKozQtnq--KiNSKf991lsoLScawKQQvRRVEkF-ES_zJCe9bMYYvMarEo-uw7sVNvR_rpGxnn2ufBgAkYYguReJpl9s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS60nIKozQtnq--KiNSKf991lsoLScawKQQvRRVEkF-ES_zJCe9bMYYvMarEo-uw7sVNvR_rpGxnn2ufBgAkYYguReJpl9s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGcTGioi9yBgjNkZ6eUeqW8&google_cver=1&google_push=AXcoOmS60nIKozQtnq--KiNSKf991lsoLScawKQQvRRVEkF-ES_zJCe9bMYYvMarEo-uw7sVNvR_rpGxnn2ufBgAkYYguReJpl9s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS60nIKozQtnq--KiNSKf991lsoLScawKQQvRRVEkF-ES_zJCe9bMYYvMarEo-uw7sVNvR_rpGxnn2ufBgAkYYguReJpl9s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 97

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECA-X4Ty33LVuFn79AW2diw&google_cver=1&google_push=AXcoOmRa7RXoq56K4FtFUBsrtAjvQ9I7SIDq_DW1y51Ba6i98Qm75JflLRLduBg_y3j-6gUhT97i_ZXdmSc0Hq6O1qUpZ7XRw_Lp HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECA-X4Ty33LVuFn79AW2diw&google_cver=1&google_push=AXcoOmRa7RXoq56K4FtFUBsrtAjvQ9I7SIDq_DW1y51Ba6i98Qm75JflLRLduBg_y3j-6gUhT97i_ZXdmSc0Hq6O1qUpZ7XRw_Lp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU5Mzk1ODA2ODc3MTc5NTc1MQ&google_push=AXcoOmRa7RXoq56K4FtFUBsrtAjvQ9I7SIDq_DW1y51Ba6i98Qm75JflLRLduBg_y3j-6gUhT97i_ZXdmSc0Hq6O1qUpZ7XRw_Lp

Request Chain 99

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKLSnJXQD4gmEEVcKICAQSg&google_cver=1&google_push=AXcoOmQqasDxzPfaQJEdLsD3BGE5Y0b0b3l1pKAKCXSQlgYOmg8C5gBSe6lTa9zTChcqh6wxXwIa7MifPBOZsD5-goI6K8xIVq8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKLSnJXQD4gmEEVcKICAQSg&google_push=AXcoOmQqasDxzPfaQJEdLsD3BGE5Y0b0b3l1pKAKCXSQlgYOmg8C5gBSe6lTa9zTChcqh6wxXwIa7MifPBOZsD5-goI6K8xIVq8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKLSnJXQD4gmEEVcKICAQSg&google_hm=ZQHwh69AeSCpwDk0aF_0KQAAFGcAAAAB&google_nid=index&google_push=AXcoOmQqasDxzPfaQJEdLsD3BGE5Y0b0b3l1pKAKCXSQlgYOmg8C5gBSe6lTa9zTChcqh6wxXwIa7MifPBOZsD5-goI6K8xIVq8

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKepwgvB5WaDBHcxflcdnoY&google_cver=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQHwh69AeSCpwDk0aF-0KQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKepwgvB5WaDBHcxflcdnoY&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHLkYddq2BHmfgrt4HuHaoc&google_cver=1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE5MjI0OTYwOTY0MTk2NjIwMA%3D%3D

Request Chain 135

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJGt1KTjVtnfoilCJADEZsk&google_cver=1&google_push=AXcoOmRmS8vT2JuwuYp-ISCYaLln4nRDlpWP8JHPLSdL7A1HnpZqxeTVvgfqV38sZWXMZcgHLgh55KV7tC87EU4Yu4NozIOQ291PLfw6Mt84wFFN3KpBulAfpiZc4cdtDb_QvJEVNr92lk6wfQ3MRBBMsxL4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE4NTU1ODU3NTUxMDkyNjEyMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJGt1KTjVtnfoilCJADEZsk&google_cver=1

Request Chain 138

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECDKwX5QkldwcEgecySeROE&google_cver=1&google_push=AXcoOmRDOLgVmbOFF8pOEn513934YGoCPcHu2ZAkpindomRO7N1fsaPCtcOed3ESZv-g5fKaMCHeqBf3Vb4KMUuHmwo6T8_Z4h8RUQsPfIkLcZSxmgkNDhLKRsAxrtTglgsrUdDwf1q2zWqVXXgPpBcKE_vg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECDKwX5QkldwcEgecySeROE&google_push=AXcoOmRDOLgVmbOFF8pOEn513934YGoCPcHu2ZAkpindomRO7N1fsaPCtcOed3ESZv-g5fKaMCHeqBf3Vb4KMUuHmwo6T8_Z4h8RUQsPfIkLcZSxmgkNDhLKRsAxrtTglgsrUdDwf1q2zWqVXXgPpBcKE_vg

Request Chain 140

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJoCh7XGtqFPgwD8hXntqA0&google_cver=1&google_push=AXcoOmTCF-wy1QQeaDMufGgWF3Ic3Ek3nrBJbR75UgdWhSVZUcp1bxit6A6FdOmvdP_0sSk3JgI4f0970iYN7iH2JRtGiYbJz5uYokxGZSZEtqLPaVlF6swzx3LgsEmOcM4U-VO1Wcn7ZUimUNBkXaJXU1xz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzE5MjI0OTYwOTY0MTk2NjIwMA%3D%3D&google_gid=CAESEJoCh7XGtqFPgwD8hXntqA0&google_cver=1&google_push=AXcoOmTCF-wy1QQeaDMufGgWF3Ic3Ek3nrBJbR75UgdWhSVZUcp1bxit6A6FdOmvdP_0sSk3JgI4f0970iYN7iH2JRtGiYbJz5uYokxGZSZEtqLPaVlF6swzx3LgsEmOcM4U-VO1Wcn7ZUimUNBkXaJXU1xz

Request Chain 141

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESECTh1z0kBtFXD5OLmYwvHZ4&google_cver=1&google_push=AXcoOmSqzrhVsk5ArXVGW_pqKn3aRPxgZfmUlE_nBhVvFyttmeopbqr7DKcHYjkXNSSzo3zshxpxZktPs5SvZlN3cCsWSoB9X5mgw8tn1xhkU4EHal33DLBPO9cUzrrCUxIHlci__LG9AAz2-N2sJfx2vQLY6Q HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=a23f7a42-c1e9-4cc2-8399-cf49bb8207bf&google_cver=1&google_gid=CAESECTh1z0kBtFXD5OLmYwvHZ4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSqzrhVsk5ArXVGW_pqKn3aRPxgZfmUlE_nBhVvFyttmeopbqr7DKcHYjkXNSSzo3zshxpxZktPs5SvZlN3cCsWSoB9X5mgw8tn1xhkU4EHal33DLBPO9cUzrrCUxIHlci__LG9AAz2-N2sJfx2vQLY6Q&gdpr=${GDPR}

199 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request duolaameng_di3jiguoyu-tengzifbuerxiong Show response
www.xgcartoon.com/detail/ 171 KB
23 KB 1513ms
531ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: be8369cde59152040e83ce8fa0f805fe897d7aefcb55143aa80d1274eac23185

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 17:25:22 GMT
etag: "2ab14-A8N3Mx2FmlWRSi+CZu7XXkp/JuE"
expires: Wed, 13 Sep 2023 17:26:22 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 174ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abb10cb48ee591b0c9f225840cbe5db42325f2b8a6e6de024d42f1b35d2c05fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 17:25:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72928
x-xss-protection: 0
server: sffe
etag: "f87f507b897b58e2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 17:25:22 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 2027ms
1907ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b5bf86558934b68f6a6284900ba8f733bd7c22bb3c72bd26471843a44bb743b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 17:25:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23142
x-xss-protection: 0
server: sffe
etag: "6a968f96e45060d6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 17:25:24 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 223ms
108ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baeb44fbcc34426a9ecaa6da2af021848c04d86850235f2d53503f7e2abf6df0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 17:25:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9443
x-xss-protection: 0
server: sffe
etag: "fdbcbd0268737d7d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 17:25:22 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 182ms
68ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf56b2cabe2c48361ca22818fa72ed1f7fcc164dd5c57868f112ba49dd03f6b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 17:25:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14997
x-xss-protection: 0
server: sffe
etag: "7bc938fc29211ca7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 17:25:22 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 255ms
140ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d72a01e38febc03edb1ebbe3fb5b88e3976f7f5653af916be131ed3259bddd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 17:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15379
x-xss-protection: 0
server: sffe
etag: "ddf66755a41eeb70"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 17:25:23 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
6 KB 160ms
46ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de07c17694b3b586ecfea8692d819b3fa27a3ed4d895cbb25c48a1c52a8a9d26

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 17:25:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4736
x-xss-protection: 0
server: sffe
etag: "06f88ea3f9573f29"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 17:25:22 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 93ms
88ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98d272b4525bce1ab0accaba6ccae87c8b72e24ac77f7b76fa2ad10ed8a5fad5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 17:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10329
x-xss-protection: 0
server: sffe
etag: "6a2f7ae4dcae680f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 17:25:23 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 172ms
166ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2d0d3fdc1c807ba04b6a66564b4db6c0a1d997cc3b655e60f9ae294c5668225

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 17:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32157
x-xss-protection: 0
server: sffe
etag: "526f779e48dbd5da"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 17:25:23 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
469 B 186ms
145ms Image
image/gif 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 806216d1ff22380d-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 279ms
278ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:22 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Wed, 13 Sep 2023 17:28:22 GMT

GET
H2 200 duolaameng_di3jiguoyu-tengzifbuerxiong.jpg
static-a.xgcartoon.com/cover/ 21 KB
21 KB 1021ms
811ms Image
image/jpeg 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/duolaameng_di3jiguoyu-tengzifbuerxiong.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5d4dbba3c898b11aca6083d4aefd113f16b72cde7b7bba3c91bdf2bd7d785f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:24 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 02 Nov 2022 01:28:33 GMT
server: cloudflare
etag: "4AEF13B965ECF7389730A516F995AB2D"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 806216d53bcdbb71-FRA
content-length: 21768
expires: Wed, 13 Sep 2023 08:51:27 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 279ms
277ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:23 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Wed, 13 Sep 2023 17:28:23 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 280ms
278ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:23 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Wed, 13 Sep 2023 17:28:23 GMT

GET
H2 200 wanyuzhiwangguoyu-nicangtian.jpg
static-a.xgcartoon.com/cover/ 80 KB
80 KB 633ms
424ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wanyuzhiwangguoyu-nicangtian.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2c51c1cf699d852f931e465d4fafd201c4b07ae408f25122226846264c843fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:23 GMT
cf-cache-status: HIT
last-modified: Wed, 11 Jan 2023 06:57:41 GMT
server: cloudflare
etag: "0A627E2BC4B7D6BD3C83AC41A5A037BA"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 806216d53bd2bb71-FRA
content-length: 81575
expires: Sat, 16 Sep 2023 06:38:15 GMT

GET
H2 200 lingjianzunguoyu-yelaojiu.jpg
static-a.xgcartoon.com/cover/ 71 KB
71 KB 1224ms
1015ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/lingjianzunguoyu-yelaojiu.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02811bce4185fdc056d078e6d40ab27446ed0e074a8a3ba7ee918ca7ba8263d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:24 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 00:14:47 GMT
server: cloudflare
etag: "64A595514503305B5456BF760CC57A58"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 806216d53bd8bb71-FRA
content-length: 72756
expires: Sat, 16 Sep 2023 07:57:59 GMT

GET
H2 200 jidongzhanshigaodaseed_destiny-futianjijinyang.jpg
static-a.xgcartoon.com/cover/ 94 KB
94 KB 1207ms
999ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/jidongzhanshigaodaseed_destiny-futianjijinyang.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d3570d2de60c47940f8c80d5b642d2bcee72a9f8aa0b110c804f41e899d9156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:24 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 08:43:50 GMT
server: cloudflare
etag: "B07C7E8BDA338588285BB8BBD94F42E3"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 806216d53bddbb71-FRA
content-length: 96245
expires: Sat, 16 Sep 2023 05:58:17 GMT

GET
H2 200 youxiwang5dsyu-gi-oh_5dsriyu-zuotengyashi.jpg
static-a.xgcartoon.com/cover/ 12 KB
13 KB 1002ms
793ms Image
image/jpeg 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/youxiwang5dsyu-gi-oh_5dsriyu-zuotengyashi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96b3caa4d6e56ccbd206fb260d627d653af0caf2f2dd7c67b15dc6bf811252c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:24 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 10 Oct 2022 04:12:28 GMT
server: cloudflare
etag: "180B580DEE3706A16BD88536698CF032"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 806216d53bdbbb71-FRA
content-length: 12635
expires: Sat, 16 Sep 2023 07:55:41 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012309011827000/v0/ 8 KB
3 KB 121ms
43ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309011827000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2313b832ea2d9d8e3c1b5bd2b9ca3498ffe84065c84294ead0a6617f8c1241a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:07:40 GMT
age: 73063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2980
x-xss-protection: 0
server: sffe
etag: "1123f3a95b3d07e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:07:40 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012309011827000/v0/ 12 KB
4 KB 75ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309011827000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bbbe27a91eb385c7f86d2203bd841747096782df337bae2afdb74cf4fe90258

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:07:40 GMT
age: 73063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3934
x-xss-protection: 0
server: sffe
etag: "57ee2204276dd362"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:07:40 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012309011827000/v0/analytics-vendors/ 2 KB
886 B 40ms
39ms Fetch
application/json 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309011827000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:07:39 GMT
age: 73065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "eefb6e15c88944d2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:07:39 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 280ms
279ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong
AMP-Same-Origin: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:24 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Wed, 13 Sep 2023 17:28:24 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 49ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=3497&cid=amp-b9BLOFmzR_Jqbw47lgLEsg&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fduolaameng_di3jiguoyu-tengzifbuerxiong&dr=&dt=%F0%9F%8D%BC%E5%93%86%E5%95%A6A%E5%A4%A2%EF%BC%88%E6%A9%9F%E5%99%A8%E8%B2%93%E3%80%81%E5%B0%8F%E5%8F%AE%E5%99%B9%EF%BC%89%E6%96%B0%E7%95%AA%E3%80%90%E5%9C%8B%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1694625925&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012309011827000/v0/ 237 KB
63 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309011827000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e8d7b58a7d85453ef7267e187eddd9181d35c4c8d2393ed9563aa9a0089e2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:07:40 GMT
age: 73064
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64147
x-xss-protection: 0
server: sffe
etag: "201830000134ceff"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:07:40 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 1313ms
1226ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309011827000&d_imp=1&c=947003497&ga_cid=amp-b9BLOFmzR_Jqbw47lgLEsg&ga_hid=3497&dt=1694625924964&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fduolaameng_di3jiguoyu-tengzifbuerxiong&bdt=2141&dtd=16&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

640006c6533ac46b8d494a22517cbff2c990d5a427ce0c0cf1d531e344ff4077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13047
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJCmq8KNqIEDFaOV_Qcd8x8J1Q
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663415
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 139 KB
49 KB 2181ms
2095ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309011827000&d_imp=1&c=947003497&ga_cid=amp-b9BLOFmzR_Jqbw47lgLEsg&ga_hid=3497&dt=1694625924964&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fduolaameng_di3jiguoyu-tengzifbuerxiong&bdt=2141&dtd=17&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

905aa695b7f06692210a97e9d1e8c8c8c2c24d817129355884e1702bee6cdafa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48773
x-ampimps: https://securepubads.g.doubleclick.net/pagead/adview?ai=CljaQhvABZZ3gG_6v9u8PipyLsAfCjPLacvKE-uuVEbCQHxABINPLzjBgleKQgqAHoAGItd7cKcgBBuACAKgDAcgD2wSqBLkCT9C65oq6sTVE9PhO6TsrJu4yXKOa0PKIjmwNmsVyPt46RJBjWXpsOac1VbJHHjQXQ73md20feJsmKOZ9MDjk7Ml0eQGypG7jmzOBkSYL61WB6BO0_cI9cVe0LpruBqlaV-C7c_FEVLPKrRLZHoJNmLYEm1UgWtduqwI6NJyjeSJzMiVRYS0BGbduzTwFiL-3S2FhVQ29GKKEcuPSDtGOeuF5l-x7-MUJQcbkEsAuESsb0I04RygxYVrEy4Z274-kNDWeTtsZm-JeorX8l5aEW7e1g_NsgxoIDu2BFTIxzJFJMDwh6ptMt75c8h_ND74L_f9PvHKB8vcadrE4MWM5VTg7R4rG7GBzZdXJC8Iv9CPUCHUTBSXvofrbw0QTf9JSKtPOJx9N9n6HCGn9rUY3NtNMfI9EoJ5peMAE-dX8wbAE4AQBiAWc56OhTJIFBAgEGAGSBQQIBRgEoAY3gAfSh4rCBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDENJj0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJa2h0dHBzOi8vc3QtcGMua2luZ3Nncm91cGdhbWVzLmNvbS9sYW5kaW5nLTIuaHRtbD9tcz1nb29nbGUmdXRtX2NhbXBhaWduPTIwNDcwODg3MzI0JnV0bV9tZWRpdW09MTUwNDYyMjEyODU3gAoDyAsB2BMNiBQF0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=UzeRQ_1aD-w&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWH37qouW5Alt5G88at7vZ_gcMXvMjixgB&template_id=492
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CJ27_sKNqIEDFf6X_QcdCs4Cdg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: X-AmpImps,Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 13 Sep 2023 17:25:27 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 945ms
860ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309011827000&d_imp=1&c=947003497&ga_cid=amp-b9BLOFmzR_Jqbw47lgLEsg&ga_hid=3497&dt=1694625924964&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fduolaameng_di3jiguoyu-tengzifbuerxiong&bdt=2141&dtd=18&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8466410b2657a6b236e5eafd586f4a9f640a8166c7d183464c4a7ae307f6d70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 320x50
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13024
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CPWpq8KNqIEDFYeP_QcdBw8H_g
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324260115
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 13 Sep 2023 17:25:25 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 138 KB
48 KB 1519ms
1435ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309011827000&d_imp=1&c=947003497&ga_cid=amp-b9BLOFmzR_Jqbw47lgLEsg&ga_hid=3497&dt=1694625924964&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fduolaameng_di3jiguoyu-tengzifbuerxiong&bdt=2141&dtd=19&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4960de78c2158cd63dbe33513fb815dbb001453489e3d5077aff2fa3bf582529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48171
x-ampimps: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuzfChvABZdjXD9LG7_UP0aSW-Ab1ttn4crKm-f7pEbHR_d8FEAEg08vOMGCV4pCCoAegAdeZ7MwpyAEGqQJpqB7bjAOyPuACAKgDAcgD2wSqBLgCT9DNsimW80F-Yl3ATyT31mer5aLjHulxBQYlxBX-J5mkCQMpOUXu1e82TG97fgcMX8jHOU9ndLkvzNKnAc6KZKVdzwAFwsYq40VzF2NIy7OXinVpoAykjI4dcEtrWNkgi51Ey0DvqSp76Rmfu4iFolXM7CcUllonE7gqrpLJpY-JHnDIWj1u5yLVEBp6jh--A6lsJPskEbzdmxv03eAd3jJn3W0pn4bwDAOXMWDTB_Pv8-UAaI7Nl45e104H45Z2wT9xSBCuGcKYoFR6iyvpXH2nKKV1iQ4ubCK3iKVpLoVsmGbkoslWAIEfED6L3zZFbRvlrQaq7k1N1O6hjRmuXqzRTIBcSJxkxxL9ZVlU7uxNZqlkV4uHiNhc5gNW-31xaErdNbR2zOZjpzLcq7RLij-KMQuCUP2EwATy_sD4ugTgBAGIBarrspFMkgUECAQYAZIFBAgFGASgBjeAB9fRvKwEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ8C7SCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkpaHR0cHM6Ly9xdWlja2NhbGNzLmluZm8vcHJvZHVjdC9nYWNoYS1ub3iACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItMzAzOTE5OTUwMzQwMzYzNBiZ0iE&sigh=MSlBWgBTDMw&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWk94Xlp7hI5K4eg7Cdq8ZUwX_e_XCTxgB&template_id=492
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CNiy8sKNqIEDFVLjuwgdUZIFbw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: X-AmpImps,Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 139 KB
49 KB 697ms
613ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309011827000&d_imp=1&c=947003497&ga_cid=amp-b9BLOFmzR_Jqbw47lgLEsg&ga_hid=3497&dt=1694625924964&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fduolaameng_di3jiguoyu-tengzifbuerxiong&bdt=2141&dtd=20&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d129709e2ae7917ef81800739d3ff586aafac1e2feb8822b837dbf3a8a9a600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48272
x-ampimps: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwlA3hfABZbC2BrO99u8PmNS-2A3CjPLacvKE-uuVEbCQHxABINPLzjBgleKQgqAHoAGItd7cKcgBBuACAKgDAcgD2wSqBLgCT9AL4sxO5i9P1bKSKiKiZ2OINeewvEXfED4tkEGk7PYRCQWo8GGOW5XHOgoyxwU4wecMDb859kFj7B6xK9Ihu_Q4FfxszAQkp7xSfrhm1HTiAXBofsukgduFkCu5A6c1d6ODIsKgfI_6Ph_dcPJ6BKR0AQsj3zxDf-KB4h260Q9gM_luYugUknfBfflMCq4wTbDr-qIsWlKFNMfTIUlLM8Kip4KXUb7kncKxtfRM4-X3mU4r8JNyQ0-p7TOrWa8vvQst9XTf3BPNRU27tQ36ui2pNiCLjQtE0DeXUBMBSuXDzoNBAWnYSLtQ_0xqvHseyuyz5QcCjC7KztfOkLK1-Kn_U39PqGu2xkzjAPe7Qv4YstFWxQ-tfT6k6gWAI5sDpTUIvnCxSSxGDzP3grk78KJqaYvSeFmRwAT51fzBsATgBAGIBZzno6FMkgUECAQYAZIFBAgFGASgBjeAB9KHisIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ1aQB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJa2h0dHBzOi8vc3QtcGMua2luZ3Nncm91cGdhbWVzLmNvbS9sYW5kaW5nLTIuaHRtbD9tcz1nb29nbGUmdXRtX2NhbXBhaWduPTIwNDcwODg3MzI0JnV0bV9tZWRpdW09MTUwNDYyMjEyODU3gAoDyAsB2BMNiBQF0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=XhTVUBwQEvc&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWqw7PLn9ZZEHvLkERqScKNLkg52nWKRgB&template_id=492
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CPCMrMKNqIEDFbOe_QcdGKoP2w
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: X-AmpImps,Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 13 Sep 2023 17:25:25 GMT

GET
H2 200 container.html
a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 164ms
45ms Other
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H2 200 container.html Show response
a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B3B1 6 KB
3 KB 102ms
46ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:25 GMT
expires: Thu, 12 Sep 2024 17:25:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame B3B1 34 KB
13 KB 125ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 15:01:23 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B3B1 24 KB
7 KB 120ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Sep 2024 21:19:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3B1 181 KB
57 KB 157ms
72ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame B3B1 23 KB
9 KB 39ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:20:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame B3B1 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:11:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame B3B1 20 KB
8 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:19:17 GMT

GET
H2 200 container.html Show response
a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB3E 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:25 GMT
expires: Thu, 12 Sep 2024 17:25:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CB3E 24 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Sep 2024 21:19:17 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame CB3E 18 KB
8 KB 185ms
98ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29f5bca02afd4b92821ee9127e9be1f4a03901712c393d59176c4d1bba83a351

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7897
x-xss-protection: 0
server: cafe
etag: 12324545467016664750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB3E 181 KB
57 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5516428773321196598/ Frame B3B1 118 KB
118 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5516428773321196598/14763004658117789537?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qk72fMyg2J2q9Z5LOxzaVr9yWlLHg

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccc05ff0673263cfbb1058cea37c5dbeeef1904a1b2917c6f4a2434b19c96857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 00:08:39 GMT
x-content-type-options: nosniff
age: 407807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120951
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 10:10:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 00:08:39 GMT

GET
H2 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame B3B1 1 KB
1 KB 37ms
37ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 12:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191848
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 12:07:58 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB3E 0
462 B 74ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCFB_MMIF1etBvFNCylWUcAxUxYEtdQWBZZotsH8DnhDEDefzwykBpDg75GFqnJcijPm_FfjLQvmseOAJIQTZgUfey3KQf1wTICQo5DtssUQs-9nA07ddujV9ipr2OyjRH-N_x79zcGvewT-8sanEkU3xaJ7JT0RthT9jUuYh_c7GSZjlM27bsDB1PZXKSIjh3whzeRJXig31RQ1aVg2c41uUW4i0Ti6ds8wP3Xor38hPMNWDzJK-6FbNxas-vA9kZa3s3G2Un0X_YEcQenpsV_5z9MuOI9LsYuhY3QrTrrUrHiKXTImN3yjGlD8biAY2Dwp5Awd0YaqeHDX-479LGX4aSw0Kz2YQ06jZ-2XU&sai=AMfl-YSkiH1qxV9HN3UHWa3RZR3YV_LT--4JSBX6Wsoa9EfFQ6qKyEht3Ahmt2udeqdwJx-nKZKowzIdyL5BBfY&sig=Cg0ArKJSzIbC4QlB8CMsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 71E7 143 B
382 B 124ms
38ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B3B1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff2239afa3d30c04b4232c294e502b6094529c93548dcc73fd379a7dedc1f97f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CB3E 144 KB
50 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e53221fe168ffc2af2288372a3443cf677dcbb87297b025f543ca4f256564e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50599
x-xss-protection: 0
server: cafe
etag: 13799098884660279372
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 71E7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
50ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:26 GMT
expires: Wed, 13 Sep 2023 17:25:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 72E2 37 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 14:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 14:39:39 GMT

GET
H3 200 container.html Show response
a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 880D 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:25 GMT
expires: Thu, 12 Sep 2024 17:25:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ Frame CB3E 380 KB
129 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com&bust=31077838

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8804467c9d8f6f91afcad25bad0600cf18ee4969c19953a2a3fd3128bc494149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131913
x-xss-protection: 0
server: cafe
etag: 7636418953616133118
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230911/r20190131/ Frame A97A 10 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230911/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 14:24:43 GMT
etag: 8554266389219770021
expires: Wed, 27 Sep 2023 14:24:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 880D 24 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Sep 2024 21:19:17 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 880D 18 KB
8 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

926b25e086a993e0e8c3bc20400e43bdfed82b6def075791038aef2fe96f2aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7897
x-xss-protection: 0
server: cafe
etag: 9530502869522453915
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 880D 181 KB
57 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 880D 0
26 B 78ms
77ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBMIaFGc6oe8ef0j9PG-qVTyfC40eOnbGph252MDq1HRFO6knFanO9RfZolOHOmCLx1U5FqmazNHCxTJYuVQBZO1LzUECxVxmS9vcXWplimJ-o5eyr8V16vq4NOC-Mhomhjwt_hxfSlaOGhgTOutsZrjcJ2dbCMbSTNeX142-t3zHHrYmvmGbfmH1CTdtxkBaeZnjYD83igi7XmrbUi-edIdrN4-oyQh3aaMMcfBS8bkvRC9Ul8ZZ0luQRx9kCOgpRf6o2bqVyJp9_rq12YhY8NrIyphvDAZM26yD0esiyvC5IjB9gu1PokzAKKx3cT1EFkpBLdCd8_lqejKYLVd7jbWsjYt9-T1NyMM5rGvWl&sai=AMfl-YR8yB7_qXZ3PPHS7beEr63qCuF7BvZNOms8xzt0k5kDeMncoyk_ns6ytGX6UD4u0tZ7RU2QxyZdnjOmyF0&sig=Cg0ArKJSzHbHQgb1kubzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 880D 144 KB
49 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c721670cec5238f96996b4e4f26b3de20d6a9172c6aa8ec9aae703756b7f2b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50453
x-xss-protection: 0
server: cafe
etag: 6343428646936043974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
DATA 200
OK truncated
/ Frame 880D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba6127fb0dda1723841b4cca8f8cb995d8f07045a2dc9c28d548b4c7e19efb43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D64 6 KB
3 KB 36ms
36ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:25 GMT
expires: Thu, 12 Sep 2024 17:25:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 3D64 34 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 15:01:23 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3D64 24 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Sep 2024 21:19:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D64 181 KB
57 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame 3D64 23 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:20:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 3D64 3 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:11:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 3D64 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:19:17 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7AD5 39 KB
16 KB 468ms
467ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926181&bpp=173&bdt=202&idt=432&shv=r20230911&mjsv=m202309120101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3793223493&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077838%2C44796700%2C31077838&oid=2&pvsid=1028994788146602&tmod=815414458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.f4i64mmocyuk&fsb=1&dtd=447

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com&bust=31077838

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e171a7fdffab35925046826f6f327386fed298bc4aa24357748a2d912d79a7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16340
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame 3D64 1 KB
757 B 39ms
39ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 12:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191848
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 12:07:58 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15479200821793516080/ Frame 3D64 93 KB
94 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15479200821793516080/14763004658117789537?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qmMTPhTRsfkJ-oTLDdzsYadq0GMBw

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9e5e19ad973ee839b37434359c2a820468a5b651524b8ff88fbd10053112d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:49:01 GMT
x-content-type-options: nosniff
age: 70585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95719
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 10:46:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 21:49:01 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame 880D 379 KB
129 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd8772a0b62ae391e00b508dd8859f4eab7ea6319916ee54fb644b0bb017194c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131798
x-xss-protection: 0
server: cafe
etag: 11630537781152734645
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:26 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEED 143 B
166 B 35ms
35ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEED
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:26 GMT
expires: Wed, 13 Sep 2023 17:25:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C1F 37 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 14:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 14:39:39 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DAC3 25 KB
12 KB 493ms
493ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926504&bpp=168&bdt=127&idt=376&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3797678596&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077327%2C44795922&oid=2&pvsid=190623856967508&tmod=1557077730&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.616m0bwcx3pv&fsb=1&dtd=392

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a577e88bf8abf36e0a6bbf16d0d7816062c4a63cde3be409caa0548f36a7ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12044
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Xasset8llj6XeU.png
ads.w55c.net/t/d/ Frame 7AD5 22 KB
22 KB 85ms
16ms Image
image/png 2600:9000:26da:6000:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/Xasset8llj6XeU.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=OEUyMzFBNUQ1QzkxN0IzQjhDNkE0ODU2NzFGOEI5Nzd8R0ZZcHNNYTZQOXwxNjk0NjI1OTI2ODcwfDF8WG1KVFAyNDVlMHxYUk5XZ1NTd0FTfC0xMTA4NzM5NzNfRVh8NTA4Mzh8fHx8LjBQfFVTRA&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMSMwLjM0Mjc0MTF8SUFCMTkjMC4xMzM5Mjg5NHxJQUIxOS0xNyMwLjEzMzkyODk0fElBQjktMjgjMC4xMzM5Mjg5NHxJQUIxLTUjMC4xMzM5Mjg5NHxJQUI5IzAuMTMzOTI4OTQ&ci=Xm5m1vekkx&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fwww.xgcartoon.com&ts=1694625926873&c=DE&r=G-HE&epid=R0wxMDA5Ng&mi=d2Vi&wp_exchange=NWP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926181&bpp=173&bdt=202&idt=432&shv=r20230911&mjsv=m202309120101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3793223493&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077838%2C44796700%2C31077838&oid=2&pvsid=1028994788146602&tmod=815414458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.f4i64mmocyuk&fsb=1&dtd=447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:6000:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 355a21b458fbaddeb208a121991878e8c1863c7786838a67790975b68c039ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: 7JfvcQggET4tnVjPFl2AMQ340ghQ1pvw
date: Wed, 13 Sep 2023 11:10:30 GMT
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 23849
x-amz-server-side-encryption: AES256
x-amz-meta-width: 320
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 22064
x-amz-meta-height: 50
content-length: 22064
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "1bc0fac0c7e4ae47d83cf9b5ba96bfdb"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: oad4Hi2buy29dazVvNAvH07_Zht-i-7uvh9yrzfBqo0w7r8RQlA06Q==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 7AD5 95 B
922 B 180ms
35ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=2784813298692397
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926181&bpp=173&bdt=202&idt=432&shv=r20230911&mjsv=m202309120101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3793223493&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077838%2C44796700%2C31077838&oid=2&pvsid=1028994788146602&tmod=815414458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.f4i64mmocyuk&fsb=1&dtd=447
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 Mumbai, India, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 17:25:27 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Sat, 10 Sep 2033 17:25:27 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 7AD5 5 KB
3 KB 98ms
20ms Script
application/javascript 2600:9000:20c3:d200:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=320&h=50&zindex=0&ci=Xm5m1vekkx&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxMDA5Ng&fiu=WG1KVFAyNDVlMA&s=https%3A%2F%2Fwww.xgcartoon.com&ciu=XRNWgSSwAS&btid=OEUyMzFBNUQ1QzkxN0IzQjhDNkE0ODU2NzFGOEI5Nzd8R0ZZcHNNYTZQOXwxNjk0NjI1OTI2ODcwfDF8WG1KVFAyNDVlMHxYUk5XZ1NTd0FTfC0xMTA4NzM5NzNfRVh8NTA4Mzh8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=xgcartoon.com&cip=1&hmt=1&uidu=CAESEJddectKMeMLw2xwlt9lwzw&spidu=GOOGLE&pidu=10096&hmpvu=b156f876-7acf-42f3-9d80-527deb35be0a&hmtsu=3&odtu=2&mtfu=1&crdmu=320x50&cridu=XRNWgSSwAS&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926181&bpp=173&bdt=202&idt=432&shv=r20230911&mjsv=m202309120101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3793223493&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077838%2C44796700%2C31077838&oid=2&pvsid=1028994788146602&tmod=815414458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.f4i64mmocyuk&fsb=1&dtd=447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c3:d200:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: gzip
via: 1.1 ea6cdb5ba8bfb6f6aa18ec6651e5bc42.cloudfront.net (CloudFront)
date: Sun, 10 Sep 2023 23:44:21 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: MUC50-C1
age: 236466
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: 4JMXHFSKfglMWBRJWJCXxF_5IcpB2nsWx6zs__kdmgmQOzXSVMFfog==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 7AD5 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:11:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 7AD5 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:19:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7AD5 181 KB
57 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:27 GMT

GET
H3 200 container.html Show response
a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA9F 6 KB
3 KB 37ms
35ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:25 GMT
expires: Thu, 12 Sep 2024 17:25:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A046 1 KB
643 B 36ms
36ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 09:36:10 GMT
etag: 48472445140208031
expires: Thu, 14 Sep 2023 09:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame AA9F 34 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 15:01:23 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AA9F 24 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Sep 2024 21:19:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA9F 181 KB
57 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame AA9F 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:20:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame AA9F 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:11:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame AA9F 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:19:17 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A046
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGcTGioi9yBgjNkZ6eUeqW8&google_cver=1&google_push=AXcoOmS60nIKozQtnq--KiNSKf991lsoLScawKQQvRRVEkF-ES_zJCe9bMYYvMarEo-uw7sVNvR_rpGxnn2ufBgAkYYguReJpl9s&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGcTGioi9yBgjNkZ6eUeqW8&google_cver=1&google_push=AXcoOmS60nIKozQtnq--KiNSKf991lsoLScawKQQvRRVEkF-ES_zJCe9bMYYvMarEo-uw7sVNvR_rpGxnn2ufBgAkYYguReJpl9...

43 B
417 B

174ms
173ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGcTGioi9yBgjNkZ6eUeqW8&google_cver=1&google_push=AXcoOmS60nIKozQtnq--KiNSKf991lsoLScawKQQvRRVEkF-ES_zJCe9bMYYvMarEo-uw7sVNvR_rpGxnn2ufBgAkYYguReJpl9s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS60nIKozQtnq--KiNSKf991lsoLScawKQQvRRVEkF-ES_zJCe9bMYYvMarEo-uw7sVNvR_rpGxnn2ufBgAkYYguReJpl9s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 806216eec91e9a2d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 99
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGcTGioi9yBgjNkZ6eUeqW8&google_cver=1&google_push=AXcoOmS60nIKozQtnq--KiNSKf991lsoLScawKQQvRRVEkF-ES_zJCe9bMYYvMarEo-uw7sVNvR_rpGxnn2ufBgAkYYguReJpl9s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS60nIKozQtnq--KiNSKf991lsoLScawKQQvRRVEkF-ES_zJCe9bMYYvMarEo-uw7sVNvR_rpGxnn2ufBgAkYYguReJpl9s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 806216edbfe89a2d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame A046 43 B
146 B 40ms
9ms Image
image/gif 18.158.137.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOPC-UZULd210aiU_tw5iFU&google_cver=1&google_push=AXcoOmTylnLS1IucPq54SnTnWuLEFd4sTFBtk6VV2zExNPV3bdCSclajt-wQH3enZ8kLOgO8dymcfXIFgafZrvkCBJIDDzUycXSf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926181&bpp=173&bdt=202&idt=432&shv=r20230911&mjsv=m202309120101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3793223493&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077838%2C44796700%2C31077838&oid=2&pvsid=1028994788146602&tmod=815414458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.f4i64mmocyuk&fsb=1&dtd=447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.137.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-137-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame A046 43 B
363 B 58ms
16ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTG0-Ci30VGvKqt3GRPVO1QvWtshfGrbwZjKyM4b_CV3roYvJoQZ1a43ijsQdlxnMwrAfypnhwQ3evd9xIzKX1XfMulaJAE&google_gid=CAESEDlJxZK2_TNXDqJsoYVb1k4&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 192351
expires: Wed, 13 Sep 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A046
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECA-X4Ty33LVuFn79AW2diw&google_cver=1&google_push=AXcoOmRa7RXoq56K4FtFUBsrtAjvQ9I7SIDq_DW1y51Ba6i98Qm75JflLRLduBg_y3j-6gUhT97i_ZXd...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECA-X4Ty33LVuFn79AW2diw&google_cver=1&google_push=AXcoOmRa7RXoq56K4FtFUBsrtAjvQ9I7SIDq_DW1y51Ba6i98Qm75JflLRLduBg_y3j-6gUhT97...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU5Mzk1ODA2ODc3MTc5NTc1MQ&google_push=AXcoOmRa7RXoq56K4FtFUBsrtAjvQ9I7SIDq_DW1y51Ba6i98Qm75JflLRLduBg_y3j-6gUhT97i_Z...

170 B
232 B

49ms
48ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU5Mzk1ODA2ODc3MTc5NTc1MQ&google_push=AXcoOmRa7RXoq56K4FtFUBsrtAjvQ9I7SIDq_DW1y51Ba6i98Qm75JflLRLduBg_y3j-6gUhT97i_ZXdmSc0Hq6O1qUpZ7XRw_Lp

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU5Mzk1ODA2ODc3MTc5NTc1MQ&google_push=AXcoOmRa7RXoq56K4FtFUBsrtAjvQ9I7SIDq_DW1y51Ba6i98Qm75JflLRLduBg_y3j-6gUhT97i_ZXdmSc0Hq6O1qUpZ7XRw_Lp
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame A046 43 B
245 B 60ms
18ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELwtl1LD_PLZkgKdn98zhn0&google_cver=1&google_push=AXcoOmTr4jxuqzZhBYzsDhPUKdbvSIAeOtM_rOBuLziRtZ7FIlWTCZ02kvSQlZKd6EkKusllji-HtElY2_TSPGRQt2BZNAg_1JvQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926181&bpp=173&bdt=202&idt=432&shv=r20230911&mjsv=m202309120101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3793223493&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077838%2C44796700%2C31077838&oid=2&pvsid=1028994788146602&tmod=815414458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.f4i64mmocyuk&fsb=1&dtd=447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A046
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKLSnJXQD4gmEEVcKICAQSg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKLSnJXQD4gmEEVcKICAQSg&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKLSnJXQD4gmEEVcKICAQSg&google_hm=ZQHwh69AeSCpwDk0aF_0KQAAFGcAAAAB&google_nid=index&google_push=AXcoOmQqasDxzPfaQJEdLsD3BGE5Y0b0b3l1p...

170 B
329 B

49ms
49ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKLSnJXQD4gmEEVcKICAQSg&google_hm=ZQHwh69AeSCpwDk0aF_0KQAAFGcAAAAB&google_nid=index&google_push=AXcoOmQqasDxzPfaQJEdLsD3BGE5Y0b0b3l1pKAKCXSQlgYOmg8C5gBSe6lTa9zTChcqh6wxXwIa7MifPBOZsD5-goI6K8xIVq8

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvvMczj9uUyjR67XYo%2BBDu8ZtJrbPLz5D9ej2XMfJ9oy3x15DHmICSVbNsmvjDxf1jURUUESYpCybpUEuQS1HG%2BkM9MwOhzIyIAp8WS%2Fa5YsCcnEjNCUGInEd65n%2FTFDb67VeNGpMeUNyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKLSnJXQD4gmEEVcKICAQSg&google_hm=ZQHwh69AeSCpwDk0aF_0KQAAFGcAAAAB&google_nid=index&google_push=AXcoOmQqasDxzPfaQJEdLsD3BGE5Y0b0b3l1pKAKCXSQlgYOmg8C5gBSe6lTa9zTChcqh6wxXwIa7MifPBOZsD5-goI6K8xIVq8
cache-control: no-cache
cf-ray: 806216edfa983a92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame A046 0
237 B 75ms
31ms Image
text/plain 2600:9000:25e8:7e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEModem9ylklK_IAwaM113yo&google_cver=1&google_push=AXcoOmSOwTA_8VUwm_QyRpC4kJTxKbDmORAFDxXbj4XL5snlRyy9y-rXfje6__-bXVDxuBdQdpF9aeLevLdKLBkJi5u1h6aOaWfb
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926181&bpp=173&bdt=202&idt=432&shv=r20230911&mjsv=m202309120101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3793223493&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077838%2C44796700%2C31077838&oid=2&pvsid=1028994788146602&tmod=815414458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.f4i64mmocyuk&fsb=1&dtd=447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25e8:7e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
cache-control: no-cache, must-revalidate
via: 1.1 8e8e0fdfe938f4dbcfa8bb4284454f5a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P3
x-amz-cf-id: 5RujjVpHcSpno6LTMUvlFiwqxIxNl5XYok4kv4BXqUF1Tm3TGCgPgg==
x-cache: Miss from cloudfront

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A046 0
130 B 148ms
48ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiswicUQIE-JCnlD6eDLEv4ybb2MrUvw188PO5QoMPoFRRsItJf5BQzyWCSGEqpE3qPuO9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5516428773321196598/ Frame AA9F 118 KB
118 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccc05ff0673263cfbb1058cea37c5dbeeef1904a1b2917c6f4a2434b19c96857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 00:08:39 GMT
x-content-type-options: nosniff
age: 407808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120951
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 10:10:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 00:08:39 GMT

GET
H3 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame AA9F 1 KB
757 B 44ms
43ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 12:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 12:07:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7AD5 0
19 B 84ms
83ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-jtahvABZb25LNiYngWnsbGIA7qItI9cnNfu7qkIwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBMkBT9CM4pw01PETtutT3ndKCQzmUdhHlVYULUhSQqwl5qLHCV6Q4viB9YDJZ-PO6YE88ekl5zlSkSw9_WHG5Ggu-upwDT0nSVT831Jz3SLQYs2aeGmKWxu2dx9tj1zNih1LJ3lSUpIBkb_gaCLYwMy9dFWh2Wm592WA_lvmgyUBb9HfNXFy2tAGRu4gJvL-1bDK9EMZYTuWxjYRh39L9o9ozT2AxmHcsIFr8CYmHYpac7TcVlq78v9M0RfX1W1W4BHI6lmIqugMmcYPgAa-loWL8NKyq2igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=EZNmFuCmDfI&uach_m=[UACH]&cid=CAQSKQBpAlJWUT_dBhhh7KNdi7nHSIcDC5PHy9qowpLAFSy9H77fYLg6t_HVGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926181&bpp=173&bdt=202&idt=432&shv=r20230911&mjsv=m202309120101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3793223493&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077838%2C44796700%2C31077838&oid=2&pvsid=1028994788146602&tmod=815414458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.f4i64mmocyuk&fsb=1&dtd=447
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Sep 2023 17:25:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200 a.gif
i.w55c.net/ Frame 7AD5 42 B
611 B 54ms
8ms Image
image/gif 52.29.79.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=OEUyMzFBNUQ1QzkxN0IzQjhDNkE0ODU2NzFGOEI5Nzd8R0ZZcHNNYTZQOXwxNjk0NjI1OTI2ODcwfDF8WG1KVFAyNDVlMHxYUk5XZ1NTd0FTfC0xMTA4NzM5NzNfRVh8NTA4Mzh8fHx8LjBQfFVTRA&ei=GOOGLE&wp_exchange=ZQHwhgALHL0Kp4xYAAxYp8ZdUYwELKkTX7Rybg&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMSMwLjM0Mjc0MTF8SUFCMTkjMC4xMzM5Mjg5NHxJQUIxOS0xNyMwLjEzMzkyODk0fElBQjktMjgjMC4xMzM5Mjg5NHxJQUIxLTUjMC4xMzM5Mjg5NHxJQUI5IzAuMTMzOTI4OTQ&ci=Xm5m1vekkx&fiu=WG1KVFAyNDVlMA&fid=XmJTP245e0&sd=xgcartoon.com&s=https%3A%2F%2Fwww.xgcartoon.com&ts=1694625926873&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=2784813298692397&epid=R0wxMDA5Ng&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU13R2ZKcjZ5OQ&l=emh8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VKZGRlY3RLTWVNTHcyeHdsdDlsd3p3&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=X1FtevLfxz2Dizvz7GzYxg&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEJddectKMeMLw2xwlt9lwzw&spidu=GOOGLE&pidu=10096&hmpvu=b156f876-7acf-42f3-9d80-527deb35be0a&hmtsu=3&odtu=2&mtfu=1&crdmu=320x50&cridu=XRNWgSSwAS&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.79.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-79-55.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Sep 2023 17:25:27 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EF94 143 B
166 B 37ms
35ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AA9F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c25bf63b34db2733d7f0921aa8d3216c22b9685251419b84b6f5ac607fbd99e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC3 42 B
63 B 138ms
137ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DO5nIpqH7dSzhrNwKc15up9HsuNvHwxIKyCC5Ec68TiV65bBKxomTGnLKr13TDW0Vjbuo49kA8W61DfalFgqxBie8PP2g_HGAbhuEVxzqqn1OnBSQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926504&bpp=168&bdt=127&idt=376&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3797678596&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077327%2C44795922&oid=2&pvsid=190623856967508&tmod=1557077730&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.616m0bwcx3pv&fsb=1&dtd=392

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC3 0
20 B 136ms
136ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=945741472868457989&x=1&ct=119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DAC3 86 KB
29 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame DAC3 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:11:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame DAC3 20 KB
8 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:19:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DAC3 0
0 47ms
46ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTypzkf8yL51NqbzvUwCnMXAhVnFru9YT4fut8clf4b7P0YYIAhpCN_9Szk6R0gYgilJbJEpz75B6RmQUF5w50QVXaG6w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926504&bpp=168&bdt=127&idt=376&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3797678596&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077327%2C44795922&oid=2&pvsid=190623856967508&tmod=1557077730&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.616m0bwcx3pv&fsb=1&dtd=392
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAC3 181 KB
57 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:27 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CED0 624 B
245 B 77ms
77ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQqu6YAhjCh-_0ATAB&v=APEucNWTg3bmWIdP5Av7fuIqB4TIAWhIzK0KFSUISIrTEf-tREABlPOG1oBJy7J3a7RzKz10bEqlvkApBcnSHFn3aFmk-CZHdkAcHjHQJNaZ_G7MnyMIQKViGBWy-6I4TfZaM_cHU6FQ7CDxaYYyVLrEp3WjdplmOmmwMir-1XjF4LerMeeTRwo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926504&bpp=168&bdt=127&idt=376&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3797678596&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077327%2C44795922&oid=2&pvsid=190623856967508&tmod=1557077730&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.616m0bwcx3pv&fsb=1&dtd=392
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:27 GMT
expires: Wed, 13 Sep 2023 17:25:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EF94
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
56ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:27 GMT
expires: Wed, 13 Sep 2023 17:25:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame E192 37 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
URL: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 14:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 14:39:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB3E 0
0 153ms
76ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPGVZm6IozTCzp4fk2zx4zWA5K2gs_9sJswQDX_HqjkhIp4ooqHg2ofpzjFvo3Gh4RVs-5R5P2CU3fOD2uvlS9e5-cadnNenHpsco43D-fvP4cbFlIavM6Mix1rktM6LWCOFz8jyNDyEKl6KJdNvzmHvUlwp6vAeiA_qQx8dahFfthvkiEzmDf7oSntatY6negUy--J7VxLNEVukYXZ9VGAqwCxPXd_uNf4ziC0Yjve9OS5XRGcV0Agua85L0gDsp893SYfV_mUlqnDV0au5ImB5bYOes0n1jMDFds_yPSgiKIf2vIE2bi6HO47dBwWUMXaePaikNcC2t-OWIOcmbhLgzLTTTSg0bSkdCtNCZEdA&sai=AMfl-YRKvyE6kUfl_F842BqcLj78pxGx3rQPvmgvNusuQCQ3pKVbgkIF1dJ35D1qpopr6TQI-yp9kIRzOIen-Uw&sig=Cg0ArKJSzF-cdfV_uqqYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 17:25:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CB3E 15 KB
12 KB 174ms
96ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230911&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b66d15aaf0e154da35bb055804627bfa094ce6a28187c13d011efd52f01bf6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11939
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CED0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKepwgvB5WaDBHcxflcdnoY&google_cver=1

43 B
770 B

48ms
48ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKepwgvB5WaDBHcxflcdnoY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQqu6YAhjCh-_0ATAB&v=APEucNWTg3bmWIdP5Av7fuIqB4TIAWhIzK0KFSUISIrTEf-tREABlPOG1oBJy7J3a7RzKz10bEqlvkApBcnSHFn3aFmk-CZHdkAcHjHQJNaZ_G7MnyMIQKViGBWy-6I4TfZaM_cHU6FQ7CDxaYYyVLrEp3WjdplmOmmwMir-1XjF4LerMeeTRwo
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6WQmi2wG31W4XIuQ0yh%2BIfHX%2F%2Fowxxq24SmTaALoMABFp5xABTRAfShOLuM3Qz2FcU3qrEMmL6VbL0ZIZy1eya4KgNbbopgMKzhaBkxmP%2Bs4pamOJvB4j5XrVgxjnCM7MHuXzYTPH7SRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 806216efa87f085c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKepwgvB5WaDBHcxflcdnoY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CED0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQHwh69AeSCpwDk0aF-0KQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKepwgvB5WaDBHcxflcdnoY&google_cver=1

43 B
730 B

33ms
33ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKepwgvB5WaDBHcxflcdnoY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQqu6YAhjCh-_0ATAB&v=APEucNWTg3bmWIdP5Av7fuIqB4TIAWhIzK0KFSUISIrTEf-tREABlPOG1oBJy7J3a7RzKz10bEqlvkApBcnSHFn3aFmk-CZHdkAcHjHQJNaZ_G7MnyMIQKViGBWy-6I4TfZaM_cHU6FQ7CDxaYYyVLrEp3WjdplmOmmwMir-1XjF4LerMeeTRwo
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4c0OA3cvT4r70oG1kgZzUazgD2CLFiB5T%2ByrYtAGEuDMVUcjz1xYsORAXAgjvVbHy63xe3HId8UTkbHosDSfJTMBtcoZ4SRshbKArJmHBXHBN0uMDqUAdb0z3AxMzbD2dB%2BsVtnALDFtxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 806216efe8cb085c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKepwgvB5WaDBHcxflcdnoY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame CED0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHLkYddq2BHmfgrt4HuHaoc&google_cver=1

43 B
842 B

22ms
21ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHLkYddq2BHmfgrt4HuHaoc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQqu6YAhjCh-_0ATAB&v=APEucNWTg3bmWIdP5Av7fuIqB4TIAWhIzK0KFSUISIrTEf-tREABlPOG1oBJy7J3a7RzKz10bEqlvkApBcnSHFn3aFmk-CZHdkAcHjHQJNaZ_G7MnyMIQKViGBWy-6I4TfZaM_cHU6FQ7CDxaYYyVLrEp3WjdplmOmmwMir-1XjF4LerMeeTRwo

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
an-x-request-uuid: e3c6b3bc-05df-4218-b8c8-eeab108c6f51
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.135; 185.213.155.135; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHLkYddq2BHmfgrt4HuHaoc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CED0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE5MjI0OTYwOTY0MTk2NjIwMA%3D%3D

170 B
188 B

46ms
46ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE5MjI0OTYwOTY0MTk2NjIwMA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
an-x-request-uuid: bd5fd09a-debb-4bba-be3e-020e79d96e24
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE5MjI0OTYwOTY0MTk2NjIwMA%3D%3D
x-proxy-origin: 185.213.155.135; 185.213.155.135; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC3 0
20 B 140ms
140ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1658481744427&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC3 0
20 B 136ms
136ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1658481744427&version=m202307240101&ct=119&x=1&cor=945741472868458000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DAC3 91 KB
37 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5s_M9vhJbC6Al3viUV37BPJRaETDJNSKsWeY4gR1VPLLTSurfS4hciAJNjUSoQe7uDRCslrkFQcrNItMsbnJSReOEHy9_EOqxm1RnCINmmzbsn5OytSQ-aaM8Kvz5NaivE4fuJC4TtoKB6Kz61B8sJMcue_LRYIAJ0h37oqkC1E_6t18&cry=1&dbm_d=AKAmf-CoukJyfyv9PgvwzPiHHJAWywjcQVXflvLq1Vva6fciHJjlaXw3E63G3L1pScTyEgWwR_EMqUjs2kRzMhNaID9ZWlf9YCWPTYE-96PgMicR3HWkB7cuf__YF7PkEwm1yKHrMKzehazW164sSSLTRRagwnn-SNaSjsHcp01urJDZODT_ddVxrs1h5lFI8p0vv2eBtChB-TCYbxMdpYY9QROnHCTBKbkn6BFqYHfr2KgtHvy1Jj5v4eqS4UHD0zpJTeBDHpMeXrRoUGpKaU5KGeO8E9_nBgK8vIW3wQ1MCtO96ZQSgefA4JcOttATfH8vdKbuj7vwkiAZrH_-QoCYrppkG5V_1uxwf_TSToWSlNt8IIu1qdzZu69lFtb0Rm-IkN5x0b7uRz4srCRnXruKznyV2VJJHyHiv0Hqg2ovJz7lmA3quXhq1VBTU7ARH274wYBnzst0Hp61yK4QHCcu4WWwAnemCXNH-MjpqWbiR6HOeMXTNfSeojhjXKB7BFzd72jDsKpGd0DxdRxfATsYFc0acDzXjLckvngK9FJs3EI5PcAQT7UHHaBIrCFSAbteow3SY2lGa9zlxd69XZKP1PpQ7yXl-77fuDs6kUONZONOwjPV1pt0PRCFGicCTGI95X-KZW5PPaNgT-zjV1zHBLmwm2i3WmjGnea3f3LHgaHdHBz3IvOIK_rh0UoYbtHHZoYwyZBZBNpm4Qg_F-eejryrsFjKteKjYUXGTnjPS7GU9bBYNSJ---V1aJzC4xS6VjEshEip9p6pKVF710VKt_cRBfl4GbTc6vaxJs1uRQVcAp0Bsp2M-jF_osyGDK1X65p71l4Xx47PCHEVJrok_zkjiqSSraTy5L3y69xy2EsUy4DnsqQVUt-LASGVfRd0ikH64KFic7DqEYguxjeRrR4dix9I8P77Ajc77986TCEH34Vb85vsLNwZz4kP4zAeh95otGeB2rxwgBYoCO8DmeixZIQx6_5j1V1f92uwr6hKHmFTQFaaxi4Ijk3m9W4s7QR9EdmNZSrx8PJ9FlxVsv0z-vRz-3y1VcrU-EBKkFdJa5zjwA2auAPoj59rE9PzmF5u8taDF7lDQarUaf70j5OxDUZCbe48UmWXqqC9-Kzqe6-QdF5F31AeE2ix82dG8Lo0Jdz4hrS0CVGuDvp34M0YW46HXLloRTGOJqZXhDytN6rAU_-T3ePCWVCmTjbzb443tKvu8gpJQLA96NM2ZIymREun0mETUyBMVjiyxhIwkTvlsl9FwRtOo0aW7gLkea8mVGRwHShDV7gBUoRmm3eIUTfvXRa-YPYtRwFa2hB2swkFvfNjFKr2jBM7Pt2lb0yPK1hv4Ys8Hp1pxgIf86zLXbBIoX4XC1IawrFGv83Xxs2jYe_bsQUsFfeS0aIXejK3m41zsWLMv74l0X3E-TMY1Z2hRGqRfTqTtIx0TNbAKdFYEOt6U6qRF5N2vMbRS40z6-aH3xQYvzQ1YEX4BMUkfwrCbzTxKwJ4y1MXcl3V7COTZobQdr2YDrz2cZb8-1_KXxm5uSezoyxfA4xcSVMsdc6xZnfxMMBBDExyKC4F5hCUWV7UAS2CfRFJptEmYdVKfNr29LXX2tE8Y3tmsY-Y6esVEAoyOCjGSz3stU-LkaI2rH2gFC4SSFEinZr1khhYlXlVdXdWujnQE08kLyTcS6yKGAGvvLiA23bIRQeVDwxq89Hf_tHZKfAOArSaIUlLE42-2Y1olXxXhWT0ZVK_Rq8OHWrdNAumnXrCnU_p13wTHyx3Bdh7Vd1nNlTGO7i9sqy3H9rqMlPZ4mZ1cb6bRUPQOmSW55gcZj4y7Wn4e3PtJ1BRFd_Bi_sRW59nshOwbO0ABqCfsk9q5MC0-waRCK37WVZryX6-FvdcTDM95qWG2sCvD6jKSmXoOQGBULAzAChpP1yNQa2yEhcDi1Omy1rd4b9b3tWEntrootJMLosNsHhCdxBPxVkSW0l_hdhz8uhEXiKH9oRs8vGarfcBq9ElVHnlZCN59xBp8tc_NQwvC1ztvBXPpu3CT6YTDunnzqgJWGYbdqMoC5jlDsCLNrGrg9Zq5wG-9Jhs0dNu9o-0W383nBZrurYSDjLSSlIw5cS8MRSYhTMxt--gbp2te_siCCpy76KFdK9CS8JfA_1sVm-KLToVh6lowfxOttkIAGlbLZIWnMp15ggn_I7yg4LuWo9z6_1XgUwN7qiZ7uBAyAZAJNEHlPpbtgY3kjU5pl-lqVhc14dJn17uR3CNIpKQgi1O-s0bB_GoK6P6FksyJQDYG4GrJY-0tDJqjgUV-M6Pr8XVo7GnfQPEtEAgzXQhUGk11GRIVx0kkWVTrwazhBNiNutir_VCQ19SQxru-QbHqrIwbtF2fHF1ayx8_0PMJqrIXN83BU1qoez7dHuW19xGg4yewAm6E9DVgk-IMF8j47351bJBnDl8Rc8px4s5kArrIaGRgdjcEwxfnFJTvmfqz_PqM4tYanAE0OYqPogv1EE9rWP5F6Cks4S1FmoV2xwk1YJFOnM1Ike-y90ReCFfGEFtoSURF0Vks1AO5hriKNFqpq_Tmnhx-AEFpEUcXvFjGgIMMoDvXl92R90GJESzDmbegwRFO_jAvpyaTaCOlpPHuiqGJ22RmaXdNFTbputWlGplE2Xw0bkqxxgQffne2RfAOpUOOLNxBiCtPdqrya6BdJPgvfEeyxSooZWn_R0zto3E5GV_1oxZFeG9wIDMVcn3nPPo7q2ficpeC3zw9vAeh3w9VnxW1WG5jeh8bwTwZD3H5CJhiet3JRS-3Z9ipTSfa76XeAllTmK62NniVv40LYUK4LNSVrJaOpIJZ0RmZ5sYIHdH7R-vIDb6ZVeRLcgYTMGQCb4_X__zV9Hu3KmH71pcFTV6VJnV3F8l_kbtckQ_wtaV6UUyZENGX39YNohqa1ppuVOwfOhQ2oB3ggzAeBsvVpzq9ETmwfRmLhh-WGlvh7Q8aGn0RiG_YXShhX17wnUcThkVu7a9KUhZGJ_K5wxrjZRrChqdBMx18beMRQjniPy5F7HnOdjUie6n2jSV2Pk0uc8OLvvHAYFDOm8MMufxSYRUySsVIvKwU3_Dqplh5R_27qn9FPnC4ceMo0BJaY7L_3sTWYZVTi1QC219qyex9vRk1B6jxDhjKUKsPfz2Aq07Ke2lLk0gQZeRpQ0SHUrDtN56JCBREXPr-RMMR-QpumExe43aefb1jNB-EOJr9VJ29G_LkvcR39oSRJk0KoFUSnmP2sZf_MF55kBTgvkqAiwHUmXq6Gx2EXXZE7vqrCtNbpJeG0sIANQ7EBacWaaBSHdrY9TyOcTPyLxaA8nWoave9-CRRpYgDrdu7KQiJuvpUB1FgBi8CI3ou49JNj4kZx0o3kkHw4_rX2QZ0v-RvSnTLRe1FYYJ2uSC1o__Jy9vbvClsUwMG657ZoM9i2dJIQ0cwz_Ef6tvfFef4QL2FHnWK1ND3znMic5jeoDtYM83T94hMW6OSQhIEDFGnU8BFd1g4k_UKAJma5f-iIbYugCQ-n9B7fMlb4OvERoqx7nJPqB7QYKjWjWowzXn1c-yf6UZpjlT2Agmkc_u0fQMPRtKNbK0YgusJNd5zoTwiXTK6Fo6JvAViQJj9f5t5cOpWIYMyXz72lCzi4z1W33-LVQ0AP-zc1B41f3HKYCW6Bqov9TUHw3aVH_48MA_puitQwSqCuxrhsNoO4-F594-J-PtBkaSlZ03itgJ3XL-tmiG32Cy7XC_6MsDO2vzt5oKJr4ZmxKOn_EEEDzTH9y_0v8fM2sCNSgZJP1_r_jbZVJn-7uBHHDeImlinm79ac2toAI2P581GGx1mvwJeiP3pp0AE_NVyBKV7w&cid=CAQSKQBpAlJWzqtaOWBsiaigToojB3zwE25f-KCKlkAPLB6WXsOezeHxomrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=945741472868458000&adk=2124396030&idt=116&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4df8bafc7f8870c92a3d81be08fbab07221211460a4a4afbd659978dc5e882c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926504&bpp=168&bdt=127&idt=376&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3797678596&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077327%2C44795922&oid=2&pvsid=190623856967508&tmod=1557077730&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.616m0bwcx3pv&fsb=1&dtd=392
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37796
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CB3E 17 KB
6 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 17:25:27 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DAC3 111 KB
39 KB 124ms
35ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Sep 2023 21:34:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/ Frame DAC3 11 KB
4 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5s_M9vhJbC6Al3viUV37BPJRaETDJNSKsWeY4gR1VPLLTSurfS4hciAJNjUSoQe7uDRCslrkFQcrNItMsbnJSReOEHy9_EOqxm1RnCINmmzbsn5OytSQ-aaM8Kvz5NaivE4fuJC4TtoKB6Kz61B8sJMcue_LRYIAJ0h37oqkC1E_6t18&cry=1&dbm_d=AKAmf-CoukJyfyv9PgvwzPiHHJAWywjcQVXflvLq1Vva6fciHJjlaXw3E63G3L1pScTyEgWwR_EMqUjs2kRzMhNaID9ZWlf9YCWPTYE-96PgMicR3HWkB7cuf__YF7PkEwm1yKHrMKzehazW164sSSLTRRagwnn-SNaSjsHcp01urJDZODT_ddVxrs1h5lFI8p0vv2eBtChB-TCYbxMdpYY9QROnHCTBKbkn6BFqYHfr2KgtHvy1Jj5v4eqS4UHD0zpJTeBDHpMeXrRoUGpKaU5KGeO8E9_nBgK8vIW3wQ1MCtO96ZQSgefA4JcOttATfH8vdKbuj7vwkiAZrH_-QoCYrppkG5V_1uxwf_TSToWSlNt8IIu1qdzZu69lFtb0Rm-IkN5x0b7uRz4srCRnXruKznyV2VJJHyHiv0Hqg2ovJz7lmA3quXhq1VBTU7ARH274wYBnzst0Hp61yK4QHCcu4WWwAnemCXNH-MjpqWbiR6HOeMXTNfSeojhjXKB7BFzd72jDsKpGd0DxdRxfATsYFc0acDzXjLckvngK9FJs3EI5PcAQT7UHHaBIrCFSAbteow3SY2lGa9zlxd69XZKP1PpQ7yXl-77fuDs6kUONZONOwjPV1pt0PRCFGicCTGI95X-KZW5PPaNgT-zjV1zHBLmwm2i3WmjGnea3f3LHgaHdHBz3IvOIK_rh0UoYbtHHZoYwyZBZBNpm4Qg_F-eejryrsFjKteKjYUXGTnjPS7GU9bBYNSJ---V1aJzC4xS6VjEshEip9p6pKVF710VKt_cRBfl4GbTc6vaxJs1uRQVcAp0Bsp2M-jF_osyGDK1X65p71l4Xx47PCHEVJrok_zkjiqSSraTy5L3y69xy2EsUy4DnsqQVUt-LASGVfRd0ikH64KFic7DqEYguxjeRrR4dix9I8P77Ajc77986TCEH34Vb85vsLNwZz4kP4zAeh95otGeB2rxwgBYoCO8DmeixZIQx6_5j1V1f92uwr6hKHmFTQFaaxi4Ijk3m9W4s7QR9EdmNZSrx8PJ9FlxVsv0z-vRz-3y1VcrU-EBKkFdJa5zjwA2auAPoj59rE9PzmF5u8taDF7lDQarUaf70j5OxDUZCbe48UmWXqqC9-Kzqe6-QdF5F31AeE2ix82dG8Lo0Jdz4hrS0CVGuDvp34M0YW46HXLloRTGOJqZXhDytN6rAU_-T3ePCWVCmTjbzb443tKvu8gpJQLA96NM2ZIymREun0mETUyBMVjiyxhIwkTvlsl9FwRtOo0aW7gLkea8mVGRwHShDV7gBUoRmm3eIUTfvXRa-YPYtRwFa2hB2swkFvfNjFKr2jBM7Pt2lb0yPK1hv4Ys8Hp1pxgIf86zLXbBIoX4XC1IawrFGv83Xxs2jYe_bsQUsFfeS0aIXejK3m41zsWLMv74l0X3E-TMY1Z2hRGqRfTqTtIx0TNbAKdFYEOt6U6qRF5N2vMbRS40z6-aH3xQYvzQ1YEX4BMUkfwrCbzTxKwJ4y1MXcl3V7COTZobQdr2YDrz2cZb8-1_KXxm5uSezoyxfA4xcSVMsdc6xZnfxMMBBDExyKC4F5hCUWV7UAS2CfRFJptEmYdVKfNr29LXX2tE8Y3tmsY-Y6esVEAoyOCjGSz3stU-LkaI2rH2gFC4SSFEinZr1khhYlXlVdXdWujnQE08kLyTcS6yKGAGvvLiA23bIRQeVDwxq89Hf_tHZKfAOArSaIUlLE42-2Y1olXxXhWT0ZVK_Rq8OHWrdNAumnXrCnU_p13wTHyx3Bdh7Vd1nNlTGO7i9sqy3H9rqMlPZ4mZ1cb6bRUPQOmSW55gcZj4y7Wn4e3PtJ1BRFd_Bi_sRW59nshOwbO0ABqCfsk9q5MC0-waRCK37WVZryX6-FvdcTDM95qWG2sCvD6jKSmXoOQGBULAzAChpP1yNQa2yEhcDi1Omy1rd4b9b3tWEntrootJMLosNsHhCdxBPxVkSW0l_hdhz8uhEXiKH9oRs8vGarfcBq9ElVHnlZCN59xBp8tc_NQwvC1ztvBXPpu3CT6YTDunnzqgJWGYbdqMoC5jlDsCLNrGrg9Zq5wG-9Jhs0dNu9o-0W383nBZrurYSDjLSSlIw5cS8MRSYhTMxt--gbp2te_siCCpy76KFdK9CS8JfA_1sVm-KLToVh6lowfxOttkIAGlbLZIWnMp15ggn_I7yg4LuWo9z6_1XgUwN7qiZ7uBAyAZAJNEHlPpbtgY3kjU5pl-lqVhc14dJn17uR3CNIpKQgi1O-s0bB_GoK6P6FksyJQDYG4GrJY-0tDJqjgUV-M6Pr8XVo7GnfQPEtEAgzXQhUGk11GRIVx0kkWVTrwazhBNiNutir_VCQ19SQxru-QbHqrIwbtF2fHF1ayx8_0PMJqrIXN83BU1qoez7dHuW19xGg4yewAm6E9DVgk-IMF8j47351bJBnDl8Rc8px4s5kArrIaGRgdjcEwxfnFJTvmfqz_PqM4tYanAE0OYqPogv1EE9rWP5F6Cks4S1FmoV2xwk1YJFOnM1Ike-y90ReCFfGEFtoSURF0Vks1AO5hriKNFqpq_Tmnhx-AEFpEUcXvFjGgIMMoDvXl92R90GJESzDmbegwRFO_jAvpyaTaCOlpPHuiqGJ22RmaXdNFTbputWlGplE2Xw0bkqxxgQffne2RfAOpUOOLNxBiCtPdqrya6BdJPgvfEeyxSooZWn_R0zto3E5GV_1oxZFeG9wIDMVcn3nPPo7q2ficpeC3zw9vAeh3w9VnxW1WG5jeh8bwTwZD3H5CJhiet3JRS-3Z9ipTSfa76XeAllTmK62NniVv40LYUK4LNSVrJaOpIJZ0RmZ5sYIHdH7R-vIDb6ZVeRLcgYTMGQCb4_X__zV9Hu3KmH71pcFTV6VJnV3F8l_kbtckQ_wtaV6UUyZENGX39YNohqa1ppuVOwfOhQ2oB3ggzAeBsvVpzq9ETmwfRmLhh-WGlvh7Q8aGn0RiG_YXShhX17wnUcThkVu7a9KUhZGJ_K5wxrjZRrChqdBMx18beMRQjniPy5F7HnOdjUie6n2jSV2Pk0uc8OLvvHAYFDOm8MMufxSYRUySsVIvKwU3_Dqplh5R_27qn9FPnC4ceMo0BJaY7L_3sTWYZVTi1QC219qyex9vRk1B6jxDhjKUKsPfz2Aq07Ke2lLk0gQZeRpQ0SHUrDtN56JCBREXPr-RMMR-QpumExe43aefb1jNB-EOJr9VJ29G_LkvcR39oSRJk0KoFUSnmP2sZf_MF55kBTgvkqAiwHUmXq6Gx2EXXZE7vqrCtNbpJeG0sIANQ7EBacWaaBSHdrY9TyOcTPyLxaA8nWoave9-CRRpYgDrdu7KQiJuvpUB1FgBi8CI3ou49JNj4kZx0o3kkHw4_rX2QZ0v-RvSnTLRe1FYYJ2uSC1o__Jy9vbvClsUwMG657ZoM9i2dJIQ0cwz_Ef6tvfFef4QL2FHnWK1ND3znMic5jeoDtYM83T94hMW6OSQhIEDFGnU8BFd1g4k_UKAJma5f-iIbYugCQ-n9B7fMlb4OvERoqx7nJPqB7QYKjWjWowzXn1c-yf6UZpjlT2Agmkc_u0fQMPRtKNbK0YgusJNd5zoTwiXTK6Fo6JvAViQJj9f5t5cOpWIYMyXz72lCzi4z1W33-LVQ0AP-zc1B41f3HKYCW6Bqov9TUHw3aVH_48MA_puitQwSqCuxrhsNoO4-F594-J-PtBkaSlZ03itgJ3XL-tmiG32Cy7XC_6MsDO2vzt5oKJr4ZmxKOn_EEEDzTH9y_0v8fM2sCNSgZJP1_r_jbZVJn-7uBHHDeImlinm79ac2toAI2P581GGx1mvwJeiP3pp0AE_NVyBKV7w&cid=CAQSKQBpAlJWzqtaOWBsiaigToojB3zwE25f-KCKlkAPLB6WXsOezeHxomrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=945741472868458000&adk=2124396030&idt=116&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:50:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame DAC3 30 KB
11 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 13:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 13:52:29 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DAC3 41 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 13:34:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B430 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 09:36:10 GMT
etag: 48472445140208031
expires: Thu, 14 Sep 2023 09:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DAC3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f702c629b6d91fcd615affd71dc1d4a7f4e2d37dc16b0b0649f1447491c7e8d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5CCD 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 129882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 05:20:45 GMT
expires: Wed, 11 Sep 2024 05:20:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B430
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJGt1KTjVtnfoilCJADEZsk&google_cver=1&google_push=AXcoOmRmS8vT2JuwuYp-ISCYaLln4nRDlpWP8JHPLSdL7A1HnpZqxeTVvgfqV38sZWXMZcgHLgh55KV7tC87EU4Yu4NozIOQ291PL...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE4NTU1ODU3NTUxMDkyNjEyMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJGt1KTjVtnfoilCJADEZsk&google_cver=1

43 B
398 B

78ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJGt1KTjVtnfoilCJADEZsk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926504&bpp=168&bdt=127&idt=376&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3797678596&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077327%2C44795922&oid=2&pvsid=190623856967508&tmod=1557077730&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.616m0bwcx3pv&fsb=1&dtd=392
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJGt1KTjVtnfoilCJADEZsk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B430 0
104 B 139ms
67ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGmViVtwKgyb0x0DPJbObB0&google_cver=1&google_push=AXcoOmTYO52F4D4k1ny2wykWKjCQTXwt8yBac5EM0hIFSrvLVX3cCXWulwfG2Cgb2tDxtDP0LIUaTE6P4p0yPNFEnwyjhSCJWWoxkG7-mhR3eVI2ml_65QATeafHGLpL-ML9xn6C6I5_Cgw-tdbeg0g7UoaC
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926504&bpp=168&bdt=127&idt=376&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3797678596&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077327%2C44795922&oid=2&pvsid=190623856967508&tmod=1557077730&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.616m0bwcx3pv&fsb=1&dtd=392
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 i.match
a.tribalfusion.com/ Frame B430 43 B
391 B 181ms
175ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEGcTGioi9yBgjNkZ6eUeqW8&google_cver=1&google_push=AXcoOmR7hQjhtvhReqFAIMrdXJ5kPbk86hph1ayewVcGO7jzLka4Al2JBVJ53O325jbDJsF0BMTLwTAeCRax2QC-t86L2SaPJl63OrZU8p9BKkh5n2MzaKQTWnmJbdIWdxt7V2xLJR2VHxCI8hx3u6CsRA0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR7hQjhtvhReqFAIMrdXJ5kPbk86hph1ayewVcGO7jzLka4Al2JBVJ53O325jbDJsF0BMTLwTAeCRax2QC-t86L2SaPJl63OrZU8p9BKkh5n2MzaKQTWnmJbdIWdxt7V2xLJR2VHxCI8hx3u6CsRA0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926504&bpp=168&bdt=127&idt=376&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3797678596&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077327%2C44795922&oid=2&pvsid=190623856967508&tmod=1557077730&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.616m0bwcx3pv&fsb=1&dtd=392
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 806216f0bb6c9a2d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B430
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECDKwX5QkldwcEgecySeROE&google_push=AXcoOmRDOLgVmbOFF8pOEn513934YGoCPcHu2ZAkpindomRO7N1fsaPCtc...

170 B
188 B

48ms
48ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECDKwX5QkldwcEgecySeROE&google_push=AXcoOmRDOLgVmbOFF8pOEn513934YGoCPcHu2ZAkpindomRO7N1fsaPCtcOed3ESZv-g5fKaMCHeqBf3Vb4KMUuHmwo6T8_Z4h8RUQsPfIkLcZSxmgkNDhLKRsAxrtTglgsrUdDwf1q2zWqVXXgPpBcKE_vg

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230063-FRA
pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1694625928.830380,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECDKwX5QkldwcEgecySeROE&google_push=AXcoOmRDOLgVmbOFF8pOEn513934YGoCPcHu2ZAkpindomRO7N1fsaPCtcOed3ESZv-g5fKaMCHeqBf3Vb4KMUuHmwo6T8_Z4h8RUQsPfIkLcZSxmgkNDhLKRsAxrtTglgsrUdDwf1q2zWqVXXgPpBcKE_vg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B430 70 B
265 B 106ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFz35yvS9k1AO7OPLl2fPVI&google_cver=1&google_push=AXcoOmSrBRO7ilpCF8H5DOYHlftxGMLg5IiBnB3HXE8eKZo7-uIgOsOLurakOlhtnyemz-wlbBEtJra_RAGsK87yKyZnb2_H1BfiaxbeIpm9GDERco9S654afw_Ld2wc1Ed8qlKptaBKLWEvTSVM2cvG4j9C
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694625926504&bpp=168&bdt=127&idt=376&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=3497&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3797678596&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077327%2C44795922&oid=2&pvsid=190623856967508&tmod=1557077730&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.616m0bwcx3pv&fsb=1&dtd=392
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B430
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJoCh7XGtqFPgwD8hXntqA0&google_cver=1&google_push=AXcoOmTCF-wy1QQea...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzE5MjI0OTYwOTY0MTk2NjIwMA%3D%3D&google_gid=CAESEJoCh7XGtqFPgwD8hXntqA0&google_cver=1&google_push=AXcoOmTCF-wy1QQeaDMufGgWF3Ic3Ek3nr...

170 B
188 B

46ms
46ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzE5MjI0OTYwOTY0MTk2NjIwMA%3D%3D&google_gid=CAESEJoCh7XGtqFPgwD8hXntqA0&google_cver=1&google_push=AXcoOmTCF-wy1QQeaDMufGgWF3Ic3Ek3nrBJbR75UgdWhSVZUcp1bxit6A6FdOmvdP_0sSk3JgI4f0970iYN7iH2JRtGiYbJz5uYokxGZSZEtqLPaVlF6swzx3LgsEmOcM4U-VO1Wcn7ZUimUNBkXaJXU1xz

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
an-x-request-uuid: 7750b803-2ef3-425f-a542-f526fb64a83e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzE5MjI0OTYwOTY0MTk2NjIwMA%3D%3D&google_gid=CAESEJoCh7XGtqFPgwD8hXntqA0&google_cver=1&google_push=AXcoOmTCF-wy1QQeaDMufGgWF3Ic3Ek3nrBJbR75UgdWhSVZUcp1bxit6A6FdOmvdP_0sSk3JgI4f0970iYN7iH2JRtGiYbJz5uYokxGZSZEtqLPaVlF6swzx3LgsEmOcM4U-VO1Wcn7ZUimUNBkXaJXU1xz
x-proxy-origin: 185.213.155.135; 185.213.155.135; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B430
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=a23f7a42-c1e9-4cc2-8399-cf49bb8207bf&google_cver=1&google_gid=CAESECTh1z0kBtFXD5OLmYwvHZ4&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

46ms
46ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=a23f7a42-c1e9-4cc2-8399-cf49bb8207bf&google_cver=1&google_gid=CAESECTh1z0kBtFXD5OLmYwvHZ4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSqzrhVsk5ArXVGW_pqKn3aRPxgZfmUlE_nBhVvFyttmeopbqr7DKcHYjkXNSSzo3zshxpxZktPs5SvZlN3cCsWSoB9X5mgw8tn1xhkU4EHal33DLBPO9cUzrrCUxIHlci__LG9AAz2-N2sJfx2vQLY6Q&gdpr=${GDPR}

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=a23f7a42-c1e9-4cc2-8399-cf49bb8207bf&google_cver=1&google_gid=CAESECTh1z0kBtFXD5OLmYwvHZ4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSqzrhVsk5ArXVGW_pqKn3aRPxgZfmUlE_nBhVvFyttmeopbqr7DKcHYjkXNSSzo3zshxpxZktPs5SvZlN3cCsWSoB9X5mgw8tn1xhkU4EHal33DLBPO9cUzrrCUxIHlci__LG9AAz2-N2sJfx2vQLY6Q&gdpr=${GDPR}
date: Wed, 13 Sep 2023 17:25:27 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B430 0
12 B 48ms
43ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKtAwACHd_aX_yJzkYpMVGPyRXEhuU2YPKhj2fGQQedY9oWIzXBqzKokFEBR_IgbrBcOeQTwI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D8A 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 13:11:35 GMT
expires: Thu, 12 Sep 2024 13:11:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 24B4 829 B
560 B 49ms
48ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8561cd84f1fa2d010bf429cd686c4fdbf27d18a694a48eb1adff72aa3e586ccd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z77SXUqnzy75Hf0kFnVQew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-z77SXUqnzy75Hf0kFnVQew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:27 GMT
expires: Wed, 13 Sep 2023 17:25:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CCD 37 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 08:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14740
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 08:08:46 GMT

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D8A 37 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 14:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 14:39:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 24B4 0
0 136ms
136ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230911&jk=1028994788146602&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17322038452853571179/ Frame 8B28 6 KB
2 KB 113ms
36ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16b08832885955f456d90d0d73157e6148a8afc16834a0cd1f7a5d146ec3f8a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 116063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2299
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 09:11:05 GMT
expires: Wed, 11 Sep 2024 09:11:05 GMT
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DAC3 0
0 185ms
86ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstztlShSAQDxBZBuLQR9d18fjEi_cw9TVGVoM5_M5eIOv9Bvvw8-qv_ZOFINOiJpBjGdjKadJGvYBJd5jsdLbrFPxMv5muhbnxyEAfrRhmznV8bC-3DVrOdogw5NjsKt770jMvaczTSFzXZHmMB3CP65-YtT4WUfMwZwxw-EsfRkzVMLMzjDqm4caw16wjgngQUGzg1Ctx6l3tYweTvviAj_OXQsKmJ2M5qap7msPYhz8e630ruwwxvWHVJc4BIiGOO_TB9MEXg2NdL6At8QASVHgbX2MKJEMJ9rnXJkfvkQq0OOR2c8N9T4sMaQPB3QDJ_07RhNxEY3a7bU5W50IklVuRvweSsB40WHsMtLIWfMxv6csbfAFGbmOxdljDcrRkMM41fA1dajafQnlp5MlaH4wQbSNGyhjl9w2aOKsT3EyYrI2w02j7CfY-7UmIp6OzYOlOCBLiu640UUZrOtc6guuVz-zlN-m_vwHmS6rCNUt-R1gG5PC28XyE1M16zlM9ItgfQh-kosUHUlDaE3VfACVaI4y98D06-5F253WTHqivJaZHpd9LTiPnQkGT3RtYPQAM0AP4XHMsrZmzKANIgTNHxsxsWtbXLISz3hOe0UdvrTUbP2PxS9HaSEc5_5w4RWQ2UniKpvJC7HoFg8KPguNMRgFEUPGSd-kgg3iOrbBiO1v9PzWZ6vs-X6Z46EkRFi0GIul108AAttcBVFhYFq6-dtSeHC0-j7Cy1pl3JbOxDB3lFYLjFUCYCEdZrlmCrJ4EyABo-0Ank10bqjjTu7XiSJLzafsulwEbed2BvPfSqHYbOfxE_cZBYwsq5-BMb-KTLSch2GEmyG8CUD4jJuF8a4EaauabqJ8Ipi6f4EwzaR078MqASIzp_Px91o9dYRdYcJMRg20WfWxFfdpUTLsAAB3UjAHkbdMrnNm7dmAQh4Cn7H8abPy3lhbHGmYyGN3bfcsbwAvmg8G8RISie9CXg8-xbcpuJ4TBGLVPoFhK4YXL6pBxT2sAIYaAds1yw1WLfNXs8PXW-ulua5EF5B0z28GKdGCJ7UQZVnrm7YzGtkGDJ4GyojhOWhnOD8Nzvb2XhK6fvyhruDde9Qc9MJDhyiNbVQcorCh9rKVp1KaOCwgtjfxzeJUdDYKcN7Lo31RaQB3RmdRLRDQ2U12HQeA5HmkcXz3WuoVrnKv3K185PjzF6YXVH_SbkusfCXgxyskQ36mEjmiMQ4DtVBUVyWSZXNhZ_gOa_0TYr1jNQyWd5lzI8b7F2XIiNmrMkcOFqnsfkVfAoOsYbu3D_UBxRWmCG9Y4U&sai=AMfl-YRnBiqJOypt7ZGvZVwB8MOOSLkdt4k5VSAWCQBtfwX7L4EdIb--f1whopM8TW9k7Tzbx1io-X8b6U75qV5akGyDYG7a8bfBswzkACd20U3Fj4-U25p1hVvk3v5m1f_WEOT1ODnaVWTVSTb4c8XPM3Js_jaymFB6y46-dfLzCQ5eHhDsWJpMHaEenf3UmPI54kCpQGp8KAwF&sig=Cg0ArKJSzObXAXvuKEyHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=210&cbvp=1&cstd=205&cisv=r20230911.38691&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Sep 2023 17:25:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:25:28 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 8B28 236 KB
63 KB 68ms
20ms Script
text/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:28 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 13 Sep 2023 17:40:28 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/17322038452853571179/ Frame 8B28 127 KB
15 KB 37ms
36ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ee644edebf519a4e4ac8315873624b40c325326dd837f7e69551313f0e85f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15529
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9D8A 0
12 B 38ms
37ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?z9qDyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CCD 0
20 B 141ms
141ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQ6aKh_ABZc2vJoyNjuwP69Kv4AQAAAAAOAHgBAI&bg=!ysmlyYbNAAYoa5rMCGs7ADQBe5WfOKcanyg9cNuXHKkXMcL6wvpSpLBRurrDzXPoFqcG41WsgfPJ5xq5NsfMJ2EWIPSwAgAAALhSAAAACmgBB5kDM5MQJBm-1wtJP1w_gPb6z56OSqqJaCf9exv48s7u6ckU_9YvH_3j-4Sl-D6a5JW5EKbOalM-gkHkOJkVreDJIUGc1Zm6FWIRhSmC9gPRj_mrrdznQj4k3ZqB9qV9Rcl9NfFUWoVvetm3a7aKlyV8uEUorE6u-o_NrhX_p-NNWchgOiomFq5vdRapxDXv_5ILrECvI-5Ud4Do9UtcQrbYDOHEgKJjHlOW4fjBVhGuokdwnjL2VffU2lpf-GRe6w4URaF61nd0bIOu1vpV-RTV_mUv__DanOjCnuABiCpyVJpK9gAvEZmbPSNAiLxIl0FUL5u5yxsbrSpfjkq8SObsbOhpfAMfWDtjeyKrgCGWEYMLAjQ7MODVZ_oQIZzYijHiM2G7-AUutfCWUu5tpeT5jBusiRVzt4Pw_yf6BE-Hn76ISAU7KwtbGXdSWMYfIMb-ODYaZJRmXKVbTsnIK1AeOZWbeHQAkmh8SRLVzBmvO0rbknk1IhFutEtBVvGgreQV_Q3AE_6Rk3G8tY2hiUGYMMXw_JManOjEQtAn0dF885rOKpoQNW9v-gkxnQqElkO3u3pQRa1wBCtf0mCw2riggbWB_zfe3POfFKW1sG--RSW_9hN8G2F-fwl2d4yZZ1YG_F_fOypr6Mz-HvTAFv0fs6Wgk95ONFkAg15w2LdTmAm4hYPstSpJJcMz2IPEKImKsNSCfI22239KhXcmty9jBlvZzqwFPSBIuMQREb13oFEjM-Met2E4HC3a0RlYIkmpUFQ-vMpVNpVrETRwx4pc1RLNcgfW0MBeaZxYbgVJrtGk9eVc8wbaVWQWHT0nEABAn2LC_kJun1wcnD46OQFzM-Ukc6VRa7bfG6RYo9asqcap7fQhxjJY8HBbnnYzcfqYzVBJRbj0xkWb8vQCUH_UjtXZ7WJ9FFZnTUXI5L-pmfkgiQJ9vKYn5iZuDWdIlHDIxOnfTJpfd6_K-qCqPkMui5Qmn8u6ssIDJtVrCvUZasOVCyF2nAKKukWzmQrLyg8bbKP9ApWbapWM2DQRIqciceC3pvdal629gUip16CBbDfFyaJXx_AhpYK6DeWjtcJSRv5n0w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 background_1.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 52 KB
52 KB 37ms
36ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/background_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f868be2d5fe7cc6847dcff4e93be0431d6e3d65976cbd95371cd8ddaca4612c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:56 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52970
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DAC3 0
0 78ms
77ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstztlShSAQDxBZBuLQR9d18fjEi_cw9TVGVoM5_M5eIOv9Bvvw8-qv_ZOFINOiJpBjGdjKadJGvYBJd5jsdLbrFPxMv5muhbnxyEAfrRhmznV8bC-3DVrOdogw5NjsKt770jMvaczTSFzXZHmMB3CP65-YtT4WUfMwZwxw-EsfRkzVMLMzjDqm4caw16wjgngQUGzg1Ctx6l3tYweTvviAj_OXQsKmJ2M5qap7msPYhz8e630ruwwxvWHVJc4BIiGOO_TB9MEXg2NdL6At8QASVHgbX2MKJEMJ9rnXJkfvkQq0OOR2c8N9T4sMaQPB3QDJ_07RhNxEY3a7bU5W50IklVuRvweSsB40WHsMtLIWfMxv6csbfAFGbmOxdljDcrRkMM41fA1dajafQnlp5MlaH4wQbSNGyhjl9w2aOKsT3EyYrI2w02j7CfY-7UmIp6OzYOlOCBLiu640UUZrOtc6guuVz-zlN-m_vwHmS6rCNUt-R1gG5PC28XyE1M16zlM9ItgfQh-kosUHUlDaE3VfACVaI4y98D06-5F253WTHqivJaZHpd9LTiPnQkGT3RtYPQAM0AP4XHMsrZmzKANIgTNHxsxsWtbXLISz3hOe0UdvrTUbP2PxS9HaSEc5_5w4RWQ2UniKpvJC7HoFg8KPguNMRgFEUPGSd-kgg3iOrbBiO1v9PzWZ6vs-X6Z46EkRFi0GIul108AAttcBVFhYFq6-dtSeHC0-j7Cy1pl3JbOxDB3lFYLjFUCYCEdZrlmCrJ4EyABo-0Ank10bqjjTu7XiSJLzafsulwEbed2BvPfSqHYbOfxE_cZBYwsq5-BMb-KTLSch2GEmyG8CUD4jJuF8a4EaauabqJ8Ipi6f4EwzaR078MqASIzp_Px91o9dYRdYcJMRg20WfWxFfdpUTLsAAB3UjAHkbdMrnNm7dmAQh4Cn7H8abPy3lhbHGmYyGN3bfcsbwAvmg8G8RISie9CXg8-xbcpuJ4TBGLVPoFhK4YXL6pBxT2sAIYaAds1yw1WLfNXs8PXW-ulua5EF5B0z28GKdGCJ7UQZVnrm7YzGtkGDJ4GyojhOWhnOD8Nzvb2XhK6fvyhruDde9Qc9MJDhyiNbVQcorCh9rKVp1KaOCwgtjfxzeJUdDYKcN7Lo31RaQB3RmdRLRDQ2U12HQeA5HmkcXz3WuoVrnKv3K185PjzF6YXVH_SbkusfCXgxyskQ36mEjmiMQ4DtVBUVyWSZXNhZ_gOa_0TYr1jNQyWd5lzI8b7F2XIiNmrMkcOFqnsfkVfAoOsYbu3D_UBxRWmCG9Y4U&sai=AMfl-YRnBiqJOypt7ZGvZVwB8MOOSLkdt4k5VSAWCQBtfwX7L4EdIb--f1whopM8TW9k7Tzbx1io-X8b6U75qV5akGyDYG7a8bfBswzkACd20U3Fj4-U25p1hVvk3v5m1f_WEOT1ODnaVWTVSTb4c8XPM3Js_jaymFB6y46-dfLzCQ5eHhDsWJpMHaEenf3UmPI54kCpQGp8KAwF&sig=Cg0ArKJSzObXAXvuKEyHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=434&vt=11&dtpt=224&dett=3&cstd=205&cisv=r20230911.38691&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/duolaameng_di3jiguoyu-tengzifbuerxiong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 17:25:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 880D 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubLipJmdXb2-ABGlYwvUaQheenaW4cFwJ-_nZsHkqUVEr4BbeZq06ydG76LBEE5uyKaKk3QiS_avZaS2Rjg1SEU1sDwxWXv8vGJAdzBCtemy3tR7pwwQ4uxfuejEAJhPKsNczscX4hL8p3xTg3qshFFpPkvaqDuTWi-KwXZ4nnJWUd5Tf9VwgAo0rdFi1n3o-z9eYvu47qoDjhHV1PQtDtMuO969GOL2K89nMJfmNon6Vq6AE0YWwUboYQwKwj6LLnSBGV53YloUR_m8UcV1OrDEZgm8ml6UsJpYogb98kzdKpXQXxqwERqjMK-9UuMU1Fmj8xGhbguohl9jjlPP4WnmOpz63Z5wa8scA5KjNtETU&sai=AMfl-YSj7crrte4FGr4vBvlQFL_I_L9Fp7NJP0iuYkpGVQ1LovtJ4ZQLDJcHdNnKiT-VQ5V4OjXsXvGY6_vnNi4&sig=Cg0ArKJSzKrAmfDKRocIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Sep 2023 17:25:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 880D 15 KB
11 KB 87ms
87ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230911&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d35ea374d1cf77e05493b27871f84f8ac8aa266f89fd076f6f50a6e6f4690c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11745
x-xss-protection: 0

GET
H3 200 CTA_bg_middle.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 856 B
883 B 36ms
36ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/CTA_bg_middle.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c66e4b8d6a036aa05a4102e73f989d528d1f0928fe537b3a63a9464f5d2f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:56 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:56 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 880D 17 KB
6 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 17:25:28 GMT

GET
H3 200 CTA_txt_middle.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 36ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/CTA_txt_middle.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19485de6a6a911fb6ded6327440dfbd458286a6f5d7f4e9469d653cec94e6799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 22:01:47 GMT
x-content-type-options: nosniff
age: 156221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1266
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Sep 2024 22:01:47 GMT

GET
H3 200 date_txt_small.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 38ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/date_txt_small.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c592749a16b171b837c7281e76c8539faa8c4509fd637a3d239fe6aef5d84eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:56 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1241
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 784B 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 13:11:35 GMT
expires: Thu, 12 Sep 2024 13:11:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6CD3 829 B
557 B 50ms
49ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed153d3cbed8c84e434a3c1cf37e95b2f271d22aa5019809a6ce375fbd0f9aa4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CYmspnilmleDbkB4ggeT7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-CYmspnilmleDbkB4ggeT7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 17:25:28 GMT
expires: Wed, 13 Sep 2023 17:25:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 flare.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 7 KB
7 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/flare.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79e7891b60b7a80d220c4c112710cdfd4aac0341d6fb723f0a6f37b8def8b10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:56 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7398
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:56 GMT

GET
H3 200 footer.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 4 KB
4 KB 37ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/footer.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5bdf490eee0d7fc47036c7038b25b54128d1946aefd75de8275e3e4c53d2d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:23:48 GMT
x-content-type-options: nosniff
age: 518500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3930
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Sep 2024 17:23:48 GMT

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 784B 37 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 14:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 14:39:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6CD3 0
0 136ms
135ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230911&jk=190623856967508&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 light_sun.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 5 KB
5 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/light_sun.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3803d3e367841d28a6fa7b2183a24a2532dfe1f26eb9f0cd3aef3115b692974d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5136
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 light_voiture.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 2 KB
2 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/light_voiture.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c776847150b06230b956823c80e86ab1afa2115518a9c57ef9c818b74efcb68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1624
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 784B 0
12 B 37ms
37ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?L8Er-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 17:25:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 logo_1.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 2 KB
2 KB 36ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d7a8d39998604d1e27c288bc9d4dc571782bf2662329f8dd05b9760150cc624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2104
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 logo_1_black.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_1_black.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb61050b192170733676f7dd707e4e0e69f03dd36e29bcef45f0b693fa0887de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2019
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 logo_2_m.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 631 B
658 B 39ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_2_m.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53c9f397c9b402fcc2adc76f69e800b2fb9a2c9ec124eb3660a7394c30c8cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 631
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 logo_2_m_black.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 37ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_2_m_black.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9b1b16fef7438d8dfa6a25f84c504c012e06c3e435ac4c9a8a13c72974d493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1377
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CB3E 0
0 142ms
141ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230911&jk=1028994788146602&bg=!1tWl1ZrNAAa6D61Rmg87ADQBe5WfOBGeVfwxofr7eyD8U1yY1pjuZ8wFfpKEJZuseoU6MWgOorpj5PKKpldgi84cWjsmAgAAAJtSAAAAEWgBBwoAB1_986X30t2ZAvwsjSd8Fdk3hQm7EcQ6cIKm3D6L_s-yluDM-KmWRf_FkWeqbYID3WKE9mV1d5pxuPp4LRld9BU9D1Fex52bilaekqz05cgXPkxfqPDkytxBa4doLTXDBKOfFawdwNkCBXfvhO_ZONnFmUGTVmXTKou9ktt5QnpoWFPX4qs01Z7OuBxWFwxLVoAHLrM5uUcA2gpPGP9ijAREt8J9aA3ODsPkeVeVHFg4qV404bQ7BZ6CDNdm5klY8ZV40Y4UKzDBMHx06JvG1suHaELskKvFj1gwIjEw6ffs25cH-zsqJLAMKRKAfzC5ayNSpfvEwlCLo8n0ESZnrgCTRUhfENsJBZZRvCsdjE2kuHyYBYFK0itOWCyzSR7ARikRFOYjSrocM31JwpWOxrZ9wsr5uqN0Qkg-K_2MJKAGn2QpASm-c9eGMUIcg6aU6Y1qonExTMS82LUU_XAhF5RmigPxOXdLiXiTMvSEcDf7esFTPbsOISGbc6U0GNHI-Q0LpgG_BT4ayIk-CVhGXDvNf7Ewujnv8p_GZl_suMFpeNGlG3v7_W2YGjZPY7c5EdXf4ioX08VqfXXx_XfjC-OVhkAea1f0Z2s3sEZSyu0S2NgGeWgBEE4ye4ufwXzZwDdno69xtxnNEfecbUENf8Ncn5KwgWqrynnOiPD0-CW8x5MFeOjXCRfRV8ovpubPNmV-dukN1RMMV7DRqmKQh0LpXzhqyLoD3WNU_TK_JxnyHWtmzww49d4mcJyr9U4_I-qfCW8BhgJ3SEc7Z2KnxgHyiHc5zZ3ADj_02Ck9DU4d0jw-AGYVCcVN-dtm8KBgtI1eKf5ZZrNnitMh4W-VEgnYHee4kFXySDCtaOi5qKTWE4nhAG7K8eiMLsDEK2s2PFCx83LshsKDg4MiyZRZtZ56DRjjw0fWgQOXp8dr3bWnR2aQK2tzrVddviLTtxyxWijgVEJf9Ul69QYSf-j2k8QEXv6rsLrHeFP46FZQc-LiA7nG7RA5Px1NggiETOyr892llt5tgg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 logo_2_o.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 548 B
575 B 37ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_2_o.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03aa664d9c570e2bfea4db45036db163aa771b9ace92803bab71c95d8ba4eb2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 548
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 logo_2_o2.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 549 B
576 B 38ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_2_o2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b94cb034c8b8f54d756685f24c5ff09c4ae16b1722aeac0c47c9053050fb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 549
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 logo_2_o2_black.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 38ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_2_o2_black.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b195fc6187b407ed279e47fec58aa53bbc7d9dab5121c1663a47d861af3fa4c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 22:01:47 GMT
x-content-type-options: nosniff
age: 156221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1206
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Sep 2024 22:01:47 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DAC3 42 B
64 B 153ms
152ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVG5iw44J5af7SGnfNfIlCOT81zvJQQSH8XE5m_1lsWVDCypRLrokJeqnAcAr_GSShQKrQYsGwFHysq_qmPxkIc11UcHN8joeAVdD21HqM-PPALjSHmlu39InrPcOfvjpAbUtPWF44DP0d&sai=AMfl-YSir4l84YfJE5CrFb2J6SMggTv67qVzLJbp6X_At1B_udXtpmUrc0PpCLHSqLd3WStPkeRiUzLslFf2CHWm2NkgbENZbVWQTYw&sig=Cg0ArKJSzAH5OC6cvWkIEAE&cid=CAQSKQBpAlJWzqtaOWBsiaigToojB3zwE25f-KCKlkAPLB6WXsOezeHxomrcGAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694625926898&rpt=858&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_2_o_black.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 37ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_2_o_black.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d5ea1388385d285e2748cce48b0d56a030ff7aa1416eceae44d3e76ff36e760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1212
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 logo_2_r.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 556 B
583 B 37ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_2_r.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9ade6e3af2c4df6bd41d97d6b3cf7151788792e7801d45b87890e6620e857d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 logo_2_r_black.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 40ms
40ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_2_r_black.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1268da20935d6e17ff1497e845f1522d198e24d800cb5251ab0bb13d7b928cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1200
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 logo_2_t.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 392 B
419 B 38ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_2_t.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a339d65603d8450787d39f812032c0f0d071aeb1aa670f76427a759a9330440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 392
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 logo_2_t_black.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 902 B
929 B 38ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_2_t_black.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7971bf0a22f00da3cf0feb9f625b42f2106753a333d6a18f400a9af98842de05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 22:01:47 GMT
x-content-type-options: nosniff
age: 156221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 902
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Sep 2024 22:01:47 GMT

GET
H3 200 logo_3_F.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 624 B
651 B 37ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_3_F.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d1942c1c3e376ef68c882e14944232a1ebbd1a1d95499f9019b7bd245b08534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 624
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 880D 0
0 141ms
141ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230911&jk=190623856967508&bg=!yMuly4TNAAa6D61Rmg87ADQBe5WfONTKLUiw_zB-jqFg6RzLmdDQhbUtNL-YBJaHIMNIUsFdTPjDpq-hVm7MR0tKrNHuAgAAAE5SAAAACWgBBwoAcqTOThujIM9i3zLtWzjfTftetnIoBS6I6PIgwIZg8vWn_nNV33kmhnNPS9flyP7q_j693nqOX9NfMY3uxZ9Ek1jwh9nzp2twoAKi5c1EerDrliLzgskmuvJKmWa7ZKXalxKFPYNWDZXZMhywLRnI2IqzapkDB3sLWR4YZpZgNRb08_GcNknzxOcIlf7RGXebnBW3MMTRpbtyEf16QB61IA4p3aIAOfUX7_vfuaX85q8VpigtX4b6NnJMKAi-K1ivzKQVzQKyV7PETbgPvmX0nrlkZdGeu6Jxn_dPvHkynKMJ9yGM9jKf6poLJz1rFav_vuiQugoIUI3BzCYnyfTXkj4BVvw1c4sgPkTao-FCd1sUpt13r1OgLlgrKSr3fHCDXp4ZK9TwSJPBnA2OxTYJDdaMGOUGJJvAV1ZUu2WrqHXxRREmw2svI4_OZdIy2EmPjXZPUHWPd0tNY_gWHCQ6OzZ4zOYjbPsLqzOg4GKU2S8xQu0s23Od-aJ6T_55bsY5HaoDKgHYEZPrJ9GUa-Ari7ogV96eOd_gcraLqB0V4olVOGJsm7_J5IqvqjpNnArOmlwjV9NLt7d3dY3i04sPxKObk1AQwH9XHJmkZspkNFL2M1cOpeQQlK2b_dOuGd2cC_7Wtwe61iaf2TymVdZo2ksWfuo7nQ-qziRAa90nd0e1KreTNqe4nUVHCtWn-9u-SC4lkKTV7uCo91gIkAvpZoHn3l-KA05Fmt3PgATl9kqPmf8sbGsG4nsRpNM1vvfh1FGvaK6BX7Y9UKyXQ6XwvJ66QAewi3XVJMrJG-r60X3h3hy3PsGo5ZY8FWZblAl1dZ1QsFtDUr8J7M1QEUauffRalzprxEjugTL7TUInLmnmT9QyNwUSu4X7pb0dj6UW5ilp-nrFdw7G-aRNyVW23A-fZtt8Ndq4TbC7vaqLIe00cHvWh4ImODHHfYW6w3GxutSTyjY4nYotDJumatFGjDrTgwtzgdRcKddVLoM_V1_cxA2TrlwelF175rM94PmrutkPlzHSMWJx4VUkWfkmcAOMMbRs0lkVmU6a4YETmyjeudg-i0RVi9b3rGZ3WUFgt2dPSsugrX4COvQ0_jVadamxzCrFeHX7Scl4fZAn28QxCRzzI4nYWjRs1yEDKu-fxukABJOABFujUEBPbKdi_GtO1A_73N52A83WkCE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 200 logo_3_F_black.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 37ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_3_F_black.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7a8dfbb250f11a2d3acb21e1c59251dbb5b22c0b427904224d58a17f9afa48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:12:30 GMT
x-content-type-options: nosniff
age: 202379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1175
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Sep 2024 09:12:30 GMT

GET
H3 200 logo_4_1.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 583 B
610 B 38ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_4_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d519323ebc610ac4468006f60b289ba20365ef159c2b86ee62336612edcb0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 583
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 logo_4_2.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 37ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_4_2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f4bb261a74005fd2398980acaddb4c50127f8920b92435eaf04ea2e4c4f5ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1143
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC3 0
21 B 136ms
136ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1658481744427&version=m202307240101&ct=119&x=1&cor=945741472868458000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 880D 42 B
64 B 145ms
145ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvW6qIEKqhlIWRtwGUrKveUs2h-az_Fkz6a5fjGHc3MPilk9RGng2MGOyqSQ7qE2xWtPjwgCcUub0vZxRkCmoboqozesum6kvQMUnljHYM4MHFss3duFsbY_KGS3oLl&sig=Cg0ArKJSzK4oAhxlHph7EAE&id=lidar2&mcvt=1019&p=0,0,90,728&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694625926326&rpt=1823&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 17:25:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_4_3.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 37ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/logo_4_3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a19b4fc58052dea835298ecae04fdd4541d4fe64618b35ccae53c5631d95da7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:18:35 GMT
x-content-type-options: nosniff
age: 43614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1199
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 05:18:35 GMT

GET
H3 200 moto_left.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 36ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/moto_left.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff26b2b7978ef9b5277929486fe406de2b41ea27fbde8ac274e7460577e76a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 moto_left_fumee.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 4 KB
4 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/moto_left_fumee.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

640137231c517f27f18c197b0a245147f8dc4f76e349c763b8db68154ce64643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3926
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 pegi_small.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 421 B
448 B 38ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/pegi_small.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c0e1787e3166cd3a6db171db514181cc71b88438f41c3e9382d1911c155f772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 421
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 plane.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 984 B
1011 B 37ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/plane.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10aa93d74439a122bb05968773720307c6c674db6d7b36b710d6e2e016782aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 984
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 ray_spot.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 784 B
812 B 37ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/ray_spot.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b830f994a8b57dfbbbccbf9e2c1e07cee4b05d5770d7e3a5e72d9ac644e52f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 784
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 signet_small.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 2 KB
2 KB 36ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/signet_small.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dca360b20f65cf50e1fbf3184d2485151b6d2237f005fafd819081ae5d544ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2209
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 smoke.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 2 KB
2 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/smoke.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1381342de828450f4e9751422509b5aa2af654ee8434bca867ddfbc878825f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 22:01:48 GMT
x-content-type-options: nosniff
age: 156221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1766
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Sep 2024 22:01:48 GMT

GET
H3 200 texture.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 6 KB
6 KB 37ms
36ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/texture.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd81db7645fd77d79b67df57764dd053aef1c8203a1325e7eb6418fe0fc66bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5876
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 voiture_1.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 11 KB
11 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/voiture_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

930376783a477e885caa0752a19341f1c07018dd70ccf32053017975fc48a262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11172
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 voiture_1_mask.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 37ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/voiture_1_mask.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

434a404b559c98e82c5a5870feab654af3c4c7381f632f0abc0a18d7d6f00351

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1464
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 voiture_2.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 6 KB
6 KB 37ms
36ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/voiture_2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64a278a7ae4572cc9a52ee188838df60bbc001a60d83c8687f4fffd5776a28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:57 GMT
x-content-type-options: nosniff
age: 25172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6528
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:57 GMT

GET
H3 200 voiture_2_fumee.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 5 KB
5 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/voiture_2_fumee.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bcba0f78f143f4af4d5306998377581d1b365fbecffc8f35d3dc3b2b7ca5a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:26:00 GMT
x-content-type-options: nosniff
age: 25169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4650
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:26:00 GMT

GET
H3 200 voiture_2_mask.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 2 KB
2 KB 36ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/voiture_2_mask.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d17573b1143588bb36066691afe6c4bc22b7f6e6a86987f3842594b043a8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:05:36 GMT
x-content-type-options: nosniff
age: 202793
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2415
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Sep 2024 09:05:36 GMT

GET
H3 200 voiture_left.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 1 KB
1 KB 39ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/voiture_left.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cbfec55e6fad449a56cb4929a26830c10972fa1d6c4a9222037b2a4a67db1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:58 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:58 GMT

GET
H3 200 voiture_left_fumee.jpg
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 3 KB
3 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/voiture_left_fumee.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a35bf61ec6e3ad7a4f2f9d1f76114b009683ff99bc8a44d3b54020e88e9a032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:58 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3338
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:58 GMT

GET
H3 200 voiture_middle.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 955 B
990 B 37ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/voiture_middle.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c870d7d88f57a78755bac614e49cc4b8e0705e77be3e66661a8cab561ac69f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:23:48 GMT
x-content-type-options: nosniff
age: 518501
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 955
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Sep 2024 17:23:48 GMT

GET
H3 200 voiture_middle_fumee.png
s0.2mdn.net/sadbundle/17322038452853571179/images/ Frame 8B28 2 KB
2 KB 38ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17322038452853571179/images/voiture_middle_fumee.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48278f187da5ea00b109ec34f5b4c3c33b01e69a7123ed0679d6aedd2b012e8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17322038452853571179/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:58 GMT
x-content-type-options: nosniff
age: 25171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1589
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:56:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 10:25:58 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 00:19:45	Name: is_unique Value: sc12916097.1694625922.0
.statcounter.com/	1970-01-21 00:19:45	Name: is_visitor_unique Value: 1694625922164016787
.xgcartoon.com/	1970-01-20 23:29:21	Name: _ga Value: amp-b9BLOFmzR_Jqbw47lgLEsg
.doubleclick.net/	1970-01-21 00:05:21	Name: IDE Value: AHWqTUl4VGaNzjkArmFqfamwjguGkt6HXTkMLY7SNnIVWrq36M7FxQyo8bKmehdFkNc
.doubleclick.net/	1970-01-20 14:43:49	Name: DSID Value: NO_DATA
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1694625927%2C%22utid%22%3A%22815f2f4ad4e26fa2d942d9085ab6bce8%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.casalemedia.com/	1970-01-20 23:29:21	Name: CMID Value: ZQHwh69AeSCpwDk0aF-0KQAA
.casalemedia.com/	1970-01-20 16:53:21	Name: CMPS Value: 5223
.casalemedia.com/	1970-01-20 16:53:21	Name: CMPRO Value: 5223
.adform.net/	1970-01-20 15:26:57	Name: C Value: 1
.w55c.net/	1970-01-21 00:14:00	Name: wfivefivec Value: PDbJBUT81QGtCf5
.adform.net/	1970-01-20 16:10:09	Name: uid Value: 5593958068771795751
.adnxs.com/	1970-01-20 16:53:21	Name: uuid2 Value: 7192249609641966200
.adnxs.com/	1970-01-20 16:53:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaS[?hu`!1yIE`fS1ueD1W-044)d+]UgNT=%)W?NB1TSim^G@.AnfqF1M.2GAG$M3L+G9RFMZ9T5_m!wxc5*%pt$
.doubleclick.net/	1970-01-20 19:02:57	Name: APC Value: AfxxVi5sOyltpdB1wC0u83eQ1FhI_aHqZMBtBUv08hjYXHJKAj6pYw
.turn.com/	1970-01-20 19:02:57	Name: uid Value: 3185558575510926123
.csync.loopme.me/	1970-01-20 16:54:48	Name: viewer_token Value: a23f7a42-c1e9-4cc2-8399-cf49bb8207bf
.everesttech.net/	1970-01-20 23:29:21	Name: everest_g_v2 Value: g_surferid~ZQHwhwAQAul8cAAN
.tribalfusion.com/	1970-01-20 16:53:21	Name: ANON_ID Value: aVntmIpyXahbqiVRFQm8ZaIhgtMdNF2JHprBmAm2N3gxTMgjUow5cnrXlJDdIQJrYt2onFUp6YuYOTuNpbw3VySW3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a272c55374fd3bdb7ceb988b322f460b.safeframe.googlesyndication.com
ad.turn.com
ads.w55c.net
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
code.createjs.com
csync.loopme.me
cti.w55c.net
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.w55c.net
ib.adnxs.com
match.adsrvr.org
pagead2.googlesyndication.com
r.turn.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-a.xgcartoon.com
sync-tm.everesttech.net
t.hspvst.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.xgcartoon.com
x.bidswitch.net
104.18.39.155
104.20.218.77
142.250.185.226
151.101.130.49
154.58.197.185
169.150.222.217
172.217.18.2
178.250.7.11
18.158.137.139
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2600:9000:20c3:d200:3:4706:a6c0:93a1
2600:9000:25e8:7e00:1b:5138:8a40:93a1
2600:9000:26da:6000:1b:f040:3600:93a1
2606:4700:10::ac43:2a0b
2606:4700::6812:18ad
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a02:26f0:480:f::213:7edd
2a02:fa8:8806:13::1400
35.186.253.211
35.214.182.92
35.71.131.137
37.157.5.132
37.252.171.85
52.29.79.55
02811bce4185fdc056d078e6d40ab27446ed0e074a8a3ba7ee918ca7ba8263d3
03aa664d9c570e2bfea4db45036db163aa771b9ace92803bab71c95d8ba4eb2c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbbe27a91eb385c7f86d2203bd841747096782df337bae2afdb74cf4fe90258
0c25bf63b34db2733d7f0921aa8d3216c22b9685251419b84b6f5ac607fbd99e
10aa93d74439a122bb05968773720307c6c674db6d7b36b710d6e2e016782aa7
1268da20935d6e17ff1497e845f1522d198e24d800cb5251ab0bb13d7b928cc8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16b08832885955f456d90d0d73157e6148a8afc16834a0cd1f7a5d146ec3f8a0
17d519323ebc610ac4468006f60b289ba20365ef159c2b86ee62336612edcb0a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19485de6a6a911fb6ded6327440dfbd458286a6f5d7f4e9469d653cec94e6799
1a577e88bf8abf36e0a6bbf16d0d7816062c4a63cde3be409caa0548f36a7ab6
1d129709e2ae7917ef81800739d3ff586aafac1e2feb8822b837dbf3a8a9a600
1d3570d2de60c47940f8c80d5b642d2bcee72a9f8aa0b110c804f41e899d9156
1d5ea1388385d285e2748cce48b0d56a030ff7aa1416eceae44d3e76ff36e760
1e8d7b58a7d85453ef7267e187eddd9181d35c4c8d2393ed9563aa9a0089e2d5
29f5bca02afd4b92821ee9127e9be1f4a03901712c393d59176c4d1bba83a351
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
2c0e1787e3166cd3a6db171db514181cc71b88438f41c3e9382d1911c155f772
2cbfec55e6fad449a56cb4929a26830c10972fa1d6c4a9222037b2a4a67db1fa
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
355a21b458fbaddeb208a121991878e8c1863c7786838a67790975b68c039ab9
3803d3e367841d28a6fa7b2183a24a2532dfe1f26eb9f0cd3aef3115b692974d
3c776847150b06230b956823c80e86ab1afa2115518a9c57ef9c818b74efcb68
3dca360b20f65cf50e1fbf3184d2485151b6d2237f005fafd819081ae5d544ed
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
434a404b559c98e82c5a5870feab654af3c4c7381f632f0abc0a18d7d6f00351
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48278f187da5ea00b109ec34f5b4c3c33b01e69a7123ed0679d6aedd2b012e8d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4960de78c2158cd63dbe33513fb815dbb001453489e3d5077aff2fa3bf582529
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcba0f78f143f4af4d5306998377581d1b365fbecffc8f35d3dc3b2b7ca5a2f
4d1942c1c3e376ef68c882e14944232a1ebbd1a1d95499f9019b7bd245b08534
4df8bafc7f8870c92a3d81be08fbab07221211460a4a4afbd659978dc5e882c3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee644edebf519a4e4ac8315873624b40c325326dd837f7e69551313f0e85f09
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53c9f397c9b402fcc2adc76f69e800b2fb9a2c9ec124eb3660a7394c30c8cf97
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a7a8dfbb250f11a2d3acb21e1c59251dbb5b22c0b427904224d58a17f9afa48
5b5bf86558934b68f6a6284900ba8f733bd7c22bb3c72bd26471843a44bb743b
60c66e4b8d6a036aa05a4102e73f989d528d1f0928fe537b3a63a9464f5d2f0a
60d17573b1143588bb36066691afe6c4bc22b7f6e6a86987f3842594b043a8ad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
640006c6533ac46b8d494a22517cbff2c990d5a427ce0c0cf1d531e344ff4077
640137231c517f27f18c197b0a245147f8dc4f76e349c763b8db68154ce64643
68b94cb034c8b8f54d756685f24c5ff09c4ae16b1722aeac0c47c9053050fb46
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6f4bb261a74005fd2398980acaddb4c50127f8920b92435eaf04ea2e4c4f5ba7
6ff26b2b7978ef9b5277929486fe406de2b41ea27fbde8ac274e7460577e76a1
70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b
7971bf0a22f00da3cf0feb9f625b42f2106753a333d6a18f400a9af98842de05
79e7891b60b7a80d220c4c112710cdfd4aac0341d6fb723f0a6f37b8def8b10d
7a35bf61ec6e3ad7a4f2f9d1f76114b009683ff99bc8a44d3b54020e88e9a032
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8466410b2657a6b236e5eafd586f4a9f640a8166c7d183464c4a7ae307f6d70f
8561cd84f1fa2d010bf429cd686c4fdbf27d18a694a48eb1adff72aa3e586ccd
8804467c9d8f6f91afcad25bad0600cf18ee4969c19953a2a3fd3128bc494149
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8a339d65603d8450787d39f812032c0f0d071aeb1aa670f76427a759a9330440
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
905aa695b7f06692210a97e9d1e8c8c8c2c24d817129355884e1702bee6cdafa
926b25e086a993e0e8c3bc20400e43bdfed82b6def075791038aef2fe96f2aaa
930376783a477e885caa0752a19341f1c07018dd70ccf32053017975fc48a262
96b3caa4d6e56ccbd206fb260d627d653af0caf2f2dd7c67b15dc6bf811252c5
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
98d272b4525bce1ab0accaba6ccae87c8b72e24ac77f7b76fa2ad10ed8a5fad5
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d7a8d39998604d1e27c288bc9d4dc571782bf2662329f8dd05b9760150cc624
9f9ade6e3af2c4df6bd41d97d6b3cf7151788792e7801d45b87890e6620e857d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a19b4fc58052dea835298ecae04fdd4541d4fe64618b35ccae53c5631d95da7c
a2d0d3fdc1c807ba04b6a66564b4db6c0a1d997cc3b655e60f9ae294c5668225
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
abb10cb48ee591b0c9f225840cbe5db42325f2b8a6e6de024d42f1b35d2c05fb
b0d72a01e38febc03edb1ebbe3fb5b88e3976f7f5653af916be131ed3259bddd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b195fc6187b407ed279e47fec58aa53bbc7d9dab5121c1663a47d861af3fa4c3
b1c870d7d88f57a78755bac614e49cc4b8e0705e77be3e66661a8cab561ac69f
b5d4dbba3c898b11aca6083d4aefd113f16b72cde7b7bba3c91bdf2bd7d785f8
b66d15aaf0e154da35bb055804627bfa094ce6a28187c13d011efd52f01bf6a8
b830f994a8b57dfbbbccbf9e2c1e07cee4b05d5770d7e3a5e72d9ac644e52f40
b9e5e19ad973ee839b37434359c2a820468a5b651524b8ff88fbd10053112d7a
ba6127fb0dda1723841b4cca8f8cb995d8f07045a2dc9c28d548b4c7e19efb43
baeb44fbcc34426a9ecaa6da2af021848c04d86850235f2d53503f7e2abf6df0
bb61050b192170733676f7dd707e4e0e69f03dd36e29bcef45f0b693fa0887de
be8369cde59152040e83ce8fa0f805fe897d7aefcb55143aa80d1274eac23185
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c2313b832ea2d9d8e3c1b5bd2b9ca3498ffe84065c84294ead0a6617f8c1241a
c2c51c1cf699d852f931e465d4fafd201c4b07ae408f25122226846264c843fb
c592749a16b171b837c7281e76c8539faa8c4509fd637a3d239fe6aef5d84eb8
c5bdf490eee0d7fc47036c7038b25b54128d1946aefd75de8275e3e4c53d2d4c
c721670cec5238f96996b4e4f26b3de20d6a9172c6aa8ec9aae703756b7f2b6e
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
ccc05ff0673263cfbb1058cea37c5dbeeef1904a1b2917c6f4a2434b19c96857
cd81db7645fd77d79b67df57764dd053aef1c8203a1325e7eb6418fe0fc66bc9
d35ea374d1cf77e05493b27871f84f8ac8aa266f89fd076f6f50a6e6f4690c4b
d64a278a7ae4572cc9a52ee188838df60bbc001a60d83c8687f4fffd5776a28f
de07c17694b3b586ecfea8692d819b3fa27a3ed4d895cbb25c48a1c52a8a9d26
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d
e171a7fdffab35925046826f6f327386fed298bc4aa24357748a2d912d79a7dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e53221fe168ffc2af2288372a3443cf677dcbb87297b025f543ca4f256564e86
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
ecf56b2cabe2c48361ca22818fa72ed1f7fcc164dd5c57868f112ba49dd03f6b
ed153d3cbed8c84e434a3c1cf37e95b2f271d22aa5019809a6ce375fbd0f9aa4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1381342de828450f4e9751422509b5aa2af654ee8434bca867ddfbc878825f6
f702c629b6d91fcd615affd71dc1d4a7f4e2d37dc16b0b0649f1447491c7e8d1
f868be2d5fe7cc6847dcff4e93be0431d6e3d65976cbd95371cd8ddaca4612c1
fc9b1b16fef7438d8dfa6a25f84c504c012e06c3e435ac4c9a8a13c72974d493
fd8772a0b62ae391e00b508dd8859f4eab7ea6319916ee54fb644b0bb017194c
ff2239afa3d30c04b4232c294e502b6094529c93548dcc73fd379a7dedc1f97f

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

199 Requests

94 %HTTPS

55 %IPv6

25 Domains

37 Subdomains

31 IPs

10 Countries

2565 kBTransfer

6292 kBSize

20 Cookies

1 Outgoing links

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

94 %
HTTPS

55 %
IPv6

25
Domains

37
Subdomains

31
IPs

10
Countries

2565 kB
Transfer

6292 kB
Size

20
Cookies

199 HTTP transactions
12 data transactions