www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Submission: On October 31 via manual (October 31st 2023, 9:12:55 am UTC) from US — Scanned from CH

Summary HTTP 226 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 11 countries across 35 domains to perform 226 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.218.77 104.20.218.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::ac43:2a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 23	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
54	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
5 24	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:fa8:8806... 2a02:fa8:8806:21::1720	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4 4	18.158.5.115 18.158.5.115	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:211... 2600:9000:211e:9000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.95.122.74 52.95.122.74	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2 2	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	20.253.86.149 20.253.86.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	54.220.88.250 54.220.88.250	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1 1	3.210.56.15 3.210.56.15	14618 (AMAZON-AES) (AMAZON-AES)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	54.197.54.94 54.197.54.94	14618 (AMAZON-AES) (AMAZON-AES)
1	35.73.229.47 35.73.229.47	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
11	2606:4700::68... 2606:4700::6811:c96e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:307e	() ()
226	29

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:2a0b (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.185.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:21::1720 (Singapore) 2 redirects

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.158.5.115 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-5-115.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:9000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.122.74 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.208.249.213 (Council Bluffs, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.253.86.149 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.88.250 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-88-250.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.56.15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-56-15.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Mossingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.180 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.54.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-54-94.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.73.229.47 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-229-47.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:c96e (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:307e (None, )

ASN- ()

shared.bannerflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	googlesyndication.com 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com	1 MB
64	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 ad.doubleclick.net — Cisco Umbrella Rank: 154	564 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	251 KB
11	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 8923	133 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com — Cisco Umbrella Rank: 999053	380 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	3 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	575 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	473 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	4 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	2 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	489 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	647 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2249	901 B
2	mediago.io 2 redirects trace.mediago.io — Cisco Umbrella Rank: 904	871 B
2	inmobi.com 2 redirects sync.inmobi.com — Cisco Umbrella Rank: 1562 mweb.ck.inmobi.com — Cisco Umbrella Rank: 2875	1 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890	2 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	888 B
1	bannerflow.com shared.bannerflow.com	63 KB
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 7108	44 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	1 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	363 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	583 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4670	616 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 13528	575 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	629 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9432	334 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 440	921 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 716	475 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	googleusercontent.com lh5.googleusercontent.com — Cisco Umbrella Rank: 159	99 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	247 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 9937	469 B
226	35

	Domain	Requested by
54	pagead2.googlesyndication.com	9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com pagead2.googlesyndication.com 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
30	tpc.googlesyndication.com	9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com googleads.g.doubleclick.net www.xgcartoon.com tpc.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
24	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
23	securepubads.g.doubleclick.net	1 redirects cdn.ampproject.org www.xgcartoon.com 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
11	c.bannerflow.net	s0.2mdn.net c.bannerflow.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com googleads.g.doubleclick.net d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
9	www.google.com	1 redirects d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	s0.2mdn.net	d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com www.xgcartoon.com 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
8	www.googletagservices.com	9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com	cdn.ampproject.org
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	googleads4.g.doubleclick.net	www.xgcartoon.com
4	x.bidswitch.net	4 redirects
2	onetag-sys.com	1 redirects
2	d5p.de17a.com	2 redirects
2	ad.doubleclick.net	1 redirects d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
2	www.googleadservices.com	d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
2	sync.1rx.io	2 redirects
2	match.360yield.com	2 redirects
2	trace.mediago.io	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
2	dclk-match.dotomi.com	2 redirects
2	9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	shared.bannerflow.com	c.bannerflow.net
1	cc.adingo.jp	d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
1	sync.srv.stackadapt.com	1 redirects
1	dis.criteo.com	d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	fksnk.com	1 redirects
1	im.bluevoox.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	id5-sync.com	9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
1	sync.inmobi.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	cms.quantserve.com	9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
1	lh5.googleusercontent.com	d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
226	45

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.adingo.jp Amazon RSA 2048 M03	`2023-09-13` - `2024-10-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-11` - `2024-05-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Frame ID: 68228CFBE7E7A384CAA45F1ABC6951FE
Requests: 38 HTTP requests in this frame

Frame: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 4EE0A93FA6EB372092CF53AC37F5B946
Requests: 13 HTTP requests in this frame

Frame: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: A395094B4E142CA2C4F2C96F1BE26791
Requests: 12 HTTP requests in this frame

Frame: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: FADB8B44E2F9E3505601BB1EB5A597AD
Requests: 10 HTTP requests in this frame

Frame: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: A38616A83EF8667B086EF0811329348C
Requests: 10 HTTP requests in this frame

Frame: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 04CF4159B212EC8AA3A0381E1E0739D7
Requests: 11 HTTP requests in this frame

Frame: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CE2271F5EC58AA15A9A0DDB882276C5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: 65D2F70D7384898D464693CB426222D4
Requests: 1 HTTP requests in this frame

Frame: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: ED2E198545B9C1EF1ED280715C7C63C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570325&bpp=177&bdt=148&idt=426&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1498670183&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079085%2C44805934%2C31078301%2C21065724%2C31079295&oid=2&pvsid=3119154461606836&tmod=1254145729&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m7oneefnuxvs&fsb=1&dtd=436
Frame ID: 4128E9A57BBF239C347B35A5941660E8
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570373&bpp=174&bdt=177&idt=396&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=2281615176&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079080%2C31079086%2C44805933%2C31078297%2C31079156&oid=2&pvsid=417700801574402&tmod=1373947432&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4b1y1eqmp3ko&fsb=1&dtd=407
Frame ID: 0D4176F21A7EC31342A30C6B7A8E44DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046729&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570378&bpp=204&bdt=180&idt=439&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1710351029&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079192%2C42531705%2C44805934%2C44807048%2C31078297&oid=2&pvsid=2854771269670646&tmod=1593928798&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bow9vyjybuzn&fsb=1&dtd=445
Frame ID: F39060CFED6C194F90DBF99AE5BC42AD
Requests: 1 HTTP requests in this frame

Frame: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6A36F4160651901371AF697D870CCD85
Requests: 13 HTTP requests in this frame

Frame: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8E9797FD5321B4EDD7BE91D275A1360C
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNXkXYnfHYZd9_PRgGtHfAU70gJZ02oBStrbR09ndSzyDFoWYuj9NU7bfAHpRbc6sQwzt719tuCQGb212Cnjt1cWA8Tmow
Frame ID: B90B4CCF43E86334AE9BF3532C7BF8BB
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf1-_ICEKb9pcgFGKDi1PsBMAE&v=APEucNV0FDJzgzxb4Apzp5fQ9SmNmFS5GQzY2pjIakPG-U3hAthrTHPK6AxKbdsURq1TFFvGC7bfhQj8DBNoUsdINBNtveuTcg
Frame ID: 60C7C39BDC4FA3A927B9437753D27DCD
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8D75DAD8BE7C52A1666CEAA0B9F39955
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B7AB3ADAE69CCE4242A393A1655F5FA1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CD38E3395B51D12D171A7935F3DC1950
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2108D541DC0418E6E77D93EDB9ACE921
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 38903730EDEF6AB958BF860945F0825A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CBB76B3995D609716F9B5765A8CC3431
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10710448431421194240/DE-CH_interest_rate_retargetingV3-DECH-728x90-638330569429379235-cf690341-619d-4777-a504-5e9d2673923f.html?ev=01_250
Frame ID: B1BED3A955251AFF7A29D132552B963D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5487018471858690984/Banner-728x90.html?ev=01_250
Frame ID: 3C24A3E8505F10C45D5D661BAAE7EC4D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6697EBE1F6E73DA0049122365ECE5C11
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E25C1B7549D2F90193FD2478C2A7C2B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 84D9DEAA1856A5F949438D6D6C9EBA04
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D17FDF2EAEDADE16EBFA6F107AD6F096
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5034DBC70E5214E486E3E0CFB9DE8B33
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FAF3030A6E3D1DDF8F1A512BB35B199E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD325CC74622B3019779C1F89CB501C7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA06DCC058E903A335CB7337E2F26311
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21E8CFBA7CF5CCDA35CF2582441BD2A0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7094FB85EFD0C0FA26FACF4ED3C460A7
Requests: 2 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/897cc092-670f-4434-8d25-4515492ebffe
Frame ID: 8B2FA722C2850AC314CA62E07074AC03
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Frame ID: 97F609D889ED75745371537A44977E8A
Requests: 4 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: B9C994F04FFABD2145A26FBC85A3873B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍴精靈寶可夢第1季無印（寶可夢無印篇）【粵語】免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Page Statistics

226
Requests

89 %
HTTPS

40 %
IPv6

35
Domains

45
Subdomains

29
IPs

11
Countries

3588 kB
Transfer

8863 kB
Size

38
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1

Request Chain 96

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUDFEwj9GFM2YcKJYbgoLgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1

Request Chain 110

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUDFEwj9GFM2YcKJYbgoLgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1

Request Chain 122

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEB2cjLeDjzxTpguPprQhPg&google_cver=1&google_push=AXcoOmRVJqoVgIaiVqhR8r9BNUof2Mix1rTxzrLsxGcI2lPUdPh9tM3KL7ZngB-CnKPrGeIJYhi1adRAuC6nCdZZXU72GIAcsZTXmg HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=78b652ca1aa015bb&is_secure=true&networkId=14000&version=1&google_gid=CAESEEB2cjLeDjzxTpguPprQhPg&google_cver=1&google_push=AXcoOmRVJqoVgIaiVqhR8r9BNUof2Mix1rTxzrLsxGcI2lPUdPh9tM3KL7ZngB-CnKPrGeIJYhi1adRAuC6nCdZZXU72GIAcsZTXmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHuGaH4Ge4agMjI6sfAAAAAAA&expiration=1698829971&google_cver=1&is_secure=true&google_gid=CAESEEB2cjLeDjzxTpguPprQhPg&google_push=AXcoOmRVJqoVgIaiVqhR8r9BNUof2Mix1rTxzrLsxGcI2lPUdPh9tM3KL7ZngB-CnKPrGeIJYhi1adRAuC6nCdZZXU72GIAcsZTXmg

Request Chain 123

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH4gp_Fv6HpVTg5eGIkcO2I&google_cver=1&google_push=AXcoOmQcUhx8p2qIOvVKsT9ZFE3dB9DRONrAXgTlfyRgu0yh3snjLW_dbWd7VaGMNZCvhORXR9BSixRBF-6jbIxd8CY3Z9E-bfzFog HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH4gp_Fv6HpVTg5eGIkcO2I&google_cver=1&google_push=AXcoOmQcUhx8p2qIOvVKsT9ZFE3dB9DRONrAXgTlfyRgu0yh3snjLW_dbWd7VaGMNZCvhORXR9BSixRBF-6jbIxd8CY3Z9E-bfzFog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQcUhx8p2qIOvVKsT9ZFE3dB9DRONrAXgTlfyRgu0yh3snjLW_dbWd7VaGMNZCvhORXR9BSixRBF-6jbIxd8CY3Z9E-bfzFog&google_hm=_-9ebMBlSWiMsor5n4_hIg==

Request Chain 124

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECYBmCi56JQBBhrLsOGJnZQ&google_cver=1&google_push=AXcoOmT3PsNlb6AcrwXAMTXbXGFCYf_bo8FLRcbRCe2IM2qzHvw8jfGANMLRMAfMw1dIbcBZdMbgtdDitlZkOUqtxEzxtQ55LByk1g HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=0b8e256cf9&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=0b8e256cf9&gdpr=0&gdpr_consent=&dcc=t

Request Chain 125

https://sync.inmobi.com/gob?google_gid=CAESEEbCtfmbUWzlnGVocF-YUhM&google_cver=1&google_push=AXcoOmSJbVGpBpnYxxz0J-7QeSoOrhwOHDwZn4qZPWSoy7Aq2WGr7NVuiQ4k2x7MwEJtuJtLeLXIuQKcgA71a_HpAtVe7DipOJTxgn4 HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSJbVGpBpnYxxz0J-7QeSoOrhwOHDwZn4qZPWSoy7Aq2WGr7NVuiQ4k2x7MwEJtuJtLeLXIuQKcgA71a_HpAtVe7DipOJTxgn4

Request Chain 126

https://trace.mediago.io/cs/google?google_gid=CAESEMAqlPOxn-Rvc5R8TNZzRN4&google_cver=1&google_push=AXcoOmQIwBYlHWYCet7qe3Zz0u6EKS7_HzHQxWXIqtkwyEwsFGJNX9OCVQJfGeJeX88u3XQ9ewqGNaR--m1-GA2swd6nliaZVdMErQU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQIwBYlHWYCet7qe3Zz0u6EKS7_HzHQxWXIqtkwyEwsFGJNX9OCVQJfGeJeX88u3XQ9ewqGNaR--m1-GA2swd6nliaZVdMErQU&google_hm=f34e9699ce05e31d104tr600loe428sg

Request Chain 127

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJSRB9U9g6l08KM6ip6KlDY&google_cver=1&google_push=AXcoOmQF15pnU5gwFuvc1AaOXK-eB0izOGbXPEzflCGQlYKtUYCPt1AZ_Ck4Hr1XE3G1wZMeQ_bYnNzj3djBuz9Bygh3QPTI8BkJO5k HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJSRB9U9g6l08KM6ip6KlDY&google_cver=1&google_push=AXcoOmQF15pnU5gwFuvc1AaOXK-eB0izOGbXPEzflCGQlYKtUYCPt1AZ_Ck4Hr1XE3G1wZMeQ_bYnNzj3djBuz9Bygh3QPTI8BkJO5k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ffef5e6c-c065-4968-8cb2-8af99f8fe122&%%GOOGLE_PUSH_PAIR%%

Request Chain 139

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEHjUS15pVlWJDm8GM2gPgt0&google_cver=1&google_push=AXcoOmRwiyJYHbnwmv99uvjOUwcTH_inWIpyn-7ezOZXMoqLJBYG5ztzA7hTaS-aUR0D-FRf13kxBjQvA2IiS4QH91lkLxlV20qU0WskPaBKZlNxdgoMMjRbiDkaDvHKEjrRbtEfCMBsRGoUsE8EAk93bT0Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDM5ZDYxYzUtMDI5OS00NjI1LWEyNWUtMTJiNDYwZTgwOTI5&google_gid=CAESEHjUS15pVlWJDm8GM2gPgt0&google_cver=1&google_push=AXcoOmRwiyJYHbnwmv99uvjOUwcTH_inWIpyn-7ezOZXMoqLJBYG5ztzA7hTaS-aUR0D-FRf13kxBjQvA2IiS4QH91lkLxlV20qU0WskPaBKZlNxdgoMMjRbiDkaDvHKEjrRbtEfCMBsRGoUsE8EAk93bT0Z

Request Chain 140

https://s.uuidksinc.net/match/47/?remote_uid=CAESEPQFanb1bvynCFZWapFEGpc&c_param1=AXcoOmQb6NXAJO3Ks_kIW58i0uWFTnrfxOOtlumZYblCFmufZtNPGvR0wTWxPu8b0ZiLxyP7ilWz8dxsBKTo1Y1FRP8OwkJXVBEFSCZyQj_H1ynw9qQ-7RnXFT8w0kSVjdw2iGbQZvc11Bu45Me4_DnHVOM&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQb6NXAJO3Ks_kIW58i0uWFTnrfxOOtlumZYblCFmufZtNPGvR0wTWxPu8b0ZiLxyP7ilWz8dxsBKTo1Y1FRP8OwkJXVBEFSCZyQj_H1ynw9qQ-7RnXFT8w0kSVjdw2iGbQZvc11Bu45Me4_DnHVOM

Request Chain 141

https://match.360yield.com/match/ebda?google_gid=CAESEDbN-FbOwhgzph8RNjAw434&google_cver=1&google_push=AXcoOmQM4vRqMgFPAoZOK1s8OwDR_49aaNN5jv4INmbWzBNrQDNpmWHFa7ZTtsT42NUc2TvVTNpfp2cRsCzoMwNJ_Z0hrCLOFHA8iqBQ7wCZDhSdnoSXqDslnwAL5hn11Vl5IPdym70rgN3wfNQwJvDGk00 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDbN-FbOwhgzph8RNjAw434&google_cver=1&google_push=AXcoOmQM4vRqMgFPAoZOK1s8OwDR_49aaNN5jv4INmbWzBNrQDNpmWHFa7ZTtsT42NUc2TvVTNpfp2cRsCzoMwNJ_Z0hrCLOFHA8iqBQ7wCZDhSdnoSXqDslnwAL5hn11Vl5IPdym70rgN3wfNQwJvDGk00 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1bk700BvSXSLtqmmXVIEvQ&google_push=AXcoOmQM4vRqMgFPAoZOK1s8OwDR_49aaNN5jv4INmbWzBNrQDNpmWHFa7ZTtsT42NUc2TvVTNpfp2cRsCzoMwNJ_Z0hrCLOFHA8iqBQ7wCZDhSdnoSXqDslnwAL5hn11Vl5IPdym70rgN3wfNQwJvDGk00

Request Chain 142

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC3nIZNOrMg7Hq_R1-17o_s&google_cver=1&google_push=AXcoOmQ3-pqdwDrW0Od7caqHnFoJKsgNlvgk3MjM8vahShh8rTgE09E2y786c7yEdH_MCPG97vFM4yQ9XYkvrJ6oCzJvwRNZ1bsU1M5-vlk8lVUNWVICi3c9XI-RJNDT1JXNEhDNm-FPZatRRHatmK303ig HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQ3-pqdwDrW0Od7caqHnFoJKsgNlvgk3MjM8vahShh8rTgE09E2y786c7yEdH_MCPG97vFM4yQ9XYkvrJ6oCzJvwRNZ1bsU1M5-vlk8lVUNWVICi3c9XI-RJNDT1JXNEhDNm-FPZatRRHatmK303ig&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1698743571605 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-252d82a3-6222-4550-9630-3b6ed6c02ffa-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQ3-pqdwDrW0Od7caqHnFoJKsgNlvgk3MjM8vahShh8rTgE09E2y786c7yEdH_MCPG97vFM4yQ9XYkvrJ6oCzJvwRNZ1bsU1M5-vlk8lVUNWVICi3c9XI-RJNDT1JXNEhDNm-FPZatRRHatmK303ig%26google_hm%3DAyUtgqNiIkVQljA7btbAL_o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ3-pqdwDrW0Od7caqHnFoJKsgNlvgk3MjM8vahShh8rTgE09E2y786c7yEdH_MCPG97vFM4yQ9XYkvrJ6oCzJvwRNZ1bsU1M5-vlk8lVUNWVICi3c9XI-RJNDT1JXNEhDNm-FPZatRRHatmK303ig&google_hm=AyUtgqNiIkVQljA7btbAL_o

Request Chain 143

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEHjQ1jdIbKOePmK6yTjYZzY&google_cver=1&google_push=AXcoOmRboKC3bTWpHV3WiUjEkkTyOjoDDVwrct9JbtqY958ZMqep1hpyyLRuYjLxCZVWmampnYaQEomEbGLexM_s_Ow6cOWv4-ZS3tR_GWkz8za-T2j2OCmtGlge8SpIFlW3Cv2u2Q3Y4TZ4c5LRSOTiFBL9qA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRboKC3bTWpHV3WiUjEkkTyOjoDDVwrct9JbtqY958ZMqep1hpyyLRuYjLxCZVWmampnYaQEomEbGLexM_s_Ow6cOWv4-ZS3tR_GWkz8za-T2j2OCmtGlge8SpIFlW3Cv2u2Q3Y4TZ4c5LRSOTiFBL9qA&google_hm=QlMuZTBjMS1lYjc1LTQ4ODItOGQwYg==

Request Chain 144

https://trace.mediago.io/cs/google?google_gid=CAESEMAqlPOxn-Rvc5R8TNZzRN4&google_cver=1&google_push=AXcoOmRXJlR5h5OcAfNOiRLQn8v13QvCCfrpyix_rsgQBWw7pguGaGlPaV4H3sAh_f6HIzhBqyP-RYKk6CafQuEFA_Ri1FlIv5SUHF2zMu0fU1h9sYcj1P4jul8BQ-Z4zrPQDb2SSH-5zxOZ0KFSPdDn-Y_B HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRXJlR5h5OcAfNOiRLQn8v13QvCCfrpyix_rsgQBWw7pguGaGlPaV4H3sAh_f6HIzhBqyP-RYKk6CafQuEFA_Ri1FlIv5SUHF2zMu0fU1h9sYcj1P4jul8BQ-Z4zrPQDb2SSH-5zxOZ0KFSPdDn-Y_B&google_hm=f34e9699ce05e31d13lnaf00loe428sh

Request Chain 160

https://securepubads.g.doubleclick.net/pagead/adview?ai=CjnUPEsVAZfLdIInD3gPa0oCwBeGzn71zjp6w6vUR8C4QASDTy84wYPWVzoHgBKABgqmxiQPIAQapAvD7fSUflbI-qAMBqgTrAU_QY6TwqJMPKNIC1tQ_pQ3irGC1D7H4CeP1kIV7bf-RzbcEmk35QYHEtb1NtrgkrxD7mbOa7zqya4WYLXQLVIxMPMqu0FgIXRHPwUQK3SpM3SzVli4O4zQPGc2N04foTA2s4-oyUyvKCwh8PZYx5XF-OnVuc8I5Y_SEG3L829iB3kGvzLp0aKYH-TXnBwCcQzxLOtHTad5ObUpmU7yba67Jqlr_Y57F6AGow1mpXyKX8WCVKs-tvQ7bjRPEgeApOV1V3i17PJqmwYBIr8_cHDWdSywBoC4eXBawCBAOlY-nLH69DeuPp9LDa_fABNyN4K7CBOAEA4gFk6Tu8kySBQYIAxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB-bWznaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChCCiQQY89WH-gHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJzQFodHRwczovL2FkLmRvdWJsZWNsaWNrLm5ldC9kZG0vdHJhY2tjbGsvTjQ5NjYwOC4yNzkzODJEQk1UUC1JUVVBTC1FREktRDAvQjMwNjU3Mjk5LjM3ODE1Nzk5MDtkY190cmtfYWlkPTU2ODk5NjMwODtkY190cmtfY2lkPTIwMTUxOTkxNDtkY19sYXQ9O2RjX3JkaWQ9O3RhZ19mb3JfY2hpbGRfZGlyZWN0ZWRfdHJlYXRtZW50PTt0ZnVhPTtsdGQ9O2RjX3Rkdj0xgAoDyAsB2gwQCgoQoOq7nuu2yLA3EgIBA-INEwjZuNb4-J-CAxWJoXcKHVopAFawE-j5nRXIE-W22-MD2BMN2BQB0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=dFnTdcvfia4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSKQDICaaNxsFvJg989C7cVd78ucrv1rEubdjINExZRG1doQJ716KHfiCHGAE&template_id=509&vt=10&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4075cb5b491ee6370000000000000000%22,%222%22:%220x710de3cccd3edefd0000000000000000%22,%223%22:%220x52ad047e2917eebd0000000000000000%22,%224%22:%220x5f9de813a7dc6c000000000000000000%22,%225%22:%220x2cffb454a2b81710000000000000000%22},%22debug_key%22:%227552309352583508240%22,%22debug_reporting%22:true,%22destination%22:%22https://doubleclick.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22824988802%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213803286020933204993%22}&andc=true

Request Chain 162

https://ad.doubleclick.net/ddm/trackimp/N496608.279382DBMTP-IQUAL-EDI-D0/B30657299.378157990;dc_trk_aid=568996308;dc_trk_cid=201519914;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1?&cbvp=2 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N496608.279382DBMTP-IQUAL-EDI-D0/B30657299.378157990;dc_pre=CI2C5_n4n4IDFZ-R_QcdI8EE-g;dc_trk_aid=568996308;dc_trk_cid=201519914;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1?&cbvp=2

Request Chain 173

https://fksnk.com/cs/google?google_gid=CAESEG6Z6aF2fbN4N5jZ6em3tP0&google_cver=1&google_push=AXcoOmRoUPncFWSK7cCQa4GX4FZYi9QRZQ5dl5vDb3nFXxYb-Y4Pvq5IuHe59hkO1tMN_SWn-IfpQmHb2hU3hTuutuBgg02_3Waj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Qzk5RDM3QUQ0OTk1Rjc5MA==

Request Chain 174

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFuq-AQNKvTK0WBiTSJY4Zk&google_cver=1&google_push=AXcoOmT-W_icufwsA-zGpvPWY7SH-gx2HDJO-7v8ZKwxW-LQ5GQXgtV5X1jwxxWyK1E4VJgxqiAR6pz9qSbqb-WmsjfPnlMgGC8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NjA0ODA4NjA1Mzc0Njg0NA%3D%3D&google_push=AXcoOmT-W_icufwsA-zGpvPWY7SH-gx2HDJO-7v8ZKwxW-LQ5GQXgtV5X1jwxxWyK1E4VJgxqiAR6pz9qSbqb-WmsjfPnlMgGC8

Request Chain 175

https://d5p.de17a.com/cookies/google?google_gid=CAESEFR8xqLK0CKBfhxEE7icXvE&google_cver=1&google_push=AXcoOmS63D965oHHvF7cvs3UMoPl4TnlmH0zjKDGzQRqxedO5flstYU2Qbme8anjw7ntf4-CgB3-SEsxnCOl4f2enIN_uLjf7HBG HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFR8xqLK0CKBfhxEE7icXvE&google_cver=1&google_push=AXcoOmS63D965oHHvF7cvs3UMoPl4TnlmH0zjKDGzQRqxedO5flstYU2Qbme8anjw7ntf4-CgB3-SEsxnCOl4f2enIN_uLjf7HBG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS63D965oHHvF7cvs3UMoPl4TnlmH0zjKDGzQRqxedO5flstYU2Qbme8anjw7ntf4-CgB3-SEsxnCOl4f2enIN_uLjf7HBG

Request Chain 177

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEO--rtipj7TlmMEAYpNlKrQ&google_cver=1&google_push=AXcoOmR6d8Of5Urnt90oOxTY52BgD88qgUV_NCYz6kmvhU41CPrrYQ-qRkK7rvtYYWE09RWU37mY5qhE8bwCPUU2KS2VxilJusPs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QjMBpBtEUZhhETDG9ru_RcPOaYY&google_push=AXcoOmR6d8Of5Urnt90oOxTY52BgD88qgUV_NCYz6kmvhU41CPrrYQ-qRkK7rvtYYWE09RWU37mY5qhE8bwCPUU2KS2VxilJusPs

Request Chain 179

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELxEWqSPlZy5F3fw54MTmtE&google_cver=1&google_push=AXcoOmRHORuGn5ezg2LYK6p6144Mcvbev0XU2uxJ-piFi1i1YCM1l0tEDJ8jKBOUQQazsx7hSmm0J2HwfrP2S7Ew-KnkHsTO7-25Xw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRHORuGn5ezg2LYK6p6144Mcvbev0XU2uxJ-piFi1i1YCM1l0tEDJ8jKBOUQQazsx7hSmm0J2HwfrP2S7Ew-KnkHsTO7-25Xw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

226 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan Show response
www.xgcartoon.com/detail/ 185 KB
29 KB 1357ms
663ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 81bb18f5d75f17662f36f678924e9e15e432fb814b2a35d6a948f7d382fa45de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 09:12:47 GMT
etag: "2e37b-dNM2qFMWzeU2Pcp+Xt0sd9Dw7cY"
expires: Tue, 31 Oct 2023 09:13:47 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
71 KB 151ms
73ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 09:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73031
x-xss-protection: 0
server: sffe
etag: "aa4f775a8c339659"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 09:12:48 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 108ms
31ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a260229e2c8fb6852923d6b674196f7d1409caac8203178d9efb04e29e9b60ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 09:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23156
x-xss-protection: 0
server: sffe
etag: "3c213f268fdbd259"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 09:12:48 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 113ms
59ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3163409afb54fe7233aa9744efb4da056312382e35f01bdf7b8c105e4961b9a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 09:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9440
x-xss-protection: 0
server: sffe
etag: "1721ed68f8c53d05"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 09:12:48 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 100ms
47ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2927beb7b152a1d6cf2976e3667c5048ca26f66679b7b483ea4e575eb197901f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 09:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14976
x-xss-protection: 0
server: sffe
etag: "ce64c02c827cb622"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 09:12:48 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 122ms
69ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b1e55c33e1d9ad97b57374de29319c6db85b90006189420aeee51e388e8719d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 09:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15385
x-xss-protection: 0
server: sffe
etag: "afe1415fd87696f0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 09:12:48 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 119ms
66ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2d893147bdb85c6671c355db1a5e0147ab1c28d300d26f4aa7c3fb2996f42ea

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 09:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4741
x-xss-protection: 0
server: sffe
etag: "55008ede120739f0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 09:12:48 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cb8d8e7c172a0ecd19f38e42f1f2e6e6e493ad343324caaa3ad7f5ad36060d3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 09:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10331
x-xss-protection: 0
server: sffe
etag: "b41f947096711238"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 09:12:48 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e76ecb8cb7acac46c85434f8c63a3cccd06a04765ef3ff726fc57308def2f3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 09:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32174
x-xss-protection: 0
server: sffe
etag: "2cc5105df4ab1fab"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Oct 2023 09:12:48 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
469 B 234ms
157ms Image
image/gif 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 81eac7472a566abb-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 353ms
352ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:48 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Tue, 31 Oct 2023 09:15:48 GMT

GET
H2 200 jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan.jpg
static-a.xgcartoon.com/cover/ 128 KB
129 KB 1005ms
920ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48e13597c690c299f5a24b6e7f4a1cdb0db6de27e64ce42e8f5eeca2692f133

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
cf-cache-status: HIT
last-modified: Mon, 09 Oct 2023 03:51:23 GMT
server: cloudflare
etag: "BE59FE3AEC214A91FDBE495AC110226A"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 81eac748f8dbbbef-FRA
content-length: 131536
expires: Tue, 31 Oct 2023 12:13:14 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 343ms
343ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:48 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Tue, 31 Oct 2023 09:15:48 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 342ms
342ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:48 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Tue, 31 Oct 2023 09:15:48 GMT

GET
H2 200 jiamianqishireviceliweisi-shisenzhangtailang.jpg
static-a.xgcartoon.com/cover/ 10 KB
11 KB 352ms
277ms Image
image/jpeg 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/jiamianqishireviceliweisi-shisenzhangtailang.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1305d7fe22cdb72433cedc38f8d72a05efb434400b066a5e42ec9a74ddd74be

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sun, 18 Sep 2022 06:05:14 GMT
server: cloudflare
etag: "CEB4A1CDBE0EF5E26AD14114CF8A6C5F"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 81eac748f8dabbef-FRA
content-length: 10641
expires: Wed, 01 Nov 2023 14:51:53 GMT

GET
H2 200 aldnoahzerohuoxinggongzhuazriyu-olympus_knights.jpg
static-a.xgcartoon.com/cover/ 71 KB
71 KB 402ms
327ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/aldnoahzerohuoxinggongzhuazriyu-olympus_knights.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae706a08fe337a95ff045fdae179d44e0e937a7c9af396c0ddd8f837e680bea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Aug 2023 08:13:46 GMT
server: cloudflare
etag: "3F32257B1177520652882B70658030A1"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 81eac748f8d8bbef-FRA
content-length: 72296
expires: Wed, 01 Nov 2023 15:46:32 GMT

GET
H2 200 yuedongqingchuntiaoyuehelefuxieriyu-gaosongmeixiao.jpg
static-a.xgcartoon.com/cover/ 49 KB
49 KB 1169ms
1093ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yuedongqingchuntiaoyuehelefuxieriyu-gaosongmeixiao.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a519a69711a4afaa89b35690561b45a6505efc7c9b495b3ad5efd95d29524a7c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Apr 2023 06:34:41 GMT
server: cloudflare
etag: "6E68B9BBBCF8D984C6A1FC8728964194"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 81eac748f8ddbbef-FRA
content-length: 50004
expires: Fri, 03 Nov 2023 04:57:31 GMT

GET
H2 200 wotianmingdafanpai_dongtaimanhua-tianmingfanpai.jpg
static-a.xgcartoon.com/cover/ 75 KB
76 KB 435ms
360ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wotianmingdafanpai_dongtaimanhua-tianmingfanpai.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7730df113cb00a7eebaa3bb187cfd50f92bded024a5f13d13eb550fee9ca9daf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 04:14:35 GMT
server: cloudflare
etag: "9C545E43334EBAD6761080C02C164A6B"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 81eac748f8dcbbef-FRA
content-length: 77277
expires: Wed, 01 Nov 2023 06:21:29 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012310111731000/v0/ 8 KB
3 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310111731000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29cc53c94045f5992fe796c8c978b1c06e691ad2509afcbbf9fcccd09a748944

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 27 Oct 2023 08:11:50 GMT
age: 349258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2971
x-xss-protection: 0
server: sffe
etag: "d3318576b6061a39"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 26 Oct 2024 08:11:50 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012310111731000/v0/ 237 KB
62 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310111731000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e75608f90f28063966d0bbbbad9bdea88dfdec0a9e1b9de6e19cac62bd4944e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 27 Oct 2023 03:22:27 GMT
age: 366621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63664
x-xss-protection: 0
server: sffe
etag: "d5c11a29c1b79a8a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 26 Oct 2024 03:22:27 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012310111731000/v0/ 12 KB
4 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310111731000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccb468c058da5e92426f3a868dbe38245e3e4ed71985f96264ae1407c130ff9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 24 Oct 2023 18:02:50 GMT
age: 572998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3951
x-xss-protection: 0
server: sffe
etag: "e11a2f49b1f47e4c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Oct 2024 18:02:50 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 371ms
314ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310111731000&d_imp=1&c=753678008428&ga_cid=amp-7Bc53Jrxof6LvlmqGx78ww&ga_hid=8428&dt=1698743568862&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan&bdt=452&dtd=37&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a48fb424eb387c731848fbba825557b23cba384487e834318c94d34a16098194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13491
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CNnH-ff4n4IDFTzluwgd4CsDnw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663415
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 31 Oct 2023 09:12:49 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 874ms
818ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310111731000&d_imp=1&c=753678008428&ga_cid=amp-7Bc53Jrxof6LvlmqGx78ww&ga_hid=8428&dt=1698743568862&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan&bdt=452&dtd=40&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54d928fb5b4d3f2f0d55f07cce9eefc654d52ea3c67166e55eb722fc8773d945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 160x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13451
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJ7S-ff4n4IDFTad_QcdyJoMKw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138224182300
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 31 Oct 2023 09:12:49 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
24 KB 542ms
486ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310111731000&d_imp=1&c=753678008428&ga_cid=amp-7Bc53Jrxof6LvlmqGx78ww&ga_hid=8428&dt=1698743568863&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan&bdt=453&dtd=40&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e81856c712e2357d424d8ba3fd7c1f37defb8b6da148d0a51e0b13a3874cb343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23712
x-xss-protection: 0
google-lineitem-id: 6350518020
x-qqid: CIfd-ff4n4IDFd-Z_QcdFJ8PXQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138441312640
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 31 Oct 2023 09:12:49 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 696ms
642ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310111731000&d_imp=1&c=753678008428&ga_cid=amp-7Bc53Jrxof6LvlmqGx78ww&ga_hid=8428&dt=1698743568863&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan&bdt=453&dtd=41&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebe00e03813af8710231b2ee44f7361cd141e2c573f43ddc6d514900b1641c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 120x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13414
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CMzf-ff4n4IDFdSS_QcdYDUG9Q
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351399041
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 31 Oct 2023 09:12:49 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
23 KB 1050ms
997ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310111731000&d_imp=1&c=753678008428&ga_cid=amp-7Bc53Jrxof6LvlmqGx78ww&ga_hid=8428&dt=1698743568863&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan&bdt=453&dtd=42&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a662868c226d447e032e657063f835a5cb14077b1862ed7e9706fd644555da89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 728x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23767
x-xss-protection: 0
google-lineitem-id: 6136661665
x-qqid: CJDj-ff4n4IDFQVR5QodHU0EHQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138370495019
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 31 Oct 2023 09:12:49 GMT

GET
H2 200 container.html
9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 108ms
30ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012310111731000/v0/analytics-vendors/ 2 KB
886 B 32ms
32ms Fetch
application/json 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310111731000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 27 Oct 2023 10:39:53 GMT
age: 340376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "1603797efd5753b1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 26 Oct 2024 10:39:53 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 346ms
346ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan
AMP-Same-Origin: true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:49 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Tue, 31 Oct 2023 09:15:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 101ms
42ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=8428&cid=amp-7Bc53Jrxof6LvlmqGx78ww&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan&dr=&dt=%F0%9F%8D%B4%E7%B2%BE%E9%9D%88%E5%AF%B6%E5%8F%AF%E5%A4%A2%20%E7%AC%AC1%E5%AD%A3%20%E7%84%A1%E5%8D%B0%EF%BC%88%E5%AF%B6%E5%8F%AF%E5%A4%A2%20%E7%84%A1%E5%8D%B0%E7%AF%87%EF%BC%89%E3%80%90%E7%B2%B5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1698743570&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4EE0 6 KB
3 KB 30ms
29ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:50 GMT
expires: Wed, 30 Oct 2024 09:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A395 6 KB
3 KB 28ms
28ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:50 GMT
expires: Wed, 30 Oct 2024 09:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FADB 6 KB
3 KB 27ms
27ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:50 GMT
expires: Wed, 30 Oct 2024 09:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A386 6 KB
3 KB 26ms
26ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:50 GMT
expires: Wed, 30 Oct 2024 09:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04CF 6 KB
3 KB 25ms
25ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:50 GMT
expires: Wed, 30 Oct 2024 09:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4EE0 24 KB
7 KB 73ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Oct 2024 06:34:09 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4EE0 24 KB
10 KB 124ms
68ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79444aa316d8763fe5ab64dfea33a7190861686114ba8e8e062e0cec3c709302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10063
x-xss-protection: 0
server: cafe
etag: 3620881764726396949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EE0 188 KB
60 KB 2329ms
2277ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A395 24 KB
6 KB 59ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Oct 2024 06:34:09 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame A395 23 KB
10 KB 158ms
117ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d659da6aedd0ac4192474dc98c4ec024d41f26fecb28cfb299a33430b0814c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9660
x-xss-protection: 0
server: cafe
etag: 1121423705963795181
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A395 188 KB
59 KB 2335ms
2299ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame FADB 95 KB
29 KB 110ms
108ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5805815269440bc3c7491e53bf0207108c25779bc6b3953725b7d351b2d8fd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29849
x-xss-protection: 0
server: cafe
etag: 714 / 19661 / 31079134 / config-hash: 9617840091010596719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FADB 188 KB
59 KB 2351ms
2337ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame FADB 0
462 B 62ms
60ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3FqOpS7RmI7HUYuIwivvcNfg8crPhScCeolOecn5VJ6XlkWZpTRVBsPUuYKWdcRTvwwJyzpn9h5RIU7LjEnASr28B2DbgbjrmhbbVyipQD42f1FzrKcR-vPeZ-uvKf8sa6dz2jbiHZchjUXJUiYd4Vm2YDAGDsrCB8WJ4CA_pDNrGQ7ZzZ1q8tfy0NBf_bZkIR673CDqrkT7hYJjl2-t83ArXVdEAaE1R0gysCEpMzPubCIMYGOz2qiA7n0jV640PNUDkWAixuDLDe7tHQasUC11xzFnGBltIkye9b-sjdaaLAZovmK4KsATQJ2YOMsUWfVAHeLFBh6DXjVRd59shVC3v3IhKvF3nHjz_qEn8PHigPYYz2jGJuaTtrUGalfR1Kp3RMjBI&sai=AMfl-YRsKCkO6JzWK5fkq8g7_XmYmTULJjKi1Sj-p352xY-51lTCCcKtDZazGiS6WcBPf7Fu4UYqTHvmZyq3IBE&sig=Cg0ArKJSzIIF-c_q19umEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame A386 23 KB
10 KB 137ms
121ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79018faf162399a68f6811504a776ad64866faf1a08bfb40c941ab24aae6a67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9661
x-xss-protection: 0
server: cafe
etag: 14537603239678250164
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A386 188 KB
59 KB 2375ms
2364ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A386 0
292 B 64ms
64ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk6lDxDnR2DT56KAhH7y24crQkO1zdso0rklgsZRu8NbdonYGbApbmxtRtdc_v67AMoiiv4pjLd4UDT-rnO15XOVaGomtzR19hRE1b89CvEZAk3ZcBU8HN8eMPV5oMETLS8y4xwbgHs23iDPtP50En4iprqUgO5qEliV7Q5QYukKYRAYEZOmsnHLRsEOiBXe0kk6gw57J1E1TstFdXb0VpS06PkdZZgl4EzGmhwuCw5w0E_sS4AXUUnlY2tzGFGxKR3hMEuuxYuCidTndQduXqotrihgdImzvjtpvhW3B5D0skh_cKJx_bR2GPJo9UhnaWbW5XTbZGBuW7B5iE0VdV5doVJ3l6u_AMtLCctlDAyYMJEZ2m132mt77i_LUHhgA7kg&sai=AMfl-YSCWpW9inIGDlxyympKkhHFH5yzjaZllImu8RL-I43_-rv1nGCrXzcoUlzeHS9eRmgS80UZXTbYaGMkN80&sig=Cg0ArKJSzIsaaAWpfqGlEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 04CF 95 KB
29 KB 192ms
192ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d49f317fbb82c72e0b49aef5d80b4524c282d50d49b14258e2facb1dae6bb07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29849
x-xss-protection: 0
server: cafe
etag: 598 / 19661 / 31079133 / config-hash: 9617840091010596719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04CF 188 KB
59 KB 2322ms
2321ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 04CF 0
291 B 58ms
58ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssErBupfAPb-EY1SbXtBma_zc0BPRjQQWLbn6Y7I5Pqmd9vlmcZntgvnYGjKQsb4ksEckgHQSggT3WnF3YgG04jpq9A-Pec2Y-FutYhZIFjVbDYhVcVm8pCrtuFso3jTeXypoaKrERAUG7h60hUB_K5-FnfyousSFFJf0EavjxoJggJXkMJmcM5IgBE6YpO8y3K4Vu3MMezV_QP0LKP2le_fsCpxQ90xKr5escBDcvL8K8UCastLTM25_JuEHQGN1ZOD_83Mo-ki54JmQ1tcraMhpqF9FNKtW3WjvNIsrpX478Yde23gPbqF_KjPRDLSI5xNvmqKJWJzijcnGvzJ2ihsAppJjFF2I5xH70CX5_jv8KIe1FdSAB-t8jAoB6I8S-U9iJH52ei5Q&sai=AMfl-YQ6FEHtmgnvisu7TotAqovm6fLESpYr6ssIYBP_GU5kAhgBLW-uAL_xsLsJTd0nTLrvsSicOtzQuILuE0k&sig=Cg0ArKJSzGaSeLtXPlVwEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4EE0 0
29 B 64ms
64ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQFpoqz-Dy5paMZFMCR-A8KFkzlsmXpq9-UZ3ewO5dsL-RJM9Kx4QT08IHy7fqsiz-8ooe0wmK-BsMHEhujW2XU16w5Yy_BK-ms375YkcVZtxb7OXXkrW7sLyM-Ql8wOxWd0CAG7oeBhr7PP-BeLhCy4EQh_jApRftoi9WwwK1NC-RQD-0mdcGs_lWisRUsE_ZDcUT6R75bSRiU9hMMTXWmBKI3YVgd6dVc6MSrDDV6mN_EyzARPLcQTH4Simj4scz9I98lRrhUWuOvA6haNC0AsrA_IIWYXoQWoJWmbWMQmMkfA2DmHeAqeoMFUzODRNzQhKy8m-uXoTIF_tS-Bvugi8R_8AvJCqalNUr1xAx7h8FjRdCHPmKTO0wSQ4MgNSFcvQ&sai=AMfl-YQk2eVVX93ZPK_ZZbf9UoZoWlCPEPvKLjbyyTavuUBN4bMvYYfUx12OchHPdPkB9ngMNhYNM9PVBaKB-6o&sig=Cg0ArKJSzLEGG_RKBmITEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A395 0
29 B 64ms
63ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf_yIa4KYno_47ExMf06nwjEPJSRilqNC7_zctbWA5Z4-AQi4DBsT6Q1eIbyP1WyJjKrq0phS-IRl-bg5P0d9UfGUip9fevF7oRXP4DmhHINwETXnvPtATLhyihQ66959x5_Xo2c746VW9GarVc8pkJ3zrDwwOOZkwMuAla5A_0geuUluiwf0DIiuD6NkQXjMq3SUW5pluH26RE0As7elX6hoKxur0pp4ZDhV0SR9rgunlN5QQwRXpU8I9nrPk6iwph4t8tbFjSWlNwwjF8tPxw-nJkUct-a1ESMyX_6bu-sQZM6baCXwrkiTM6UxiSZ_H1xj--CtEvRKlP9e33oZf7zMs5lieoc5hUv7SKdIpGRFneosNibzQeknulYkqhVES-5w&sai=AMfl-YTw6_3Bd5LIuw9-kQOGoQaV0CCy1_crN2PhMjr2YsPIT4zwlwhVoh0Vpg2V0VkdAoIx2ZJZOlAtMNxkl20&sig=Cg0ArKJSzOyVUtegH_EuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
URL: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4EE0 144 KB
50 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f7a2af1bf6818e492a118a7d1b5e7eafb049c1700293dde27dfa73f5a4f411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51085
x-xss-protection: 0
server: cafe
etag: 9001347782569676102
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/ Frame FADB 420 KB
132 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27291
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134989
x-xss-protection: 0
server: cafe
etag: 2612702921649259081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 30 Oct 2024 01:37:59 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A395 144 KB
50 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2bf38c8beac5dce1b008454494e725cb8797a5f8091bc89d46db2184ff407ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51083
x-xss-protection: 0
server: cafe
etag: 17370781711489891362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A386 144 KB
50 KB 151ms
150ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad5392c9cb4578b23da59ef5a19c404d9407f329ee5fbd388ffe2b600bf88645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51081
x-xss-protection: 0
server: cafe
etag: 15821743883008564641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FADB 134 KB
46 KB 369ms
368ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2036149680815932&correlator=1905172114593412&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_mob_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600%7C300x100%7C300x250%7C300x600&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com&abxe=1&dt=1698743570467&adxs=-12245933&adys=-12245933&biw=300&bih=1200&scr_x=0&scr_y=0&ucis=q1332bgynow5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan&loc=https%3A%2F%2F9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&dlt=1698743570197&idt=250&prev_scp=in2w_key9001%3D1%26in2w_key%3D49%26in2w_key2%3Dnope%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D49%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1&adks=3155901621&frm=24

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef4df554ca21e59538cb3397f977be3e7d3b34a36357e1ff9758f0a20621c1dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47128
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CE22 6 KB
3 KB 57ms
29ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:50 GMT
expires: Wed, 30 Oct 2024 09:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ Frame 4EE0 395 KB
134 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fa0bd28109db2f67a86ba35904659d3b5527a7e4209c8b56cb56c92de6e8891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137194
x-xss-protection: 0
server: cafe
etag: 11079976081659828901
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 65D2 10 KB
5 KB 73ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 2920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 08:24:10 GMT
etag: 4569948109300706969
expires: Tue, 14 Nov 2023 08:24:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ Frame 04CF 421 KB
132 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079133

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 21:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41430
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135211
x-xss-protection: 0
server: cafe
etag: 17495413759700775962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 29 Oct 2024 21:42:20 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ Frame A395 395 KB
134 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8713f5965763be21e851f18074f92aecc06bf90abae3e14d6172d6332c480cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137198
x-xss-protection: 0
server: cafe
etag: 13841656590597266900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ Frame A386 395 KB
134 KB 150ms
149ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8713f5965763be21e851f18074f92aecc06bf90abae3e14d6172d6332c480cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137198
x-xss-protection: 0
server: cafe
etag: 13841656590597266900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:50 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 04CF 23 KB
11 KB 272ms
271ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3634574226846339&correlator=977093504255833&eid=31079301%2C31079133&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C468x60%7C728x90&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com&abxe=1&dt=1698743570610&adxs=0&adys=0&biw=728&bih=180&isw=728&scr_x=0&scr_y=0&ucis=fn1w59fn1yag&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan&loc=https%3A%2F%2F9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&dlt=1698743570200&idt=390&prev_scp=in2w_key9001%3D1%26in2w_key%3D3%26in2w_key2%3Dnope%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D3%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1&adks=3854949243&frm=24

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd5de11a9cd11f86feac18842dfb501cf13c160641298ed35bcf9eb68166151b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10990
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ED2E 6 KB
3 KB 51ms
29ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079133

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:50 GMT
expires: Wed, 30 Oct 2024 09:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4128 24 KB
11 KB 407ms
406ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570325&bpp=177&bdt=148&idt=426&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1498670183&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079085%2C44805934%2C31078301%2C21065724%2C31079295&oid=2&pvsid=3119154461606836&tmod=1254145729&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m7oneefnuxvs&fsb=1&dtd=436

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96ac84759bf1cdbcef8d4750802777e86d59ee364f48e541e70e4095f2a0352d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11624
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D41 603 B
112 B 671ms
671ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570373&bpp=174&bdt=177&idt=396&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=2281615176&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079080%2C31079086%2C44805933%2C31078297%2C31079156&oid=2&pvsid=417700801574402&tmod=1373947432&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4b1y1eqmp3ko&fsb=1&dtd=407

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F390 603 B
65 B 403ms
403ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046729&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570378&bpp=204&bdt=180&idt=439&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1710351029&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079192%2C42531705%2C44805934%2C44807048%2C31078297&oid=2&pvsid=2854771269670646&tmod=1593928798&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bow9vyjybuzn&fsb=1&dtd=445

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6A36 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:50 GMT
expires: Wed, 30 Oct 2024 09:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 6A36 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad973753e09e4d83b77873cb1f13e6e9c2b98206993e756a0f111bec62194cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:32:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14255
x-xss-protection: 0
server: cafe
etag: 8688400824997412324
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:32:09 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6A36 24 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Oct 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A36 188 KB
59 KB 1625ms
1624ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 6A36 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:18:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 6A36 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 07:02:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 6A36 20 KB
8 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:18:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6A36 0
0 80ms
29ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0nDpg-TIzFiKjdqQ70VKJR65IyKavgzY8FVeRaLvv1hQQUcHMY7WfhRu6LU1XTlyY6Vy0ddp1hf2qRD_Y0AgiiswK3w
Requested by: Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 container.html Show response
9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E97 6 KB
3 KB 27ms
21ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079133

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:50 GMT
expires: Wed, 30 Oct 2024 09:12:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 TIi_GgN7VSjnJAMLjWaQZ-l4r9yfLm_wIk1Hx65wAQ2yzd-Y4MqJK8E5EXGxFL2t_1bnCR1nRsyd_V5lUXRTJVwfsb9k-QI=w1200-h628-rj-pd-pc0x00e9e9e9
lh5.googleusercontent.com/proxy/ Frame 6A36 99 KB
99 KB 74ms
22ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/TIi_GgN7VSjnJAMLjWaQZ-l4r9yfLm_wIk1Hx65wAQ2yzd-Y4MqJK8E5EXGxFL2t_1bnCR1nRsyd_V5lUXRTJVwfsb9k-QI=w1200-h628-rj-pd-pc0x00e9e9e9

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ae2edc55d208e6c41aea56a07933f47c9661cc82adc3cf687ae304c2faef7eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:04:17 GMT
x-content-type-options: nosniff
server: fife
age: 514
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100897
x-xss-protection: 0
expires: Wed, 01 Nov 2023 09:04:17 GMT

GET
H2 200 18236027481418849345
s0.2mdn.net/simgad/ Frame 6A36 2 KB
2 KB 78ms
22ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/18236027481418849345

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee7bbca5358b17c7a5e8c724f09e8f93eae7596fa32396fceebfc4c9ab0abaec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:52:55 GMT
x-content-type-options: nosniff
age: 555596
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1955
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 11:20:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 22:52:55 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B90B 478 B
195 B 64ms
61ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNXkXYnfHYZd9_PRgGtHfAU70gJZ02oBStrbR09ndSzyDFoWYuj9NU7bfAHpRbc6sQwzt719tuCQGb212Cnjt1cWA8Tmow

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8E97 89 KB
31 KB 210ms
208ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:51 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E97 42 B
63 B 57ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmBs2gcOY1ao8u2JueY04Nf7ckXpQjVm7m1pF1uHijV-_R4x0Nz5svf896b4ycUVVplyw8Wp88utKLU8IR4MMSItm1Tf6EDe5vZuUP4W2nGprf7EU

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E97 0
20 B 58ms
56ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16292279879088101357&x=1&ct=76

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 8E97 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 07:02:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 8E97 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:18:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8E97 0
0 50ms
30ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvT5no3-2thvlxH_IiIVgA2ckgccEUKwNfV0ypLpKwGtn4dB0BXPavuwtT_07-BqOzXjpYHVaurSxHSzpxfeYIykntag
Requested by: Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E97 188 KB
59 KB 1630ms
1629ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B90B 170 B
409 B 104ms
33ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNXkXYnfHYZd9_PRgGtHfAU70gJZ02oBStrbR09ndSzyDFoWYuj9NU7bfAHpRbc6sQwzt719tuCQGb212Cnjt1cWA8Tmow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B90B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1

43 B
337 B

43ms
43ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNXkXYnfHYZd9_PRgGtHfAU70gJZ02oBStrbR09ndSzyDFoWYuj9NU7bfAHpRbc6sQwzt719tuCQGb212Cnjt1cWA8Tmow
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyPxK%2FO6p02lq1nfbKJ2cEWwZXXed660Y3dJke8cQTBzLjWkPJACBhf7lut2l2lTxYMMvi1pbXdiNZC9B1ymrdu0IMeMXrrhlE8IPHtsGZT2%2FTF6ErZwZi3%2BFN5Al%2FsCpDcYx4VcS505aA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81eac757acf33609-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B90B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUDFEwj9GFM2YcKJYbgoLgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1

43 B
770 B

44ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNXkXYnfHYZd9_PRgGtHfAU70gJZ02oBStrbR09ndSzyDFoWYuj9NU7bfAHpRbc6sQwzt719tuCQGb212Cnjt1cWA8Tmow
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIscJQ2deMDhwFI19TGGpbh4f9%2FSz98OGLUnIuwGsbCy7xO2N%2FCOhRS0Szsljwzt%2FCnbikL53esoVFqa12pdX09AYLz5sfOavm09JD6WPkOUsRvxABidDzPrGnVHdSk1dQDDIFWI%2F4GN1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81eac7582b639201-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4128 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AB-T2_LQXIbjUlIZNxKhxycowEls-AVhfsVetKqzrVMydTI5ob0OTgPrM7uJaPC66AdqAxXGZ4LcoQfw_jxJZ2ezozBu1OmYq-hecDk7waUxCuzFY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570325&bpp=177&bdt=148&idt=426&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1498670183&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079085%2C44805934%2C31078301%2C21065724%2C31079295&oid=2&pvsid=3119154461606836&tmod=1254145729&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m7oneefnuxvs&fsb=1&dtd=436

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4128 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10183247774093381705&x=1&ct=119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4128 89 KB
31 KB 124ms
124ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 4128 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 07:02:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 4128 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:18:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4128 0
0 30ms
28ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIWleNdL-zVRqu6Mpul3jctULJ0bXIhkSTga873YEM9jxomPsjkUMem_EtBNHCxYBz-1IneMwADJZ_hLCMfS7crKGXXw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570325&bpp=177&bdt=148&idt=426&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1498670183&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079085%2C44805934%2C31078301%2C21065724%2C31079295&oid=2&pvsid=3119154461606836&tmod=1254145729&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m7oneefnuxvs&fsb=1&dtd=436
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4128 188 KB
59 KB 1432ms
1431ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 60C7 478 B
195 B 61ms
60ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf1-_ICEKb9pcgFGKDi1PsBMAE&v=APEucNV0FDJzgzxb4Apzp5fQ9SmNmFS5GQzY2pjIakPG-U3hAthrTHPK6AxKbdsURq1TFFvGC7bfhQj8DBNoUsdINBNtveuTcg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570325&bpp=177&bdt=148&idt=426&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1498670183&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079085%2C44805934%2C31078301%2C21065724%2C31079295&oid=2&pvsid=3119154461606836&tmod=1254145729&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m7oneefnuxvs&fsb=1&dtd=436
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E97 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2100564603207&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E97 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2100564603207&version=m202309260101&ct=76&x=1&cor=16292279879088101000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8E97 89 KB
37 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cec3XqcEARIJNQSE_UHjSVqI9WWmxy4xHSsXY5U9CiBMnT0GjuDvSnqQyxpJ2xXoC26-AXRLLQ3WJ26vlD0WctvsEaRTN2BYpgTlV_VNQ6vuxC-sukqtJvvyce51qr4bC8yaMDnd2yKZ-D4aqdn_4Ntqg8utmC5eMGWZY_J17N5EraZeI&dbm_d=AKAmf-Bm916YLdesmAiJFtDaHxJlyQmRhY600hPVMn083g3Ihinopp59cMD9_XipEK08HcDs4U0fbUlfDjy9G8nEo59rVB29Z27FBHs81Ol6KF8-Sqi_V4UdxOZ1l8b0SJf66GmVZ0kRCfx9McmDipmRGukaklCKvbTGSh57AL8IdfHxp-OcWDttQtuoDDqYd0Fkd5bm2kaHts9mlYcnGqPuJg80ojWpSCMfxDH2SiAyxi147mz15r2Yns0fyhvFcEkCnQSgdI6b8aKmvI44tRJCdM50UXKyKnoxhacsMOHWclC9aohEykxTPm2P_sjnVpll3bOJKmvGI_PCmReYgbogmdf90kPlWJi8ghB-EYH8X4vNxDsEICBFJ7cLYDOusu88I2wORS3tkSW1hSt7BWHwOkkkYXSU8XEth8cUZ9guEiUSJu1ud3o-Z4-iqXi53BVjb8uBybp1dzzJM4c9jpMJ6hnWf8q-FpuTjhGf6nVpaCUNk6xFwMXsEet9TSQj7MDeF7-N8S5J5i6yE8C3-NTbq0fenFG5RPkqxt-_edbgsyaoRAOsMPahS13FXMNfmK4CljdGFQM8ZEzdVKccz60nsG8uqmFngUbA3GlA1_sHBjJUgC_BUUEyn4MZSQltXjZhI0Q_ABq4q22jdnZBPslhSErijbC1yt8jWsFAbwnSlfFU2t1gSbe4k_nXiPV5MpaYNgPPZfjl1WgTU5vMES0dYWbxJpemnA1J0wb2i2yjIsOSoYIZMgRWCLJycm8Uqvp1tFNvPV1XNK-OcqIKxMLPJ57XFArFcaRsuNd8P3xor5mLkhWVV4VyRQPeLZZmPgjAb2JEhilay8qTSRG4BB-CL41bW8eVI8ma5amB9u1Vt0yhuoWlCxa1kqbqAmVBAOpWAbLiROyp3yVMeG631YUi-j60QNwKsQqCdXwFO9CKMH5tD7qPvhHP2Oq7E1ijLupobARsqUDOADF_hP8JKUzkLi9_J7KrL2FQtRmH4I1-jj4VT0uH_q99MGCDZzZNBt85bkSEteyPurVXFxK-XJ4mLqK4QbmfjF_6a6fRKOJ0_GEyIFIFfJ4oclNrhfNqvubuEtu8RU4CHe2FQ15SZ8MWNlnEpgRwvkFVEqTfCYIZcJ5OCJzb16ersBMPW81Io3QehxUGFj4M14EIgWKzkAb04TvHuAW0SbLY805EK6HWKOE9pOyPU5H0OSwzZF_J7dlhLMCUe7SFi4_l_8sHnnBE9kwPeA8I3gy0Cp0cKPlFIv1XgQD4v9c-VUNwGqyGKDkAOFDPJwMMXlkqjOmJMMm6MvtdDGmZzTn-hqdg1OtQV8cXf1wWR9jeNOows5AIcWtbW3eu3pO_vKSPi9OMkI9gf0FgxKO_-mbbnVTagTiUYrht7UnPAs6BYoiCwbvXBHpLs2ZakeBY-9wGU_YwUEUrdk2LZOfNfENHzdbuKiS5M2iJT_8eyfEvm3t223XjxnbGBRTWyHDUSy0QXqkj9eLVPgfXKBpq6T--v7WsBKQVQojPawF3PPyqkLnPqacK2ta4EVhB3KuogfDBnwXc6r0Jyz5aCDeUjJTVj5Od8euAAx5tyhPCrdpd6dt30QRprJLJiYCv51r70PG7IbUJNd5gYG0XXwJyUQBeZLwlVsXvwMvxbPz5mGOfh8j2hGQcNL7JiBIYxZ7Ke1egJeIVJ1blbxzKdwE1wtL7CU4E_U0qqgLrI-rvVWo-4PdwAaQ9UOoDcMq3wvFe5ziNoIyq9YJxQyXBJt9tC6lTHQqAQ1ugmAHA-nB4yBG-F2Fj_lMtx-vFydxgZb_zvl_gA7verf6IYyakAoo35Q1A16k2PFdiDZAG164wgp81NTOGW4McyZJAdxYvJjxGlbgFCGOHciWfH8-wPMpLNpArmyldNH51TzhsfN4QizdmRx7IUZjbOODHo8VrcElJ5Ucnh9bzgPie0Q2f3pmI3Ya2nrUO8qu5l1ECarGe7wQbMYZ3xToXQoCyNQiEqnDpF9nb9sn3IWf--9ytEob8itjZINuflCX0Jb2RIXR8yBVLOBTy_FWLSwmPJqZ_UPtpt7yBZE6Nqv-0ZDiIVyXeDRvk_ogvtpoF35fFtDZtg8ay4UFGTq0L0blR2RURGKVMrj9X6IdEJVuI-81jZrvwWqF5JTNeLfFBFMlESdnuW7Aei-KQwN81iGLSEKILP7UAXqo-5czH_b3oRb61c2e4bYHKdV5Ebs9R-Di3kzYHB-jeSj7GP-P-V-hWLG0bpoXHnG3pBUcivTCt4VqvOsUfa2FVA3M2goqTE92Xk9aWIzk8PlkCQO5zv3OpS4RoZxJFDoHcgfYl3SHpw8PEV0ypwqEAc3WKJKdMJdEYuCWDV6MuornbQ7UU2BhYUg8_z3UYysiLc7LiT8HSiNFByEjHpuQ0oIsZxpUIZLYhduAf7ObMdvXdYjtTJxrChu4r0a8FSa1wvzwhYiuVMzYizC8iYNCo0_YuH0VhUBaSt_MO_KRulqYxGajnB-ieCowUOEsK5NwPVYvWlq2Wb2NUnr55Y24IN2WEqWeruJW1aDMAl4IoDHfLf0NtElnG7VbFHe03xbCsjP5JF6veXcPp6AwdjctHdcMy5SeirwMuFRCziEv4OsxyXuaYPuoFNWf_9icrMIkyMQmeuSM8SDZt7t72RW0BHCgbSIFR17Ir_ozJLARAHDFWU0RJN9ac9-10OR65by_sbQn8HHFOX56HQIh_EdD0lod7ucyb28tRKPzvNRwUqGx_ilo3T-M_X9kmHTVSUiDlWzRwIxtxzSwHPxlLd0hMIsvmgvbRCXoQbMyi3_5pDJXRBrk2EDvM96qG7xDDiRP2F75nq6LqGx3fS49q8IRnfKBEQFHIPqgydmNY9_JPlnLAFrN3qhXaUmOCECW4rfIjeQzKlFVR8JanFEMuMSPvQuTrfQxYHMDRwVElfyZ3bf2m48dtFl3KJzgf7xZNHjGiW0oANqcc32P_q6RbJiw_PLkkl1OxF5IjbRUbbmAZRa1AqonzUftTsVi-6em3gP7NHktIBvHi1Ejyx4mhCE_KdEMZzPKFD2zLR7wC38DyVBEU5Tp3aMfuYrF5a0QtxgrATIzi2Dl91076aDm4WuY1H_p_Pdup16Xl4BXOqjQxwj8ScGZoJX2tvNA56-qsAsffBKhqsH2auVU7TI7TFbIRVIWPmRM-NvYzoFF-dhbWfKPPPFzfHEWFnTHf-CJdwr-uui3lZyEsdwLdw3QJoHLKItjnR9KXPHUH9evi5GWkJSZHb-Y_p5E4o83VcELKPouLVfGTVXk6pb5X9Z5jypF-OUso0d8AoWNpk7SWDxYWtO7efsqJ1kUw8_CpkduakLoxpzynNjQuglCk-2Ic-e_e6Mx0XjXswKAQXSrXpizgCpqO-LptsSntSFdZ7xlutNJGT3rZ2-jIb1fV1PjKg3FUeazSTn2jEhZQV0gJYm9Lt7AfpQxJnKFfH1FcHgP9iMy3v9Fqfbm8Rh4mNxsKjKsqlqslt3vSSrbCpuerH_PaG6M2su5XqKHQOuBoQ1FP7RaNw1MedebvY7qvzej1WJpe5XPRSe6ZLWE1t4ndVQsh0e-r3-EwQOvYdxmeAjoOf-DObWaWjxiwHEo1ZpuyVBknXA3RRlCcR7yrF_7QETSAWIEF1X4pa3WDPblx6TFeEIG-A1zonZiCIABJqVTbCQ&cid=CAQSKQDICaaN9JvkJs27sdbrDZC9NPrTwz04350gXtYXmqVl5UTHsq3k_iLSGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=16292279879088101000&adk=4022746785&idt=220&cac=0&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fe0497de60cceeebbda2647c655384818ef60478122d56be394f39a354b4449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38167
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 60C7 170 B
188 B 35ms
34ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf1-_ICEKb9pcgFGKDi1PsBMAE&v=APEucNV0FDJzgzxb4Apzp5fQ9SmNmFS5GQzY2pjIakPG-U3hAthrTHPK6AxKbdsURq1TFFvGC7bfhQj8DBNoUsdINBNtveuTcg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 60C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1

43 B
736 B

41ms
41ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf1-_ICEKb9pcgFGKDi1PsBMAE&v=APEucNV0FDJzgzxb4Apzp5fQ9SmNmFS5GQzY2pjIakPG-U3hAthrTHPK6AxKbdsURq1TFFvGC7bfhQj8DBNoUsdINBNtveuTcg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPfk8HIe2mwaMyUODn9SNIF%2FCpYGNdFmdRyNTkLXpgnFQNqyqWp%2FgjrdCzt%2BmHHvnFiU12BW4jrX2Cj8AYsclg68nqSJxyA6IJbOf7umcW5RMMz9G7JMOxlceLxfsqW%2BSHbOA1Xjsh%2Be1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81eac7588bb69201-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 60C7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUDFEwj9GFM2YcKJYbgoLgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1

43 B
732 B

41ms
40ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf1-_ICEKb9pcgFGKDi1PsBMAE&v=APEucNV0FDJzgzxb4Apzp5fQ9SmNmFS5GQzY2pjIakPG-U3hAthrTHPK6AxKbdsURq1TFFvGC7bfhQj8DBNoUsdINBNtveuTcg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DthbEscP6IU8PHVH4mwDOguY04fOxQPmKUpFaPOdThnvJX73Q7mY5huNMwsfvwKNFHReUC7fF%2BTIyBhSKX48pC5FHf7fmsEVpRCBFdlzGOR9GdrRxNUPvqsgvXez3uC5JoG%2BWc5ioifarA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81eac758dbe49201-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFfWoVj879QO4Vw-jZMwiQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8E97 111 KB
39 KB 67ms
23ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
Origin: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 14:17:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 8E97 11 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cec3XqcEARIJNQSE_UHjSVqI9WWmxy4xHSsXY5U9CiBMnT0GjuDvSnqQyxpJ2xXoC26-AXRLLQ3WJ26vlD0WctvsEaRTN2BYpgTlV_VNQ6vuxC-sukqtJvvyce51qr4bC8yaMDnd2yKZ-D4aqdn_4Ntqg8utmC5eMGWZY_J17N5EraZeI&dbm_d=AKAmf-Bm916YLdesmAiJFtDaHxJlyQmRhY600hPVMn083g3Ihinopp59cMD9_XipEK08HcDs4U0fbUlfDjy9G8nEo59rVB29Z27FBHs81Ol6KF8-Sqi_V4UdxOZ1l8b0SJf66GmVZ0kRCfx9McmDipmRGukaklCKvbTGSh57AL8IdfHxp-OcWDttQtuoDDqYd0Fkd5bm2kaHts9mlYcnGqPuJg80ojWpSCMfxDH2SiAyxi147mz15r2Yns0fyhvFcEkCnQSgdI6b8aKmvI44tRJCdM50UXKyKnoxhacsMOHWclC9aohEykxTPm2P_sjnVpll3bOJKmvGI_PCmReYgbogmdf90kPlWJi8ghB-EYH8X4vNxDsEICBFJ7cLYDOusu88I2wORS3tkSW1hSt7BWHwOkkkYXSU8XEth8cUZ9guEiUSJu1ud3o-Z4-iqXi53BVjb8uBybp1dzzJM4c9jpMJ6hnWf8q-FpuTjhGf6nVpaCUNk6xFwMXsEet9TSQj7MDeF7-N8S5J5i6yE8C3-NTbq0fenFG5RPkqxt-_edbgsyaoRAOsMPahS13FXMNfmK4CljdGFQM8ZEzdVKccz60nsG8uqmFngUbA3GlA1_sHBjJUgC_BUUEyn4MZSQltXjZhI0Q_ABq4q22jdnZBPslhSErijbC1yt8jWsFAbwnSlfFU2t1gSbe4k_nXiPV5MpaYNgPPZfjl1WgTU5vMES0dYWbxJpemnA1J0wb2i2yjIsOSoYIZMgRWCLJycm8Uqvp1tFNvPV1XNK-OcqIKxMLPJ57XFArFcaRsuNd8P3xor5mLkhWVV4VyRQPeLZZmPgjAb2JEhilay8qTSRG4BB-CL41bW8eVI8ma5amB9u1Vt0yhuoWlCxa1kqbqAmVBAOpWAbLiROyp3yVMeG631YUi-j60QNwKsQqCdXwFO9CKMH5tD7qPvhHP2Oq7E1ijLupobARsqUDOADF_hP8JKUzkLi9_J7KrL2FQtRmH4I1-jj4VT0uH_q99MGCDZzZNBt85bkSEteyPurVXFxK-XJ4mLqK4QbmfjF_6a6fRKOJ0_GEyIFIFfJ4oclNrhfNqvubuEtu8RU4CHe2FQ15SZ8MWNlnEpgRwvkFVEqTfCYIZcJ5OCJzb16ersBMPW81Io3QehxUGFj4M14EIgWKzkAb04TvHuAW0SbLY805EK6HWKOE9pOyPU5H0OSwzZF_J7dlhLMCUe7SFi4_l_8sHnnBE9kwPeA8I3gy0Cp0cKPlFIv1XgQD4v9c-VUNwGqyGKDkAOFDPJwMMXlkqjOmJMMm6MvtdDGmZzTn-hqdg1OtQV8cXf1wWR9jeNOows5AIcWtbW3eu3pO_vKSPi9OMkI9gf0FgxKO_-mbbnVTagTiUYrht7UnPAs6BYoiCwbvXBHpLs2ZakeBY-9wGU_YwUEUrdk2LZOfNfENHzdbuKiS5M2iJT_8eyfEvm3t223XjxnbGBRTWyHDUSy0QXqkj9eLVPgfXKBpq6T--v7WsBKQVQojPawF3PPyqkLnPqacK2ta4EVhB3KuogfDBnwXc6r0Jyz5aCDeUjJTVj5Od8euAAx5tyhPCrdpd6dt30QRprJLJiYCv51r70PG7IbUJNd5gYG0XXwJyUQBeZLwlVsXvwMvxbPz5mGOfh8j2hGQcNL7JiBIYxZ7Ke1egJeIVJ1blbxzKdwE1wtL7CU4E_U0qqgLrI-rvVWo-4PdwAaQ9UOoDcMq3wvFe5ziNoIyq9YJxQyXBJt9tC6lTHQqAQ1ugmAHA-nB4yBG-F2Fj_lMtx-vFydxgZb_zvl_gA7verf6IYyakAoo35Q1A16k2PFdiDZAG164wgp81NTOGW4McyZJAdxYvJjxGlbgFCGOHciWfH8-wPMpLNpArmyldNH51TzhsfN4QizdmRx7IUZjbOODHo8VrcElJ5Ucnh9bzgPie0Q2f3pmI3Ya2nrUO8qu5l1ECarGe7wQbMYZ3xToXQoCyNQiEqnDpF9nb9sn3IWf--9ytEob8itjZINuflCX0Jb2RIXR8yBVLOBTy_FWLSwmPJqZ_UPtpt7yBZE6Nqv-0ZDiIVyXeDRvk_ogvtpoF35fFtDZtg8ay4UFGTq0L0blR2RURGKVMrj9X6IdEJVuI-81jZrvwWqF5JTNeLfFBFMlESdnuW7Aei-KQwN81iGLSEKILP7UAXqo-5czH_b3oRb61c2e4bYHKdV5Ebs9R-Di3kzYHB-jeSj7GP-P-V-hWLG0bpoXHnG3pBUcivTCt4VqvOsUfa2FVA3M2goqTE92Xk9aWIzk8PlkCQO5zv3OpS4RoZxJFDoHcgfYl3SHpw8PEV0ypwqEAc3WKJKdMJdEYuCWDV6MuornbQ7UU2BhYUg8_z3UYysiLc7LiT8HSiNFByEjHpuQ0oIsZxpUIZLYhduAf7ObMdvXdYjtTJxrChu4r0a8FSa1wvzwhYiuVMzYizC8iYNCo0_YuH0VhUBaSt_MO_KRulqYxGajnB-ieCowUOEsK5NwPVYvWlq2Wb2NUnr55Y24IN2WEqWeruJW1aDMAl4IoDHfLf0NtElnG7VbFHe03xbCsjP5JF6veXcPp6AwdjctHdcMy5SeirwMuFRCziEv4OsxyXuaYPuoFNWf_9icrMIkyMQmeuSM8SDZt7t72RW0BHCgbSIFR17Ir_ozJLARAHDFWU0RJN9ac9-10OR65by_sbQn8HHFOX56HQIh_EdD0lod7ucyb28tRKPzvNRwUqGx_ilo3T-M_X9kmHTVSUiDlWzRwIxtxzSwHPxlLd0hMIsvmgvbRCXoQbMyi3_5pDJXRBrk2EDvM96qG7xDDiRP2F75nq6LqGx3fS49q8IRnfKBEQFHIPqgydmNY9_JPlnLAFrN3qhXaUmOCECW4rfIjeQzKlFVR8JanFEMuMSPvQuTrfQxYHMDRwVElfyZ3bf2m48dtFl3KJzgf7xZNHjGiW0oANqcc32P_q6RbJiw_PLkkl1OxF5IjbRUbbmAZRa1AqonzUftTsVi-6em3gP7NHktIBvHi1Ejyx4mhCE_KdEMZzPKFD2zLR7wC38DyVBEU5Tp3aMfuYrF5a0QtxgrATIzi2Dl91076aDm4WuY1H_p_Pdup16Xl4BXOqjQxwj8ScGZoJX2tvNA56-qsAsffBKhqsH2auVU7TI7TFbIRVIWPmRM-NvYzoFF-dhbWfKPPPFzfHEWFnTHf-CJdwr-uui3lZyEsdwLdw3QJoHLKItjnR9KXPHUH9evi5GWkJSZHb-Y_p5E4o83VcELKPouLVfGTVXk6pb5X9Z5jypF-OUso0d8AoWNpk7SWDxYWtO7efsqJ1kUw8_CpkduakLoxpzynNjQuglCk-2Ic-e_e6Mx0XjXswKAQXSrXpizgCpqO-LptsSntSFdZ7xlutNJGT3rZ2-jIb1fV1PjKg3FUeazSTn2jEhZQV0gJYm9Lt7AfpQxJnKFfH1FcHgP9iMy3v9Fqfbm8Rh4mNxsKjKsqlqslt3vSSrbCpuerH_PaG6M2su5XqKHQOuBoQ1FP7RaNw1MedebvY7qvzej1WJpe5XPRSe6ZLWE1t4ndVQsh0e-r3-EwQOvYdxmeAjoOf-DObWaWjxiwHEo1ZpuyVBknXA3RRlCcR7yrF_7QETSAWIEF1X4pa3WDPblx6TFeEIG-A1zonZiCIABJqVTbCQ&cid=CAQSKQDICaaN9JvkJs27sdbrDZC9NPrTwz04350gXtYXmqVl5UTHsq3k_iLSGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=16292279879088101000&adk=4022746785&idt=220&cac=0&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:21:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 8E97 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0
server: cafe
etag: 8023538936332676572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:20:57 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E97 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 327292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8D75 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 24644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4128 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7318039096215&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4128 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7318039096215&version=m202309260101&ct=119&x=1&cor=10183247774093382000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4128 89 KB
37 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbAZmbznsUeDGsvFj-OcPp6ksy5cbpkMvGUq8lZr8b-y3Dk2LOmiIg95YZj7iTc3GnJ5JoJYR4F-t7ReMd_vJQ4sZNcvkTxROHjNr8jhWj5v2iA67a_-Sv5T6Oh5dN35TaScmUZargB5ZUeV9Wwu_MMYyikXAKqGexo6VO2K_btkC62zQ&cry=1&dbm_d=AKAmf-CV1TDhAxvdYHE_Ou2D23zeMH18I1aK0sjdp7BV31HNxD7ZKAs6TiN_QqavY7p47WfbTioWyW7HlSsyXXAsJjZzMjic4JPbIZt0Xl66vzb3i0WmZFCT_FhZ4um1xEL4cvBkCMuLJULnRRk-cGKubCmN-Cx_xiCch4pTvtFcIx5qD1qG49OzVMQfdLyb_MWsLkEzfyXmGZ582QQ9HqYt2-jae6-eCe66jncFi1TYJ4YuTmeqzAdhZlrRM0k4S0efDymc3QjRJ12U-5e8vmmDrTlyJZ_0_tJVWCniuUTc0l1gwBEmAR8G8tPFhqNvmfdvWcfOSPdBeyjET6Sju04VMjuFn8bVW590jD1KfJotnTV9EnXsEgXxsjRlglG_Yo43yp8icAmmR2rIgnk8z7kPyGdYeBSW8pXxTcNwMuHMylUrbk9OXbxm6XcnaBvsFbIACJ8Uw8OYBawtWmcxVN68VsYdMD894fYtmuoS72Sa4Ji4XANxVpMeJREkxbNRkiHzdfQxFEInD62BDHv-a5Y_nABTt7M0ujeuoJheAARVahNf8QOfMGo2C2VwOu8-yZF8fdsXuTbhdOJznm96koUgiOkk-xdF3AgIRBOFGrwQ3oVLxtvlEKG6Wj5ihToNmPVkylnflhZGLg-WUGpdkpdS0yw80-Mmfe-L3znS22xATA-VVV74czloNPMyI1p_Sozoc5z2ZwsXJvHITpzS66KvcTNIG1A8DkmNygOSufiHhOEreBGgqrxsxxx5U2A_p8yrgZT1pbdTqPlKO3xHY0gz4kmaQmgIPJylX3c7ARSfwZXutlzQLEFoWx7cfTDrmKfji0Y15FoPK3UaN_2QE3i8d4sU7I0HBdifbLYnB5W5SQZC4yM16UOUBWPC6EEPtPcpQLfj07lUYAQG7HAQy0N-BSVIleAgsXgq18v4yh4-JUdBCZI8fUHIR5roWmGRNcz88xhOmGdyGSDDP5XMNpF_qr46rchOWJUCeULGtq2N0XrEnkwdyDslbPKtOEbs_oUiPN8VneL_1psogOKl-pjglh2QtpDpxF8Y6mRfVCzLqO4HqS-o3GQDXx3cuI9gfhrmMUN4zujuGQl9eadj-c6BFZkvLFI9b7Xamp6LT4swRjzh8cCx3DPw_06WJGdKiwVEBE4OszVGELVEQLomxyAb1KV3MKBLEVcHwe_WjCkKpNRDDUYNh9d8gMK3OVP-9X-PjMTCjAuyCxhf8HPGDITd2QK9KI6w1kVeze9kCRskShQrM4wQ0YVl0I-0P40h-41JOWWivVAoB2LFSvl-8DMr5s58qIW3vKuejGTxwdAbRytdBQYMuoaClBiMBstDClrN8wyKMkgRucEF2cldYvTVKuq1rlSKQBEtxnkfPv4NjDFDYRkzcwF28bthJ7FygF98_DxTk0z_7YPlrA_VsyDaMhsfI2yK7UXSt2C9eRoRYY8lifPwhtBFu2OwsmsOSfurDpsADAeOzP2ArLzBMgUBqWLJPUvmjkp2xOcjfSCrW6cPBz0QmO0a4TnIuiHZsYU0k1-_raGWtRua2klJjT6qiqXO2aHLcujE9QwF6XIxmGVvCI8ZzsJcCpT7R1Kp3K7C2qs8EB3thuYFdi4kpryNRiwoqDSB05y-06jxwq0StKY6NaZgF5skL1ECKq4F18P16woBAe-lqbHwcTJ7EmtLlluJ1W78Kx77NFfzvuB4GWtpHs6dBm0-LSzEM-JbIxFA9nzKVBnM5yhLTQuWiCcMAF8BSQOfxs5nlIh5cvhDmwDxzIundXw7Y9gVe4_0OWr17EdrQjXk2O6mDphfiIDa5R38hmyhUR_9ADEn0XnRzjY7uLRAtYEm__LVHiKfkyBE9OPCOUc854QxIgDvvDHYy0C-SIxMg66LlavUqi6OgKsWcOTcAR-56r2flw2UQgSxviXLSSMD2fMIqb9yxLBlraBdr_nHLbqfn1dWiyAGFF4YAryFDvZ7GB2YrW5qoOiCsmVXyiizcHO4qS1Fb1Ua1zHWVHY31lGcU7hO9IZa-i2amL_7y54at6AwHjioZdrJzbe3seqaW36gUhlqGXfnakARXOxDtziZMqg6PzC52avEcrP0RX4o1fnbGbzPligSiAhjXhKLmJVbxCwH-8RRsruMS1DuxmsxGS6jor4d_6GxEgJJXeiTjisVuyBEPHEwQmQrQLSv0CbsAQR6nZzXFKR5G_GyHFXzwozG-43iOIRjvRdFY-nrwDYZsl_e-e4w3LE3KlKeBTB-Ig3PAg5iyw2Ielq9awPlhQWiQnargVX72f_BCepGVaUDPm3i9N0RTHcgVRawKbBSEc49BmOJS6Lh8QyNvAdPkSZ7H1qepIE9Vijd9QOlwXDJVL3MCZWlSz76D_iP8EGKnM44kXIuz5JCVB7vy6vwL7dCuaNY3YFUs52msaxK6qNGqagm148fL3wgBnowNUEkA80jyqApQh_S9X6PpSzvutLvfVUG4syfHW3-kxd_t4IS9jNAQDlogjf6arUGqRSC9HU-VJDdGBOSdNgzNTUOK0WuW9vTOOl9kWZIkp1X4JeisIqF-ZqhNqv6AqYmxyfi_vFzf_KzTpMmBvI208nvY7pxWhzDE4-wCRzoTR7U-264B22J4Fx29XROk3dQTC1a0uw6sPpshnejk7SvNeN21W2W2kpkQGXS0JBpoiauOBISYwAXff9C-lNzvwlvW6ePiczsYIhIYt2h93pHDqCdscM9ydGxdC98Nk8KGDB04y2dcM6rUPaLlSVi4y2Xcz3y-nbTperauDS1VE____axCCeMUe4iZ4lVPONobPP7ZT4w-5RczjhiwXqFIHRUA3j_sb16Uapdh3AsJgRmt9ScuVJiD_s2ThpOSZYV194g4D6f5K9BXvdY6t4tWDKUkfA_Fe-CuxsPT7RdyYZYRHgmN8E_C_gwKbMt_cZF6-yYanBlaQuiTSNmKYnZ_5Fo2q9780u-WtGS-KYjN0TSUt2iMMgRhnx5CAT19DzEvQgW8m4Q3_fk8DLb_vEn0ZMjrShoZDaWAITfmAzwQreVtwOO3Jkz9e-tSGAywbLFCu1vv3zWiUFJJCH602IjAqgTOnQwb9ZzNa2qfDDtfnsz249J9N5RR0gUgQEp3moa0drP-YdZVIJc1NuldbfLJcdx22c47RgccXZ7TaU93sMQ0RHxaXsRNgQTUI3qQYFvVJFR3a0ri2X3XVFR2k-9LSpwG9lT3FV9N2n10Ubz2SrSEVbvPGojonQaPOliLhVU6MLeLeoQUU8MftBaGINAevQBQntqaBVjOc_oK5KfIYrkATfWQ2vVBXFLQB2mt31rdh8Ht80jU2KbbG8eF3geKYkXYBjZf6PUL1TcQRGkN-oHRvRtek0IbUJLDiRLZzGUjHlRnSCJmcBzHzKgXJzp-GamAgIJQnMj6qp1gKIKVl7ccf8FSQZ7gWF1Aszfh1jPDGDi09I7Lv5BqLSDGp5blfsubJBXkLWWAG2B6iCjTGatLxRNF-OXg4pmtBPo39yZDT-h1OCNeXVyVOrrRBFhWC2fqxsBsk5-Cxl-ijOPI3TYM3oSn8i6GgGvfUfIkk4ePbw&cid=CAQSKQDICaaNxiv30-yD6KhBV4Wq3H1jMmD5y64v59omR7XGP60zdRNiUrBqGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=10183247774093382000&adk=3676778483&idt=131&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

707d23c9945509dfea0e64a23ae7d8572cad82ff4df2809d4416e2a7bbbf2210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570325&bpp=177&bdt=148&idt=426&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1498670183&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079085%2C44805934%2C31078301%2C21065724%2C31079295&oid=2&pvsid=3119154461606836&tmod=1254145729&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m7oneefnuxvs&fsb=1&dtd=436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37956
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8E97 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29d2ce9d8c380fc3b9348c234b6b9202741b81485b1b2c30324b304f4364eb2b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B7AB 38 KB
13 KB 22ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 327270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8D75 35 B
463 B 77ms
27ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKMkTDwqfrKqcIW3hpfO8hI&google_cver=1&google_push=AXcoOmRsHLaplUndZ-DI-nNvgTr_bIIEXmbxYGe72yOYiXAbAHwK_kWf3aqpQqEa3X2dbdGvSOMxiBxNFTetJwRZ7817ieVj1XbeWA

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D75
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEB2cjLeDjzxTpguPprQhPg&google_cver=1&google_push=AXcoOmRVJqoVgIaiVqhR8r9BNUof2Mix1rTxzrLsxGcI2lPUdPh9tM3...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=78b652ca1aa015bb&is_secure=true&networkId=14000&version=1&google_gid=CAESEEB2cjLeDjzxTpguPprQhPg&google_cver=1&google_push=AXcoOmRVJqoV...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHuGaH4Ge4agMjI6sfAAAAAAA&expiration=1698829971&google_cver=1&is_secure=true&google_gid=CAESEEB2cjLeDjzxTpguPprQh...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHuGaH4Ge4agMjI6sfAAAAAAA&expiration=1698829971&google_cver=1&is_secure=true&google_gid=CAESEEB2cjLeDjzxTpguPprQhPg&google_push=AXcoOmRVJqoVgIaiVqhR8r9BNUof2Mix1rTxzrLsxGcI2lPUdPh9tM3KL7ZngB-CnKPrGeIJYhi1adRAuC6nCdZZXU72GIAcsZTXmg

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHuGaH4Ge4agMjI6sfAAAAAAA&expiration=1698829971&google_cver=1&is_secure=true&google_gid=CAESEEB2cjLeDjzxTpguPprQhPg&google_push=AXcoOmRVJqoVgIaiVqhR8r9BNUof2Mix1rTxzrLsxGcI2lPUdPh9tM3KL7ZngB-CnKPrGeIJYhi1adRAuC6nCdZZXU72GIAcsZTXmg
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D75
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH4gp_Fv6HpVTg5eGIkcO2I&google_cver=1&google_push=AXcoOmQcUhx8p2qIOvVKsT9ZFE3dB9DRONrAXgTlfyRgu0yh3snjLW_dbWd7VaGMNZCvhORXR9BSixRBF-6jbIxd8CY3...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH4gp_Fv6HpVTg5eGIkcO2I&google_cver=1&google_push=AXcoOmQcUhx8p2qIOvVKsT9ZFE3dB9DRONrAXgTlfyRgu0yh3snjLW_dbWd7VaGMNZCvhORXR9BSixRBF-6jbI...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQcUhx8p2qIOvVKsT9ZFE3dB9DRONrAXgTlfyRgu0yh3snjLW_dbWd7VaGMNZCvhORXR9BSixRBF-6jbIxd8CY3Z9E-bfzFog&google_hm=_-9ebMBlSWiMsor5n4_hIg==

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQcUhx8p2qIOvVKsT9ZFE3dB9DRONrAXgTlfyRgu0yh3snjLW_dbWd7VaGMNZCvhORXR9BSixRBF-6jbIxd8CY3Z9E-bfzFog&google_hm=_-9ebMBlSWiMsor5n4_hIg==

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQcUhx8p2qIOvVKsT9ZFE3dB9DRONrAXgTlfyRgu0yh3snjLW_dbWd7VaGMNZCvhORXR9BSixRBF-6jbIxd8CY3Z9E-bfzFog&google_hm=_-9ebMBlSWiMsor5n4_hIg==
date: Tue, 31 Oct 2023 09:12:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 8D75
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECYBmCi56JQBBhrLsOGJnZQ&google_cver=1&google_push=AXcoOmT3PsNlb6AcrwXAMTXbXGFCYf_bo8FLRcbRCe2IM2qzHvw8jfGANMLRMAfMw1dIbcBZdMbgtdDitlZkOUqt...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=0b8e256cf9&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=0b8e256cf9&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

205ms
205ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=0b8e256cf9&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 09:12:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FQ7KFRR690CEANN5CF15
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 09:12:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NPW55G21XBJ63EEPKT7F
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=9e538baa-4db6-42dd-8d08-32ff104abafc&id=0b8e256cf9&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

0.gif
id5-sync.com/i/495/ Frame 8D75
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEEbCtfmbUWzlnGVocF-YUhM&google_cver=1&google_push=AXcoOmSJbVGpBpnYxxz0J-7QeSoOrhwOHDwZn4qZPWSoy7Aq2WGr7NVuiQ4k2x7MwEJtuJtLeLXIuQKcgA71a_HpAtVe7DipOJTxgn4
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSJbVGpBpnYxxz0J-7QeSoOrhwOHDwZn4qZPWSoy7Aq...

43 B
921 B

93ms
26ms

Image
image/gif

162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSJbVGpBpnYxxz0J-7QeSoOrhwOHDwZn4qZPWSoy7Aq2WGr7NVuiQ4k2x7MwEJtuJtLeLXIuQKcgA71a_HpAtVe7DipOJTxgn4

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 31 Oct 2023 09:12:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

date: Tue, 31 Oct 2023 09:12:51 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSJbVGpBpnYxxz0J-7QeSoOrhwOHDwZn4qZPWSoy7Aq2WGr7NVuiQ4k2x7MwEJtuJtLeLXIuQKcgA71a_HpAtVe7DipOJTxgn4
x-download-options: noopen
vary: Accept
content-length: 274
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D75
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEMAqlPOxn-Rvc5R8TNZzRN4&google_cver=1&google_push=AXcoOmQIwBYlHWYCet7qe3Zz0u6EKS7_HzHQxWXIqtkwyEwsFGJNX9OCVQJfGeJeX88u3XQ9ewqGNaR--m1-GA2swd6nliaZV...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQIwBYlHWYCet7qe3Zz0u6EKS7_HzHQxWXIqtkwyEwsFGJNX9OCVQJfGeJeX88u3XQ9ewqGNaR--m1-GA2swd6nliaZVdMErQU&google_hm=f34e9699ce0...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQIwBYlHWYCet7qe3Zz0u6EKS7_HzHQxWXIqtkwyEwsFGJNX9OCVQJfGeJeX88u3XQ9ewqGNaR--m1-GA2swd6nliaZVdMErQU&google_hm=f34e9699ce05e31d104tr600loe428sg

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQIwBYlHWYCet7qe3Zz0u6EKS7_HzHQxWXIqtkwyEwsFGJNX9OCVQJfGeJeX88u3XQ9ewqGNaR--m1-GA2swd6nliaZVdMErQU&google_hm=f34e9699ce05e31d104tr600loe428sg
date: Tue, 31 Oct 2023 09:12:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
content-type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D75
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJSRB9U9g...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJS...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ffef5e6c-c065-4968-8cb2-8af99f8fe122&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

46ms
45ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ffef5e6c-c065-4968-8cb2-8af99f8fe122&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ffef5e6c-c065-4968-8cb2-8af99f8fe122&%%GOOGLE_PUSH_PAIR%%
date: Tue, 31 Oct 2023 09:12:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8D75 0
12 B 32ms
31ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LO5_Ofd3jJx2lPJRq64lRYDD_8zJLSI8zXpaPgrVJULovwr-BcQFfUhJrWO0Z-Uz_twsia0spz

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame B7AB 38 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 17:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 17:10:51 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E97 0
0 154ms
68ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-jVeYC9emjH1-9GFFOy7xmG5rmF784pwmJajZdZXfI-ACRp2qX2TrNU-5s3QzuoXbVQ7dwAMWFVnyk0Z_085ilS0RjT-LaUtuP4mu8CKRDQBxW3F1MOwIMHHI5Lrlpbs830wXLElw2VzH1BDPKU9_58lFJFsfBOikvnZ6oivvL_YAHzzaQyZpChDFjhXw8PBJvjg9TQWVj2nJMYp5ScIi8frsOJ_717FFZcZ0OWY3wWZaohQBDzghOAPAw9E_SA4KlHi7pJWAWvLqdXDZ8uA-kLkmBct275_LjH0MYrwyvqgCjUk1n_scXHCsrnOS7tJV47IJp_Yf6iWAcqKOMueeFJ9IvWiEOlDUEfuGVXbXkW9n_Zl176dRXUnrGeCTLcSDVFv6Je8jiR_RTdFLy386JjJuZg-9SaAU9Z723tDqzhY0p6uyCW6-Vn4sOQs1gQKI3zkvE_4bz_5WwrDzR-YdqShzIfYM1_h5OtkIbI7KRWrc5WVtMQ_0RVTQ6tQdydUPfum4gHZ-fWzJhX7LDwSdG_kVGtuMY5YcHDdIn4AADC4NthcsLyLwpCVHAXWecBjCJziZ1V9jx1L-HrgMd8Zuef_wzmcwYsvatAFOLvabel7wqgf_4bD6-EsFK_2Fe5ZJvfppvl14LVzigjtnXTTZY6--p7LC3h611IIBRjOnBFApxQ53G8kI7izFr6Dau_VyU8KwvsjJM1XwAsvqDEB-TJpIeqm3Cii7V3uGNioFGhCwFWsQBKfKahC13iVv3wRpwZpNLfRgY2mu6mJ41EZ1bSnlxUDPTxJQvl2CZh8D21zyzEGuePJz8A59wmfs0GZONfsweTU-k0JSG9YjlmNp0udJs-XycT5KB9TOEwWZYbnE6w19JJMAOj_YpxE7LOCyszmqGZmtOBWiHd-I1oHlyO4oobV8XQBVJP51QFkToaJvCV1umHyJ1Q1wPKeUzES_iLpSKjfy7eM6nJZ6YDKOQAH6GIO7MwwwcbwB_6FRaTgnFGFtqcKZmNg6_AGzhDYOBHR9nN6__OfwYYjfUAKDl7l5C4cxewJ-eCu3PIX4mEDmFQFKsYeSVYewu5oTLnonUG9pVP74tR9gZSLnjck-1zZndl9lAuHxwC-S_oA9BAkg7b9e3WD4DFbsD_CQl2XEYeOxxRD3qZezmKbCzJ3uxc-KE9PYV2AHKlrWO8Eq72p4jLSAU8y7aqOz9I5adh2RKFxxrzfWRkq9p56gvnUTGRJn2FSyAtugQYjuuJ2x_wEu-yIvkU7abEALNT7-fbTzu5AqK-Uggi6Yl0IFgOA3kiravopEXs8d2wewvlLqGcouFlrKMiFvQIMyYMEIcswAZ9kl1x8njqtELl_4LdLhRn9OJ6XTI9K_0oRhewhVJ5pfy71-1GYHlg&sai=AMfl-YRiEQCuAc07c-zOBl2VYW-ZX9KsulHkm3WuZmTNizxwDC1d3e1_rkN_SB7MbTS6iBLc0l3Z4Du00P7yAhkBVeg3O1tcWjr7r0AWUekD8GgBFzfe2JsBXCgAGF4w8XwfCUx01CJpfF4S_cyKLTe27hIUSxSmOa3qYbXge8Y3RMapTrBi_mVZKSd8KeyVN6IP6FT6xXR_jy1T3qBnsthlEdCWkaje74kd37R581E&sig=Cg0ArKJSzC3e3bHqLlv2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=93&cbvp=1&cisv=r20231026.67545&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 09:12:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 130592302169874399
s0.2mdn.net/simgad/ Frame 8E97 11 KB
12 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/130592302169874399

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f8a4a479c067c13069e18f60db1ceba87348552835ad96246bea781d3a9d667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 04:55:25 GMT
x-content-type-options: nosniff
age: 15446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11677
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 12:42:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Oct 2024 04:55:25 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4128 111 KB
39 KB 45ms
25ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 14:17:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 4128 11 KB
4 KB 41ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbAZmbznsUeDGsvFj-OcPp6ksy5cbpkMvGUq8lZr8b-y3Dk2LOmiIg95YZj7iTc3GnJ5JoJYR4F-t7ReMd_vJQ4sZNcvkTxROHjNr8jhWj5v2iA67a_-Sv5T6Oh5dN35TaScmUZargB5ZUeV9Wwu_MMYyikXAKqGexo6VO2K_btkC62zQ&cry=1&dbm_d=AKAmf-CV1TDhAxvdYHE_Ou2D23zeMH18I1aK0sjdp7BV31HNxD7ZKAs6TiN_QqavY7p47WfbTioWyW7HlSsyXXAsJjZzMjic4JPbIZt0Xl66vzb3i0WmZFCT_FhZ4um1xEL4cvBkCMuLJULnRRk-cGKubCmN-Cx_xiCch4pTvtFcIx5qD1qG49OzVMQfdLyb_MWsLkEzfyXmGZ582QQ9HqYt2-jae6-eCe66jncFi1TYJ4YuTmeqzAdhZlrRM0k4S0efDymc3QjRJ12U-5e8vmmDrTlyJZ_0_tJVWCniuUTc0l1gwBEmAR8G8tPFhqNvmfdvWcfOSPdBeyjET6Sju04VMjuFn8bVW590jD1KfJotnTV9EnXsEgXxsjRlglG_Yo43yp8icAmmR2rIgnk8z7kPyGdYeBSW8pXxTcNwMuHMylUrbk9OXbxm6XcnaBvsFbIACJ8Uw8OYBawtWmcxVN68VsYdMD894fYtmuoS72Sa4Ji4XANxVpMeJREkxbNRkiHzdfQxFEInD62BDHv-a5Y_nABTt7M0ujeuoJheAARVahNf8QOfMGo2C2VwOu8-yZF8fdsXuTbhdOJznm96koUgiOkk-xdF3AgIRBOFGrwQ3oVLxtvlEKG6Wj5ihToNmPVkylnflhZGLg-WUGpdkpdS0yw80-Mmfe-L3znS22xATA-VVV74czloNPMyI1p_Sozoc5z2ZwsXJvHITpzS66KvcTNIG1A8DkmNygOSufiHhOEreBGgqrxsxxx5U2A_p8yrgZT1pbdTqPlKO3xHY0gz4kmaQmgIPJylX3c7ARSfwZXutlzQLEFoWx7cfTDrmKfji0Y15FoPK3UaN_2QE3i8d4sU7I0HBdifbLYnB5W5SQZC4yM16UOUBWPC6EEPtPcpQLfj07lUYAQG7HAQy0N-BSVIleAgsXgq18v4yh4-JUdBCZI8fUHIR5roWmGRNcz88xhOmGdyGSDDP5XMNpF_qr46rchOWJUCeULGtq2N0XrEnkwdyDslbPKtOEbs_oUiPN8VneL_1psogOKl-pjglh2QtpDpxF8Y6mRfVCzLqO4HqS-o3GQDXx3cuI9gfhrmMUN4zujuGQl9eadj-c6BFZkvLFI9b7Xamp6LT4swRjzh8cCx3DPw_06WJGdKiwVEBE4OszVGELVEQLomxyAb1KV3MKBLEVcHwe_WjCkKpNRDDUYNh9d8gMK3OVP-9X-PjMTCjAuyCxhf8HPGDITd2QK9KI6w1kVeze9kCRskShQrM4wQ0YVl0I-0P40h-41JOWWivVAoB2LFSvl-8DMr5s58qIW3vKuejGTxwdAbRytdBQYMuoaClBiMBstDClrN8wyKMkgRucEF2cldYvTVKuq1rlSKQBEtxnkfPv4NjDFDYRkzcwF28bthJ7FygF98_DxTk0z_7YPlrA_VsyDaMhsfI2yK7UXSt2C9eRoRYY8lifPwhtBFu2OwsmsOSfurDpsADAeOzP2ArLzBMgUBqWLJPUvmjkp2xOcjfSCrW6cPBz0QmO0a4TnIuiHZsYU0k1-_raGWtRua2klJjT6qiqXO2aHLcujE9QwF6XIxmGVvCI8ZzsJcCpT7R1Kp3K7C2qs8EB3thuYFdi4kpryNRiwoqDSB05y-06jxwq0StKY6NaZgF5skL1ECKq4F18P16woBAe-lqbHwcTJ7EmtLlluJ1W78Kx77NFfzvuB4GWtpHs6dBm0-LSzEM-JbIxFA9nzKVBnM5yhLTQuWiCcMAF8BSQOfxs5nlIh5cvhDmwDxzIundXw7Y9gVe4_0OWr17EdrQjXk2O6mDphfiIDa5R38hmyhUR_9ADEn0XnRzjY7uLRAtYEm__LVHiKfkyBE9OPCOUc854QxIgDvvDHYy0C-SIxMg66LlavUqi6OgKsWcOTcAR-56r2flw2UQgSxviXLSSMD2fMIqb9yxLBlraBdr_nHLbqfn1dWiyAGFF4YAryFDvZ7GB2YrW5qoOiCsmVXyiizcHO4qS1Fb1Ua1zHWVHY31lGcU7hO9IZa-i2amL_7y54at6AwHjioZdrJzbe3seqaW36gUhlqGXfnakARXOxDtziZMqg6PzC52avEcrP0RX4o1fnbGbzPligSiAhjXhKLmJVbxCwH-8RRsruMS1DuxmsxGS6jor4d_6GxEgJJXeiTjisVuyBEPHEwQmQrQLSv0CbsAQR6nZzXFKR5G_GyHFXzwozG-43iOIRjvRdFY-nrwDYZsl_e-e4w3LE3KlKeBTB-Ig3PAg5iyw2Ielq9awPlhQWiQnargVX72f_BCepGVaUDPm3i9N0RTHcgVRawKbBSEc49BmOJS6Lh8QyNvAdPkSZ7H1qepIE9Vijd9QOlwXDJVL3MCZWlSz76D_iP8EGKnM44kXIuz5JCVB7vy6vwL7dCuaNY3YFUs52msaxK6qNGqagm148fL3wgBnowNUEkA80jyqApQh_S9X6PpSzvutLvfVUG4syfHW3-kxd_t4IS9jNAQDlogjf6arUGqRSC9HU-VJDdGBOSdNgzNTUOK0WuW9vTOOl9kWZIkp1X4JeisIqF-ZqhNqv6AqYmxyfi_vFzf_KzTpMmBvI208nvY7pxWhzDE4-wCRzoTR7U-264B22J4Fx29XROk3dQTC1a0uw6sPpshnejk7SvNeN21W2W2kpkQGXS0JBpoiauOBISYwAXff9C-lNzvwlvW6ePiczsYIhIYt2h93pHDqCdscM9ydGxdC98Nk8KGDB04y2dcM6rUPaLlSVi4y2Xcz3y-nbTperauDS1VE____axCCeMUe4iZ4lVPONobPP7ZT4w-5RczjhiwXqFIHRUA3j_sb16Uapdh3AsJgRmt9ScuVJiD_s2ThpOSZYV194g4D6f5K9BXvdY6t4tWDKUkfA_Fe-CuxsPT7RdyYZYRHgmN8E_C_gwKbMt_cZF6-yYanBlaQuiTSNmKYnZ_5Fo2q9780u-WtGS-KYjN0TSUt2iMMgRhnx5CAT19DzEvQgW8m4Q3_fk8DLb_vEn0ZMjrShoZDaWAITfmAzwQreVtwOO3Jkz9e-tSGAywbLFCu1vv3zWiUFJJCH602IjAqgTOnQwb9ZzNa2qfDDtfnsz249J9N5RR0gUgQEp3moa0drP-YdZVIJc1NuldbfLJcdx22c47RgccXZ7TaU93sMQ0RHxaXsRNgQTUI3qQYFvVJFR3a0ri2X3XVFR2k-9LSpwG9lT3FV9N2n10Ubz2SrSEVbvPGojonQaPOliLhVU6MLeLeoQUU8MftBaGINAevQBQntqaBVjOc_oK5KfIYrkATfWQ2vVBXFLQB2mt31rdh8Ht80jU2KbbG8eF3geKYkXYBjZf6PUL1TcQRGkN-oHRvRtek0IbUJLDiRLZzGUjHlRnSCJmcBzHzKgXJzp-GamAgIJQnMj6qp1gKIKVl7ccf8FSQZ7gWF1Aszfh1jPDGDi09I7Lv5BqLSDGp5blfsubJBXkLWWAG2B6iCjTGatLxRNF-OXg4pmtBPo39yZDT-h1OCNeXVyVOrrRBFhWC2fqxsBsk5-Cxl-ijOPI3TYM3oSn8i6GgGvfUfIkk4ePbw&cid=CAQSKQDICaaNxiv30-yD6KhBV4Wq3H1jMmD5y64v59omR7XGP60zdRNiUrBqGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=10183247774093382000&adk=3676778483&idt=131&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:21:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 4128 30 KB
11 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0
server: cafe
etag: 8023538936332676572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:20:57 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4128 41 KB
14 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 327292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CD38 1 KB
643 B 25ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 24644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4128 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4d52000136c81e02a4959600f0da5cf57f776572b80b1beda60fa652d787e5c

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CD38 70 B
149 B 159ms
49ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEBxqHPjJLuWQS2QEcenApo&google_cver=1&google_push=AXcoOmReURzWameTJROvv_lklYq7XAYKzN7T4geTPTBT0wenc8GWtMeHt6_W4-Xcl7nMgFXQRpWb2uURFGmEfV6keME0q4uTuta_XkDRW1mxLI2ALE8_WyItqBp4yYgnl5oH6aRiIcDp1-KO4f60vlnV1C0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698743570325&bpp=177&bdt=148&idt=426&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&is_amp=1&correlator=8428&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1498670183&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079085%2C44805934%2C31078301%2C21065724%2C31079295&oid=2&pvsid=3119154461606836&tmod=1254145729&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m7oneefnuxvs&fsb=1&dtd=436
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:51 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD38
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEHjUS15pVlWJDm8GM2gPgt0&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDM5ZDYxYzUtMDI5OS00NjI1LWEyNWUtMTJiNDYwZTgwOTI5&google_gid=CAESEHjUS15pVlWJDm8GM2gPgt0&google_cver=1&google_push=AXcoOmRw...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDM5ZDYxYzUtMDI5OS00NjI1LWEyNWUtMTJiNDYwZTgwOTI5&google_gid=CAESEHjUS15pVlWJDm8GM2gPgt0&google_cver=1&google_push=AXcoOmRwiyJYHbnwmv99uvjOUwcTH_inWIpyn-7ezOZXMoqLJBYG5ztzA7hTaS-aUR0D-FRf13kxBjQvA2IiS4QH91lkLxlV20qU0WskPaBKZlNxdgoMMjRbiDkaDvHKEjrRbtEfCMBsRGoUsE8EAk93bT0Z

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDM5ZDYxYzUtMDI5OS00NjI1LWEyNWUtMTJiNDYwZTgwOTI5&google_gid=CAESEHjUS15pVlWJDm8GM2gPgt0&google_cver=1&google_push=AXcoOmRwiyJYHbnwmv99uvjOUwcTH_inWIpyn-7ezOZXMoqLJBYG5ztzA7hTaS-aUR0D-FRf13kxBjQvA2IiS4QH91lkLxlV20qU0WskPaBKZlNxdgoMMjRbiDkaDvHKEjrRbtEfCMBsRGoUsE8EAk93bT0Z
date: Tue, 31 Oct 2023 09:12:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD38
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEPQFanb1bvynCFZWapFEGpc&c_param1=AXcoOmQb6NXAJO3Ks_kIW58i0uWFTnrfxOOtlumZYblCFmufZtNPGvR0wTWxPu8b0ZiLxyP7ilWz8dxsBKTo1Y1FRP8OwkJXVBEFSCZyQj_H1ynw9qQ...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQb6NXAJO3Ks_kIW58i0uWFTnrfxOOtlumZYblCFmufZtNPGvR0wTWxPu8b0ZiLxyP7ilWz8dxsBKTo1Y1FRP8OwkJXVBEFSCZyQj_H1ynw9qQ-7RnXFT8w0kSVjdw2i...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQb6NXAJO3Ks_kIW58i0uWFTnrfxOOtlumZYblCFmufZtNPGvR0wTWxPu8b0ZiLxyP7ilWz8dxsBKTo1Y1FRP8OwkJXVBEFSCZyQj_H1ynw9qQ-7RnXFT8w0kSVjdw2iGbQZvc11Bu45Me4_DnHVOM

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQb6NXAJO3Ks_kIW58i0uWFTnrfxOOtlumZYblCFmufZtNPGvR0wTWxPu8b0ZiLxyP7ilWz8dxsBKTo1Y1FRP8OwkJXVBEFSCZyQj_H1ynw9qQ-7RnXFT8w0kSVjdw2iGbQZvc11Bu45Me4_DnHVOM
date: Tue, 31 Oct 2023 09:12:51 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD38
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEDbN-FbOwhgzph8RNjAw434&google_cver=1&google_push=AXcoOmQM4vRqMgFPAoZOK1s8OwDR_49aaNN5jv4INmbWzBNrQDNpmWHFa7ZTtsT42NUc2TvVTNpfp2cRsCzoMwNJ_Z0hrC...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDbN-FbOwhgzph8RNjAw434&google_cver=1&google_push=AXcoOmQM4vRqMgFPAoZOK1s8OwDR_49aaNN5jv4INmbWzBNrQDNpmWHFa7ZTtsT42NUc2TvVTNpfp2cRsCzoMwNJ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1bk700BvSXSLtqmmXVIEvQ&google_push=AXcoOmQM4vRqMgFPAoZOK1s8OwDR_49aaNN5jv4INmbWzBNrQDNpmWHFa7ZTtsT42NUc2TvVTNpfp2cRsCzoMwN...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1bk700BvSXSLtqmmXVIEvQ&google_push=AXcoOmQM4vRqMgFPAoZOK1s8OwDR_49aaNN5jv4INmbWzBNrQDNpmWHFa7ZTtsT42NUc2TvVTNpfp2cRsCzoMwNJ_Z0hrCLOFHA8iqBQ7wCZDhSdnoSXqDslnwAL5hn11Vl5IPdym70rgN3wfNQwJvDGk00

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1bk700BvSXSLtqmmXVIEvQ&google_push=AXcoOmQM4vRqMgFPAoZOK1s8OwDR_49aaNN5jv4INmbWzBNrQDNpmWHFa7ZTtsT42NUc2TvVTNpfp2cRsCzoMwNJ_Z0hrCLOFHA8iqBQ7wCZDhSdnoSXqDslnwAL5hn11Vl5IPdym70rgN3wfNQwJvDGk00
access-control-allow-origin: *
date: Tue, 31 Oct 2023 09:12:51 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD38
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQ3-pqdwDrW0Od7caqHnFoJKsgNlvgk3MjM8vahShh8rTgE09E2y786c7yEdH_MCPG97vFM4yQ9XYkvrJ6oCzJvwRNZ1bsU1M5-vlk8lVUNWVICi3c9XI-RJNDT1JX...
https://sync.targeting.unrulymedia.com/csync/RX-252d82a3-6222-4550-9630-3b6ed6c02ffa-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQ3-pqdwDrW0Od7caqHn...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ3-pqdwDrW0Od7caqHnFoJKsgNlvgk3MjM8vahShh8rTgE09E2y786c7yEdH_MCPG97vFM4yQ9XYkvrJ6oCzJvwRNZ1bsU1M5-vlk8lVUNWVICi3c9XI-RJNDT1JXNEhDN...

170 B
188 B

42ms
41ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ3-pqdwDrW0Od7caqHnFoJKsgNlvgk3MjM8vahShh8rTgE09E2y786c7yEdH_MCPG97vFM4yQ9XYkvrJ6oCzJvwRNZ1bsU1M5-vlk8lVUNWVICi3c9XI-RJNDT1JXNEhDNm-FPZatRRHatmK303ig&google_hm=AyUtgqNiIkVQljA7btbAL_o

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ3-pqdwDrW0Od7caqHnFoJKsgNlvgk3MjM8vahShh8rTgE09E2y786c7yEdH_MCPG97vFM4yQ9XYkvrJ6oCzJvwRNZ1bsU1M5-vlk8lVUNWVICi3c9XI-RJNDT1JXNEhDNm-FPZatRRHatmK303ig&google_hm=AyUtgqNiIkVQljA7btbAL_o
date: Tue, 31 Oct 2023 09:12:51 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX252d82a36222455096303b6ed6c02ffa003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD38
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEHjQ1jdIbKOePmK6yTjYZzY&google_cver=1&google_push=AXcoOmRboKC3bTWpHV3WiUjEkkTyOjoDDVwrct9JbtqY958ZMqep1hpyy...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRboKC3bTWpHV3WiUjEkkTyOjoDDVwrct9JbtqY958ZMqep1hpyyLRuYjLxCZVWmampnYaQEomEbGLexM_s_Ow6cOWv4-ZS3tR_GWkz8za-T2j2OCmtGlge8SpIF...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRboKC3bTWpHV3WiUjEkkTyOjoDDVwrct9JbtqY958ZMqep1hpyyLRuYjLxCZVWmampnYaQEomEbGLexM_s_Ow6cOWv4-ZS3tR_GWkz8za-T2j2OCmtGlge8SpIFlW3Cv2u2Q3Y4TZ4c5LRSOTiFBL9qA&google_hm=QlMuZTBjMS1lYjc1LTQ4ODItOGQwYg==

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRboKC3bTWpHV3WiUjEkkTyOjoDDVwrct9JbtqY958ZMqep1hpyyLRuYjLxCZVWmampnYaQEomEbGLexM_s_Ow6cOWv4-ZS3tR_GWkz8za-T2j2OCmtGlge8SpIFlW3Cv2u2Q3Y4TZ4c5LRSOTiFBL9qA&google_hm=QlMuZTBjMS1lYjc1LTQ4ODItOGQwYg==
Date: Tue, 31 Oct 2023 09:12:51 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD38
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEMAqlPOxn-Rvc5R8TNZzRN4&google_cver=1&google_push=AXcoOmRXJlR5h5OcAfNOiRLQn8v13QvCCfrpyix_rsgQBWw7pguGaGlPaV4H3sAh_f6HIzhBqyP-RYKk6CafQuEFA_Ri1FlIv...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRXJlR5h5OcAfNOiRLQn8v13QvCCfrpyix_rsgQBWw7pguGaGlPaV4H3sAh_f6HIzhBqyP-RYKk6CafQuEFA_Ri1FlIv5SUHF2zMu0fU1h9sYcj1P4jul8BQ...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRXJlR5h5OcAfNOiRLQn8v13QvCCfrpyix_rsgQBWw7pguGaGlPaV4H3sAh_f6HIzhBqyP-RYKk6CafQuEFA_Ri1FlIv5SUHF2zMu0fU1h9sYcj1P4jul8BQ-Z4zrPQDb2SSH-5zxOZ0KFSPdDn-Y_B&google_hm=f34e9699ce05e31d13lnaf00loe428sh

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRXJlR5h5OcAfNOiRLQn8v13QvCCfrpyix_rsgQBWw7pguGaGlPaV4H3sAh_f6HIzhBqyP-RYKk6CafQuEFA_Ri1FlIv5SUHF2zMu0fU1h9sYcj1P4jul8BQ-Z4zrPQDb2SSH-5zxOZ0KFSPdDn-Y_B&google_hm=f34e9699ce05e31d13lnaf00loe428sh
date: Tue, 31 Oct 2023 09:12:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 302
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CD38 0
12 B 35ms
35ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQtFKy4Tepr8URTbJT5JCwfRot0IrYYrk5Vw5MNWoA2nJ4DaGa5Uq38ab8_iAuI5bsgt1b9Hc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2108 38 KB
13 KB 23ms
23ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 327270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4128 0
0 70ms
69ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu18MYA5stbo5aa6ECl-gcf6uFwRgVycfUvJvYf5kUZPw74n0DnJJB_cId9vN3Fb2UsPPAM2U9mkNQQN0yaHmVgokm7dFtXyjGUSeEFCTGzESY0bY0X0pdpXSeTLk7eLjvGFQKjmcWwlPRc7vYAutkRquSC_lJpUPqGKm_o_331Vls4afQSrp_ywofaim8AZ7JiH0Xi5a25GxW90kO3fc85clA6Db_eYqaePHpsGDLi0Pp39eHnfrnpuur6RhgXZUnvHPQZ4QRFssMF6blLnj1QiC9H5lXGRKU7a5623_x7Ydv5V_-uCrbKX11BKz3TPG74udwrG4F3d0kB_voE_IlS02KuatYvw9oeb7FIHsINqiE_mkRYFYBEarcB68SolhwnCmI6YzITlcvKYydJ4K54ho04_xmuqCSTkYgWKAT8mdIH_ITZGddLIktO5blIbxszl9r4uQlJEgsuXxlvLdvAGQxcbi8pTHmQs7w0XnTQ-IMue8-X_8_ZWs9hzGqoEAglBNcpCX35nmr19r6XYgiC5POFUG62y8rdBhbx-IQ9UxWcA18Y0Ii2ynY_t6au4HazLYMpwELI57Z3d8PCHJcU7kdFOdQDwDcKFOhRKKn76qlM2NOHLM_NDBr9TPR_ezr0YPYPM0-3lkKJqkp9s58-wLrbzgeBQ0diPI0sr6YGSv8eGssjzCTVDib3gCcLodKkFCPMDU66hM1TMr5kR_D6iUO49DeUzJ3ABcM0ksPwwepztBOkA8bhKVofGqFmiY2nu_Lh4Z1GYGYyoDXbeEyfsTHvlTb9m8lGteSVm07U3iyhCEBrkwxcZa8G3tHeR88dwiHrOAUU-sB29l0pUrOUdbbQ1xicJIDC3hPWoODniGdErfIAjLqtn5llL2lml5oZ-eBuEBoXrNrkFJk3VZL7-DaqawnFyiFJWWl9Zk71pDhl7u_FwaCWMxWUV5j8l65hQJ4G_eWz_TencG9XEibadrLQim7BgVQ2Z-kmXrL_FoS6ohZr0Blq4xzhJsiMeZb7sOFBXBjdpBma8tk2WjryMBrXACM3B85XsFIlphbX2cd3ObJZBottjnYJzgf-jCsh3RwAoTO40XfdFyzKb4ii0KukCZkaQlI7DC1xu6H6Z53IWOxO5thDKuaAT4E7kAZHRFYdF2gplhmyErcOOBdynyIKFLsM_ltVSHZttxDSgWAAVNUKJEAxeICW-nKbJrEdOXeE1QuBsg8rcqLZZG4GC5pD8KrH9dwu9dv2SP-it3QuYcfs4U4ZeqtWUHQWScDy_z7jbThs_o5CJ1HLQEtAk-hoDE-69PlUzxq7foTx&sai=AMfl-YTUt3JMO3WboCR42EPo613eRch5d5GB-l1GxhDrWEBPJLxNEGi4APEXsLklFzATu80EfSFOLfEf0BsvNheg9rtKZ1omrpQHkwornlJZeDXFmALuNTfpius4nDguZrz7sF1co0YtNVrB8aqIG71VgNmG7jFFA34h9s-rEHJQMifnJPB-ew1wsufoprV09r4a6nW0WXDIC73H&sig=Cg0ArKJSzLyVNppMkV8GEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cisv=r20231026.50553&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 09:12:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5486792170485406074
s0.2mdn.net/simgad/ Frame 4128 11 KB
11 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5486792170485406074

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b6d811e9ecfce9e54ea94ca84356eb58dd7ab74de16e48a7927b3f28bea923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:01:50 GMT
x-content-type-options: nosniff
age: 25861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11190
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 16:20:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Oct 2024 02:01:50 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2108 38 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 17:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 17:10:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7AB 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvTnXE8VAZYO5Ds-QjuwP9KaoqAMAAAAAOAHgBAI&bg=!bG-lbyDNAAbo5yKYyOc7ADQBe5WfOMWWiA7g2YVXHqC78zPvqWY-Rk1uwpQmwjODHuzRg9OnmyuK2TZ27RZYVQl6MXAbAgAAAMtSAAAAA2gBB5kDUFiZ6jW3J163Fu1UpuKdenRmxBpKQwX3d8fu_VZVqZ8XuX5Ty6arW6aiMvqFZxqULt93edsXqUVMoTh7pam3VmacJeUYB4636A8dtk7xKmFP3lVc2zOVVezWEey7BJ8hOd4XUZUeauKkTO6UfRGLxwzmQtMa2o9AtB_gWzbskhdyCuBA0rQQx6Sjq9skqmLIgw7YdzEIVbdHyMfvS0HNX9yx4m8Kak0l7as_vSGfFP6fCM95IgtzHA3tBv46CVLqWxbrxvmGpLxYrWDGq26XbwLql9scwgOELrhjBt057N8mEqTQ6H-uUdSgAHyrW6xaM1f-GmgYgqdZBEbh1Te8wxLL6ebZK5Z3wvIvq0pwjEj4Fey1e8QmG-nBOU4i-DQgZ3TnLlTYNFXQ1i5s_mV69UudIeFGTfuUBjTIh3yrYZiHG14kiMvovAvliPoSjUTZ2nu8pSsYvGylS-95E1ykiUxLQXJ3WKcJS3LulztkCix3-9gp18M3-rWrDn5FMKNNvIrDH8lw2HJ5e7qVYRu5p1Kb8hzpxTS5qo1AqTQdPr2qV3VPOX6rVY9lE09_Ch7DYQMCBrzvGbLKVTcGV0zznUHjeqj29hKsaLBtttOiPhVtrob67GMqrz3XiEj9fXJ1izgAyxITXLE2Z2Ezibt77h_YGxDIzRIYfiA-4dznXj2E-cUahk7Ih-tHClKzyAnj3xBMPF1FpOniwXJPVhD-mRbVHA1VqIk3yvw9-Kbf-DPyqudJ_p6A73PU7OdOJ_vgXty4yoTbdo6TQim8svj7-TNwbmxI-0CdSBxbJ6NhYpii4prZpEtlKnOfAXjDDgZc1L2Q03L01HWVVREANGOrFCeom9F9UUHoFygg2-1MoKCMEzdqTuNddc-1tTqBULBHbeick4Lm5y0Y1MewQeOmjvPUpqg0UXdS3pywsjDOTKAMGp1Pd4vmraOPYN5TcCNk89xEPF9wI_Engk4hAUIcYOyV7199j7avDhw-4JkaVZAPpWLaGje8NjA8_eG6_3_t_okZzkrKnySIY0HZgSEk-YaEEw0iHHe-3OGWHb1bOp_IwmoPTRSwo9mLvDz_gqpZeyp0SM6iE0ge_e05cYtOGZHzDAq2X3ajybTGqqFIx-vx

Requested by

Host: 9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
URL: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2108 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-4S6E8VAZcWdFbuv9u8P14WPgAcAAAAAOAHgBAI&bg=!2dql2pXNAAbo5yKYyOc7ADQBe5WfOLTwvPEMv7ku3tK1uo37ca0sZ-I1HQHUqF37gB-PP8nLUnKfraA4IxlWGOOSy682AgAAAE5SAAAAA2gBB5kDQw9JcnK6ilCYCg7sV60dR3cuRaycRYNYGa9gPLFh4ay41C93rCWm4rP6I7BKaPIqkQIKVYX7xcv2OQ1_xMbru6KFKhYdzxoyOis8N5CLfQGeUVGw2e2oi1xmz0t3rfn_HTVTlrsBQiUmJJezv3bdOhTyAA-5n7IVVqDhEL_DqRFoReMFWHOHItLmlxiKviNPI2TP14vXdrOQssb77ABXkRtgGVxttBgxez8z-P_VKFvONbv6C6gMZWFqaOuq_vNVrUDGjmYZjiPR1BerfglDHtZ3hbumvQaCeYfHsmT4tVUEeNpmy1Wb4KeSh6cdm8SSIq9w_Lhk4urBLb5WOpodx7n1woMjiNwd0XzksDc7glMhpIELb_r-b9uW5ziRtFKru_hhcbG-4TMSReKFqlI8hGzmQRpzUHfjEmsLERgSrrLThSyQkPLHpe1Loj1jSHgSQNoUMpapjpd7U3wnnL7v-kPQNzATT8nVJgAi85uDln-LrmjqfZiuxvP-HQ47ZUnFTQ7j96qeC1vmxzat2ploh6IghAphWjKh187chR4Divl_xjbbNNjRfAV2c0zK__Sd-R5UY4gtGadMkUeQL1_VaOozkZgzqNC49bpHZ6Y9yve5ImHhOelSfEnT5rZjwUV4Jff48UxajY-f_8-v45jLVVVDyZHMNVHgEbp58efXM1GKG5WVy2WKs-P83khVbE7EIaYHK9VzbJpL0XTg9TyIVxbMf3jIUYbgNCmW96WuOfa6TbY6XmZztGUI_O7tAuOYBknc5JNWf95ErWGBz2HuS3JRWX6W6EgGOBjeruTQE1v4cmyOb_kbwyBcfzo1kOnH2dqWN8b9dTEiDACUdNaqD6h5wAIQxCry6bUrfOG7IqHuAs2BNTu2GgBqg168ihZuH8Gzl_Wj4JR65OLk1GuVTUe2RtzgV0dZF4C33L3wWqwuZiIY3P13ApNB8GhPOrQnfLoZ7lGJKGIN9m-jRWTtR6Qx556Wh_SWqeBZBvIsuGhVq-NDpn6dXaGZdAGr3Js3pnrHrAyXzL19VrXNbg9_zPQa8FcwX2lVuYCeVCMWJQIF2r22AOIb_tRnI0BGJKmuV7GjVZtyOEC_yvEo242ZUUsUAdw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A395 0
0 102ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFcCctVTweg-ghJcJaIdJaQuQKbRr-En6qutBHSWyDol-BgUdCW_htBTSnCS46e5XqbOPLJNDmvmqVy2CtqcrmPT_Pxfz4B3PVRGOAsLFxUtlMS7c0sDvnt32F5GHp3tKqYtVsgyw-yGD5clVmLWaYFGyZXLDCeNF-0Rv7jc2l0s72U85IaZTvNVMOaozemliLCr_agI4mlSnXy7YfqVZ0IiIUEVm4KRbdrxg6JghN4hrSQNb9xdR8m9nwrSGAowDYTRMH1dS_2rQJS10OR_YO4xEk9FsFQXB8KhkeRZlSIDgZLeeP4H3R2hXnQVQ5icx3FdevMlZAyKwZEKumK4Bc6iS0xYa73HX_hpkMPoknl7Y-crWKzx0puh9RxQGkAaWT1WAwHw&sai=AMfl-YQFliVU0Cy50Spv6M09xCQZ6VjNLvz2nEFCFTHNZY1bBigNKpcyv1LeXlczGy3LnMf10MucCfIyTZMKItE&sig=Cg0ArKJSzAA-v549YDCKEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 04CF 0
0 77ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUXQnKEwz0o-Trpm-YTm62RlaQFx3GpVquQ5QoFEsqQIsYIQHsn8lkwIE3tbGnPqPa4DxVgtKB94_fYkaj8_OPU3DYtPJyXZsNmWphwARXfHI2My-NV4V52A33X76ferho0lqVbIFOg_DI1udI5VGpGkoRiMiSwXQV_g-l_CT1Lrsv9o5bMjCfZU8BNhpRlPVS-eTMnGi0h2EyilzJsdwlWxgAHMwOy4ScxC3_o5sl26udRBb77h8NK2eviKhK8M978UBk3Uw2hG0nBU3aZimJvRtnHyh1rqJrBNcIpZrjX1GBP0tBXpJKaVx2xvm6fAOq8wuuNHF0NiG24NDqg5kaJeDPvHKwXzs8ajzf49dZ9EvQCjq6-T6C_3MGbvCYNvVvidIjbWcR7zDa&sai=AMfl-YRMzq4c-KqujqaSSHQXNt44YO4sEX7yaFC7w6C0vjotcnDvRRwh5axlx7pz-57Df9Jy-WU1FOsEkbU-EEE&sig=Cg0ArKJSzOTeiXPtWkKsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4EE0 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqfQdCylF4Hy1KdoPKNOuWXYRT5SmfSsXUUJCSzlao0RsRn-Qa09injF7EkGQ9r7LWQSz9dG2n7gxtrhFkN9pMyRUKH6ljSUDmXdaOnfm3J1p1eeBhM8zLW7rX5gCm8pU2_lOlpUmVjlrjekT8gGgcg9-xcVbmJpcvbAmN0xSenGgR7kNhnVVF37Bim3XvBxrt3keu85ksItZd82TV1Ok6LhTfJJyUEJ3HgW83Ar2OriB4u1LdCAjK-YcMXpB79yANeARrsZJ0QhXy7LwHUXVsAMRUSKLTgmsWfhuGKyXbiIhatLYpfWo1Etz9Jxx6UHdgqiovhUzUHcEXO8EbmGZviU8AXFD5n0vH5sslj3Ioy_tp7ue8SuiSoXQqP_2IimUMmzTSrg&sai=AMfl-YTXk3mkP3zu8CIltR_48InS6KK-8mhNamL35JZ4KDWVUjdstnP_-PhtWkzqVIl_ZuIbNfa0lbkOoVvvcwU&sig=Cg0ArKJSzEqW8euCDZpMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3890 143 B
166 B 23ms
22ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CBB7 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 24645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A386 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJIIPOdNV3D7v0WxfRK8uAMokJpz62FBwS08XS45P1v-pYFMzJazPxoJnLlNTLmqCZw6huGE9zK1QmpylVSeFxDehu4ZgAXV8ArrabBxO7hmFzlTozD9vvQ8lAShlBtpGhq5U-m3j5pajgKJl2_Un8nQH2vuIqWDD1CBZExpQZ1ens_cHZdlXLSMp6sxX-Yz8oksKgueqdr3A812prqgWvRJnl-1-uhujRFqyG7ipF1c52NmynzCRLzhNuHwRw56uzUZq41JfJCFLH_oO1HBu1f_5OGsNm9PNT_7zHmXeeqNMMpfAtOqIOe8Gk1ZbLEMgrEwXGTE1Kue8h38MYrNAIJl0p4SYgC-SmO7gqMROu4_bwn2a7uGvMVlqgW6xdDpTqpPsG&sai=AMfl-YQDMYAervwORBYF-wPiWZ7puypJH14xQTLMy3HQzhMZ5h27IPQ9sOdYXVV3M7DsBR6lKN-lkA_eiyKAoHc&sig=Cg0ArKJSzAIibmdeglUXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
DATA 200
OK truncated
/ Frame 4EE0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c4c951d2f340f201152162fc2ed2548c8f271a2b595a27e865310e293ed9d94

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 62ms
62ms Preflight
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CjnUPEsVAZfLdIInD3gPa0oCwBeGzn71zjp6w6vUR8C4QASDTy84wYPWVzoHgBKABgqmxiQPIAQapAvD7fSUflbI-qAMBqgTrAU_QY6TwqJMPKNIC1tQ_pQ3irGC1D7H4CeP1kIV7bf-RzbcEmk35QYHEtb1NtrgkrxD7mbOa7zqya4WYLXQLVIxMPMqu0FgIXRHPwUQK3SpM3SzVli4O4zQPGc2N04foTA2s4-oyUyvKCwh8PZYx5XF-OnVuc8I5Y_SEG3L829iB3kGvzLp0aKYH-TXnBwCcQzxLOtHTad5ObUpmU7yba67Jqlr_Y57F6AGow1mpXyKX8WCVKs-tvQ7bjRPEgeApOV1V3i17PJqmwYBIr8_cHDWdSywBoC4eXBawCBAOlY-nLH69DeuPp9LDa_fABNyN4K7CBOAEA4gFk6Tu8kySBQYIAxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB-bWznaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChCCiQQY89WH-gHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJzQFodHRwczovL2FkLmRvdWJsZWNsaWNrLm5ldC9kZG0vdHJhY2tjbGsvTjQ5NjYwOC4yNzkzODJEQk1UUC1JUVVBTC1FREktRDAvQjMwNjU3Mjk5LjM3ODE1Nzk5MDtkY190cmtfYWlkPTU2ODk5NjMwODtkY190cmtfY2lkPTIwMTUxOTkxNDtkY19sYXQ9O2RjX3JkaWQ9O3RhZ19mb3JfY2hpbGRfZGlyZWN0ZWRfdHJlYXRtZW50PTt0ZnVhPTtsdGQ9O2RjX3Rkdj0xgAoDyAsB2gwQCgoQoOq7nuu2yLA3EgIBA-INEwjZuNb4-J-CAxWJoXcKHVopAFawE-j5nRXIE-W22-MD2BMN2BQB0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=dFnTdcvfia4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSKQDICaaNxsFvJg989C7cVd78ucrv1rEubdjINExZRG1doQJ716KHfiCHGAE&template_id=509&vt=10&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 31 Oct 2023 09:12:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6A36
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CjnUPEsVAZfLdIInD3gPa0oCwBeGzn71zjp6w6vUR8C4QASDTy84wYPWVzoHgBKABgqmxiQPIAQapAvD7fSUflbI-qAMBqgTrAU_QY6TwqJMPKNIC1tQ_pQ3irGC1D7H4CeP1kIV7bf-R...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4075cb5b491ee6370000000000000000%22,%222%22:%220x710de3cccd3edefd0000000000000000%22,%223%22:%220x52ad04...

0
0

124ms
59ms

Fetch
text/css

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4075cb5b491ee6370000000000000000%22,%222%22:%220x710de3cccd3edefd0000000000000000%22,%223%22:%220x52ad047e2917eebd0000000000000000%22,%224%22:%220x5f9de813a7dc6c000000000000000000%22,%225%22:%220x2cffb454a2b81710000000000000000%22},%22debug_key%22:%227552309352583508240%22,%22debug_reporting%22:true,%22destination%22:%22https://doubleclick.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22824988802%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213803286020933204993%22}&andc=true

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x4075cb5b491ee6370000000000000000","2":"0x710de3cccd3edefd0000000000000000","3":"0x52ad047e2917eebd0000000000000000","4":"0x5f9de813a7dc6c000000000000000000","5":"0x2cffb454a2b81710000000000000000"},"debug_key":"7552309352583508240","debug_reporting":true,"destination":"https://doubleclick.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["824988802"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"13803286020933204993"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 09:12:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4075cb5b491ee6370000000000000000","2":"0x710de3cccd3edefd0000000000000000","3":"0x52ad047e2917eebd0000000000000000","4":"0x5f9de813a7dc6c000000000000000000","5":"0x2cffb454a2b81710000000000000000"},"debug_key":"7552309352583508240","debug_reporting":true,"destination":"https://doubleclick.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["824988802"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"13803286020933204993"}&andc=true
access-control-allow-origin: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 6A36 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfdMOmUd-FbYT9tSdNmniyRqMjYC2j1dD_gmDdcaEgv1WOmiQU6Sq_-hrA4pXCoEqspczW4Zgjqe7TrDONkICUIYPnnq3Cb86PDY5sadJ47RzOaeTxzH45FC3m0zye6m44GHqLzrYXfqnxOWF41LiLVy1UiXgAF5iv0K8yfZYTU0Inmgw&cry=1&dbm_d=AKAmf-DoETFvTQ5ccsl14ZiPx2QIfW-nOIB3U7L6p7TB52efYZxT5QwMV21Yow2cWQ0ZqNII9-Vi07VvaZxAHCrLSFiFpwjy0HlS-hlsPmsUXhv7WVTMelTz_IZvhLwKCNkwJ4y0_v8BP4QNXTjNRuZCmSGNvnS9YP_cJwLhHu6JmgOlZDc191tCl2wYF7J0f-iX8BWp_24-1WIDWMxhAeycaad5K0-v_73Bu_MvtdF21JpOfLu_Fnx7EO1WTYJo8l4WjPvubymkg7qyBjL1uPtraEL9-x1aohWr4JZFJfluUQWv6tGx20kmpBuI6RxyoORETGb2ugx6150eXwmC4R7mAn6EU2oy5F1miIlUhOKIkv0Dix3JzpD1eAwe31Vh_US1iYxs3-NqUxur6P6pfYjATRMhsAbz61_q_efpMt_-JdfGMWlCDrJ2JC_WJ2y28TY-sEA0ZLVUbhP_D2Y66DOZyUY34dG47S6Yn9dlHavJ9h9aq9hDVc2g8aEV4VnlhbrJB3G_sIZih0qYVbp633UvC2liQ6rr0wm0ckIaEj1Pk6UhV3bqT34_oMKJNy-IJcrm5QrZ6CqgggKJzRnUSYZINECDDC8pbqmMr4di-D75MnY-nEsxrPBg7QNjNeE2Im3iggfhyvCqUxHshVipkzP-UostgIEaxHEHrbVBSgDDerMvTGUuIzkv_TFYZ04i-n1lskpw5yKkELVJlMvnyxEzdu0KHI4q7_A0nvHipqNCgWEx4PVhwkmW8OnaR1kRUtjvDH8U-AD8vzoUK-vmCWoa8ZNh7MJY_qqeF-6isJNEbvPo8aBNN1mcio6D9C_ykboEmQjJsLgcAmMTfJ5uxaq0w1e3bj33042suLfO38nhP48yb_cmwoE0t8GpCDQjuwLpVwkIMz7gq7i41Cil_srZ4UzhRrXCpHMuZpXmtCx90xTbrLzRNea5poKXZM3lsmywB3bSqALQU2NQhbnJPEJogq7v_bBBNxTSRPjsCNJ1tQwZIk1mM-ig6243SlFGO4xqMN5En4jbhTLWAiQVG1BQOE7sm8d-2GXJclClVnkCV3-Lj67LdYjP30J64kSxL5XDKWesW1n3onmprxwkUSMk1-W9jq2UAFSi8JhqPuhvH5jHGvVnG_z6R4vKtb8KXJPCxiRqFQOENFAL0WrW56l2xhxLNxwwsl0GJGGWAPQ2FdQ2EpEAkNr1fEl10SYZYf-2lIiu4LUOJEERwiJtavJfOi5p-Gth_I51zXRSH_M-S6SrVQf0hz1fFp5SqvRsksOOZlytUDQrLJyelDOPpPqdAXFyNJiAfUi3joLB6GL7WSmIWJhMUvH_-BvxbTA7KPifRKvaJamZuzjfw6VRyIKTiMXOci_oqWBSP7nZ3fKe205zJ-Dg4dxpiBZmzvHuD-N0GXxnuoa614JZ50pcDmX_ydUZAmuZ5DMnYtXN-NK1pzTx4uRcK6jaPbq8cWKIWmL61Sa4-kTR9lXswDdLQIxQ3B8c2hbsg29VAezxvCDAMN0S4-AP6CEAmZUP2p22b0QZFcTEzZsMZisj31Bt7zLNNNdNp5Bln9p4to3ERiRLbv56UlztKoh7USEc8sIOmsQSDptaQ-UCMygp9KKTXQb1U75P1VsB3VlwNbUbwq2QVAJyJ3VQA0r9-ZVMiT5hEw0YLP-iETl8VDFaIl9e1bpF2zXLPzZT5w_9I1BzBb5-V9fsPVwCjOBLRQQLyIQlopKt7O_vsENw3N5-qLePMTGBzsmH1waDbuaQGIZEfF6DlEkPK4XJEF8LQvb3IduYKr1Y4V2htE8U-sTkW-Z-lFbZSwBSmdiJYv5av5CYnu0qOisuuC5NhwPqfhOK-_IzNtS2pbJ2d3dnXSORHx5DeT4iVQLKc0IkmwWXuM7TCOUMsZCzY0FwpdBtuHfPJHmIjW5P7JTZdrpomZkQsfT8uhBUH5325PcYcprH8vY9qTeKMqKgvta8MuK3iIeb-ZkGmCINWSN1Lzhgso1PBYq3mp0_j3UunxQuLC2WLSnyBGJPfLlwZO2EiOWvPn2nrgGsHk1JLILQ4_d6Gq8gqTMD-sYY1ofHnM-9khdB3U85FfA89dGqnOaV45Mapdar1TYic7rKe-ZKN7g6ue_DLI25KRkCoEbCG2Y5n5uy4DHlmFO_qrxXDUCL6IIYrFe5mdr4TL5KifqzGIS1EfRoKxgFvkMsRnYP7MtUYF9xrQJ3TytDdvVlVssbUskXdM8-tSvaVG3vNHNKw5lTaFDh5qng9MxrdUbxxM3sG7OVNUI1dzZftIwYrX8ehSZzAQmn70piKXtSUj59zVAsKvi9s5IdcsWPamlmDv7WAdacf8bHsniDsiTyJ8oR1T_BOXfanaYB0_LHbPrLDJZB0nsY_UiW1RmUzgwfh3YaJXrILdjATHWgQBhSrqyRjMajABr859owiFY4GJxUMJTEBAVNYMrZaUM3Xr9tbOxUyFWycuRLZpRopqRRReuQrtkhkWMM9P98EUxn9-slBHIEiwQTy_kob7HViT7biuXnFni1qdK0LnE6EHqeLOd1qous4iFEABAMeTT0z8OGO81yMN2pCnmZMWinQMCIE2r11zvVnhdryaBRTp-htGeJxtxHt1i-BAD-ode_VVGu7tPM0Ydvbe__sx-otLLyEFHmRNZ5FISJz59weOV2tc_PRETEZQC4qZ6-QTyEbByyUyc5yvT4mtny8RIK0vjYHZFVSCnOeNEkHQ8TLr-SyMsAianpHFCt90-pbZldN6ohQ3tUoFixYWJ_JcB430jesKGpR8ni6CynrtTk7Yik7Zu-mkp0SzXz8HE4txoVGICUwz3bNLq-ek4gZJsMzSAtKXIbB2SiYaAsANtOokqdaqvrWT7qq0nk1Anz2BBRVol5jgMJCjOMOAIpeUw-RPh4HmiZUlgQ5x2TJwZuTr0mRY5s-cPwMsIOKNvZGW-Vp2ELaM0SDvx3nbwnO7tIZx7nEaaJV8vVS4uAvMMW3c0V-1AsYnkH8H0aMvOs7VyKafQg3SbpSbJtuYVBEWvBqVSDchFJ0ws_xvvKF6MGdbLC7HFkGtpvKRmkBvS1eJbKvscGxky_opmtkpeKoVWUMuEPfykBz2ECRCqSqYisJ8INcK7dU8IJDr_fh3_S7fxWUolj9XBYgRWVucEzMh6iziQw_SY8509bRZnopFRg-NuigDizqm1Xvul0zW54RphhxjuEa9lEUOWIJBzlcSNzx3qBoZgUGvH7HU9xCDMpX4HZrGJOYEHmCp5nRpkUQcFXUon--aSmPQ9IjEmEch3N095wFtz9QGgPFEtVKg41q80jZ21ZZTLZeoEBLNwr1DaZpKMwDV-aRTWcdbtBhMc8IouHtwuE3avUUJPMm7fvnuHK9-_oyeJmZOEc9bbmTYIfn0o4n0ctcL8osJwl5ad-HBKeSUuiHQeOY1DL6Dk5LHAuJSN4iok6KqVuYBBoviOn5-OAv00hEmpJcj8UV2bVNnZiAMCSSVWmTAQf33aYtejv2zJVaUg0wFEBPdn_ajSxR2LlUAEH1FBjENJFq6bB0U9m9I_RgRVeTVCFAzJuj-enmKFHVOW2vlqDeqpwglEhI44uMeetaLRXIzAO3VTQOaIzzeya6nJxHC506kM3FEEjkOshCb3nSibDZv8m9LnjFKP86B6xsGndpzFcBeovxVmLsc7e3UM1dIRKZsOEkYgnnmdmf6MFRdFCpA76fJSZaOWGGa05HYg_6OT_7y98rF_auLL5rle4zo6-ObZ19YQHSX3xNVoHNuGQEAWMhs-fmcaHuT7O1Ok-2wg4xUcAadQgifE8Zz6GqMTL9hhnipjaxa5-KLMRILDec4brJNx0crq0R8cMyhsJiHLS_LNUQGF9SSZ4hqq1wpHs-gh5yskg2aM3Pr0RoZrenohiOsmvXieA0Ibgv_5PN-PvfrN0q4gcWLDk6DMyCMS_PTAL-GllOoARoM7z3ZQmrNoaiTO_9ItWNPJX20EaZH2sArGb1Og_QncZIdHLVdcgI8EwTVdk0HJiVT4PDpIcqZhzVXECZ1NRlVDRxz3e6LSMaCfzC67QWiW-LmTMU-eRgR-tva_yC5HDPp2-FUUecGVjtFgIFCnrv3ngeg08CGz1buA8p0u9zrWw0A&cid=CAQSKQDICaaNxsFvJg989C7cVd78ucrv1rEubdjINExZRG1doQJ716KHfiCHGAE&dc_exteid=31336287897505110206937889101411250&dc_pubid=4&cbvp=2

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B30657299.378157990;dc_pre=CI2C5_n4n4IDFZ-R_QcdI8EE-g;dc_trk_aid=568996308;dc_trk_cid=201519914;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N496608.279382DBMTP-IQUAL-EDI-D0/ Frame 6A36
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N496608.279382DBMTP-IQUAL-EDI-D0/B30657299.378157990;dc_trk_aid=568996308;dc_trk_cid=201519914;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
https://ad.doubleclick.net/ddm/trackimp/N496608.279382DBMTP-IQUAL-EDI-D0/B30657299.378157990;dc_pre=CI2C5_n4n4IDFZ-R_QcdI8EE-g;dc_trk_aid=568996308;dc_trk_cid=201519914;ord=[timestamp];dc_lat=;dc_r...

42 B
118 B

42ms
42ms

Image
image/gif

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N496608.279382DBMTP-IQUAL-EDI-D0/B30657299.378157990;dc_pre=CI2C5_n4n4IDFZ-R_QcdI8EE-g;dc_trk_aid=568996308;dc_trk_cid=201519914;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1?&cbvp=2

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N496608.279382DBMTP-IQUAL-EDI-D0/B30657299.378157990;dc_pre=CI2C5_n4n4IDFZ-R_QcdI8EE-g;dc_trk_aid=568996308;dc_trk_cid=201519914;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1?&cbvp=2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A395 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31b45ae7110e10b3f22fa274c773ba4ae973b72244a776be7dd25ea5566a6661

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 04CF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff4c8a509e22e5e733ff02cb382ca7497356af7275d43b8f755db52bab293388

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A395 16 KB
12 KB 116ms
70ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8c2c6197978c0e97c688810a516e8b3f7f8eae8565663eccff42299d2ae0938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12384
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 04CF 16 KB
12 KB 111ms
74ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079133

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

292e87271a357e6fa7c0e9aec72ccdc26a8784a03e707ae057ccbe7ce3173dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12255
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E97 0
0 63ms
62ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-jVeYC9emjH1-9GFFOy7xmG5rmF784pwmJajZdZXfI-ACRp2qX2TrNU-5s3QzuoXbVQ7dwAMWFVnyk0Z_085ilS0RjT-LaUtuP4mu8CKRDQBxW3F1MOwIMHHI5Lrlpbs830wXLElw2VzH1BDPKU9_58lFJFsfBOikvnZ6oivvL_YAHzzaQyZpChDFjhXw8PBJvjg9TQWVj2nJMYp5ScIi8frsOJ_717FFZcZ0OWY3wWZaohQBDzghOAPAw9E_SA4KlHi7pJWAWvLqdXDZ8uA-kLkmBct275_LjH0MYrwyvqgCjUk1n_scXHCsrnOS7tJV47IJp_Yf6iWAcqKOMueeFJ9IvWiEOlDUEfuGVXbXkW9n_Zl176dRXUnrGeCTLcSDVFv6Je8jiR_RTdFLy386JjJuZg-9SaAU9Z723tDqzhY0p6uyCW6-Vn4sOQs1gQKI3zkvE_4bz_5WwrDzR-YdqShzIfYM1_h5OtkIbI7KRWrc5WVtMQ_0RVTQ6tQdydUPfum4gHZ-fWzJhX7LDwSdG_kVGtuMY5YcHDdIn4AADC4NthcsLyLwpCVHAXWecBjCJziZ1V9jx1L-HrgMd8Zuef_wzmcwYsvatAFOLvabel7wqgf_4bD6-EsFK_2Fe5ZJvfppvl14LVzigjtnXTTZY6--p7LC3h611IIBRjOnBFApxQ53G8kI7izFr6Dau_VyU8KwvsjJM1XwAsvqDEB-TJpIeqm3Cii7V3uGNioFGhCwFWsQBKfKahC13iVv3wRpwZpNLfRgY2mu6mJ41EZ1bSnlxUDPTxJQvl2CZh8D21zyzEGuePJz8A59wmfs0GZONfsweTU-k0JSG9YjlmNp0udJs-XycT5KB9TOEwWZYbnE6w19JJMAOj_YpxE7LOCyszmqGZmtOBWiHd-I1oHlyO4oobV8XQBVJP51QFkToaJvCV1umHyJ1Q1wPKeUzES_iLpSKjfy7eM6nJZ6YDKOQAH6GIO7MwwwcbwB_6FRaTgnFGFtqcKZmNg6_AGzhDYOBHR9nN6__OfwYYjfUAKDl7l5C4cxewJ-eCu3PIX4mEDmFQFKsYeSVYewu5oTLnonUG9pVP74tR9gZSLnjck-1zZndl9lAuHxwC-S_oA9BAkg7b9e3WD4DFbsD_CQl2XEYeOxxRD3qZezmKbCzJ3uxc-KE9PYV2AHKlrWO8Eq72p4jLSAU8y7aqOz9I5adh2RKFxxrzfWRkq9p56gvnUTGRJn2FSyAtugQYjuuJ2x_wEu-yIvkU7abEALNT7-fbTzu5AqK-Uggi6Yl0IFgOA3kiravopEXs8d2wewvlLqGcouFlrKMiFvQIMyYMEIcswAZ9kl1x8njqtELl_4LdLhRn9OJ6XTI9K_0oRhewhVJ5pfy71-1GYHlg&sai=AMfl-YRiEQCuAc07c-zOBl2VYW-ZX9KsulHkm3WuZmTNizxwDC1d3e1_rkN_SB7MbTS6iBLc0l3Z4Du00P7yAhkBVeg3O1tcWjr7r0AWUekD8GgBFzfe2JsBXCgAGF4w8XwfCUx01CJpfF4S_cyKLTe27hIUSxSmOa3qYbXge8Y3RMapTrBi_mVZKSd8KeyVN6IP6FT6xXR_jy1T3qBnsthlEdCWkaje74kd37R581E&sig=Cg0ArKJSzC3e3bHqLlv2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1513&vt=11&dtpt=1420&dett=3&cstd=1509&cisv=r20231026.67545&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 DE-CH_interest_rate_retargetingV3-DECH-728x90-638330569429379235-cf690341-619d-4777-a504-5e9d2673923f.html Show response
s0.2mdn.net/sadbundle/10710448431421194240/ Frame B1BE 4 KB
1 KB 22ms
21ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10710448431421194240/DE-CH_interest_rate_retargetingV3-DECH-728x90-638330569429379235-cf690341-619d-4777-a504-5e9d2673923f.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e8b34b211059ac233da032d11d5b96b9382aa7a2164f63d18adb54086ad9dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 15446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1418
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 04:55:26 GMT
expires: Wed, 30 Oct 2024 04:55:26 GMT
last-modified: Mon, 16 Oct 2023 12:42:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A386 16 KB
12 KB 107ms
86ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ca130a71a71bc9ff7649d3a967a3f2b5d92ecbe00abb220fc7334c023eb3fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12193
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4EE0 16 KB
12 KB 97ms
81ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19ef36d000460f3ddb07951ef3b692bea1df46cd1eb4d2b589998f2f090900fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12186
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4128 0
0 61ms
61ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu18MYA5stbo5aa6ECl-gcf6uFwRgVycfUvJvYf5kUZPw74n0DnJJB_cId9vN3Fb2UsPPAM2U9mkNQQN0yaHmVgokm7dFtXyjGUSeEFCTGzESY0bY0X0pdpXSeTLk7eLjvGFQKjmcWwlPRc7vYAutkRquSC_lJpUPqGKm_o_331Vls4afQSrp_ywofaim8AZ7JiH0Xi5a25GxW90kO3fc85clA6Db_eYqaePHpsGDLi0Pp39eHnfrnpuur6RhgXZUnvHPQZ4QRFssMF6blLnj1QiC9H5lXGRKU7a5623_x7Ydv5V_-uCrbKX11BKz3TPG74udwrG4F3d0kB_voE_IlS02KuatYvw9oeb7FIHsINqiE_mkRYFYBEarcB68SolhwnCmI6YzITlcvKYydJ4K54ho04_xmuqCSTkYgWKAT8mdIH_ITZGddLIktO5blIbxszl9r4uQlJEgsuXxlvLdvAGQxcbi8pTHmQs7w0XnTQ-IMue8-X_8_ZWs9hzGqoEAglBNcpCX35nmr19r6XYgiC5POFUG62y8rdBhbx-IQ9UxWcA18Y0Ii2ynY_t6au4HazLYMpwELI57Z3d8PCHJcU7kdFOdQDwDcKFOhRKKn76qlM2NOHLM_NDBr9TPR_ezr0YPYPM0-3lkKJqkp9s58-wLrbzgeBQ0diPI0sr6YGSv8eGssjzCTVDib3gCcLodKkFCPMDU66hM1TMr5kR_D6iUO49DeUzJ3ABcM0ksPwwepztBOkA8bhKVofGqFmiY2nu_Lh4Z1GYGYyoDXbeEyfsTHvlTb9m8lGteSVm07U3iyhCEBrkwxcZa8G3tHeR88dwiHrOAUU-sB29l0pUrOUdbbQ1xicJIDC3hPWoODniGdErfIAjLqtn5llL2lml5oZ-eBuEBoXrNrkFJk3VZL7-DaqawnFyiFJWWl9Zk71pDhl7u_FwaCWMxWUV5j8l65hQJ4G_eWz_TencG9XEibadrLQim7BgVQ2Z-kmXrL_FoS6ohZr0Blq4xzhJsiMeZb7sOFBXBjdpBma8tk2WjryMBrXACM3B85XsFIlphbX2cd3ObJZBottjnYJzgf-jCsh3RwAoTO40XfdFyzKb4ii0KukCZkaQlI7DC1xu6H6Z53IWOxO5thDKuaAT4E7kAZHRFYdF2gplhmyErcOOBdynyIKFLsM_ltVSHZttxDSgWAAVNUKJEAxeICW-nKbJrEdOXeE1QuBsg8rcqLZZG4GC5pD8KrH9dwu9dv2SP-it3QuYcfs4U4ZeqtWUHQWScDy_z7jbThs_o5CJ1HLQEtAk-hoDE-69PlUzxq7foTx&sai=AMfl-YTUt3JMO3WboCR42EPo613eRch5d5GB-l1GxhDrWEBPJLxNEGi4APEXsLklFzATu80EfSFOLfEf0BsvNheg9rtKZ1omrpQHkwornlJZeDXFmALuNTfpius4nDguZrz7sF1co0YtNVrB8aqIG71VgNmG7jFFA34h9s-rEHJQMifnJPB-ew1wsufoprV09r4a6nW0WXDIC73H&sig=Cg0ArKJSzLyVNppMkV8GEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1409&vt=11&dtpt=1317&dett=3&cstd=1403&cisv=r20231026.50553&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Banner-728x90.html Show response
s0.2mdn.net/sadbundle/5487018471858690984/ Frame 3C24 5 KB
2 KB 23ms
21ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5487018471858690984/Banner-728x90.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc06e6c2f2dd7b2fd52a2f868d99fbb19cc4265a042ba6d9c3ba213d7b33d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 25861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1719
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:01:51 GMT
expires: Wed, 30 Oct 2024 02:01:51 GMT
last-modified: Wed, 25 Oct 2023 15:55:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBB7
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEG6Z6aF2fbN4N5jZ6em3tP0&google_cver=1&google_push=AXcoOmRoUPncFWSK7cCQa4GX4FZYi9QRZQ5dl5vDb3nFXxYb-Y4Pvq5IuHe59hkO1tMN_SWn-IfpQmHb2hU3hTuutuBgg02_3Waj
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Qzk5RDM3QUQ0OTk1Rjc5MA==

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Qzk5RDM3QUQ0OTk1Rjc5MA==

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Qzk5RDM3QUQ0OTk1Rjc5MA==
date: Tue, 31 Oct 2023 09:12:53 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBB7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFuq-AQNKvTK0WBiTSJY4Zk&google_cver=1&google_push=AXcoOmT-W_icufwsA-zGpvPWY7SH-gx2HDJO-7v8ZKwxW-LQ5GQXgtV5X1jwxxWyK1E4VJgxqiAR6pz9qSbqb-...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NjA0ODA4NjA1Mzc0Njg0NA%3D%3D&google_push=AXcoOmT-W_icufwsA-zGpvPWY7SH-gx2HDJO-7v8ZKwxW-LQ5GQXgtV5X1jwxxWyK1E4VJgxqiAR6pz9qSbqb-Wmsj...

170 B
188 B

45ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NjA0ODA4NjA1Mzc0Njg0NA%3D%3D&google_push=AXcoOmT-W_icufwsA-zGpvPWY7SH-gx2HDJO-7v8ZKwxW-LQ5GQXgtV5X1jwxxWyK1E4VJgxqiAR6pz9qSbqb-WmsjfPnlMgGC8

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NjA0ODA4NjA1Mzc0Njg0NA%3D%3D&google_push=AXcoOmT-W_icufwsA-zGpvPWY7SH-gx2HDJO-7v8ZKwxW-LQ5GQXgtV5X1jwxxWyK1E4VJgxqiAR6pz9qSbqb-WmsjfPnlMgGC8
Date: Tue, 31 Oct 2023 09:12:52 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBB7
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFR8xqLK0CKBfhxEE7icXvE&google_cver=1&google_push=AXcoOmS63D965oHHvF7cvs3UMoPl4TnlmH0zjKDGzQRqxedO5flstYU2Qbme8anjw7ntf4-CgB3-SEsxnCOl4f2enIN_uLj...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFR8xqLK0CKBfhxEE7icXvE&google_cver=1&google_push=AXcoOmS63D965oHHvF7cvs3UMoPl4TnlmH0zjKDGzQRqxedO5flstYU2Qbme8anjw7ntf4-CgB3-SEsxnCOl4f2enIN_u...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS63D965oHHvF7cvs3UMoPl4TnlmH0zjKDGzQRqxedO5flstYU2Qbme8anjw7ntf4-CgB3-SEsxnCOl4f2enIN_uLjf7HBG

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS63D965oHHvF7cvs3UMoPl4TnlmH0zjKDGzQRqxedO5flstYU2Qbme8anjw7ntf4-CgB3-SEsxnCOl4f2enIN_uLjf7HBG

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS63D965oHHvF7cvs3UMoPl4TnlmH0zjKDGzQRqxedO5flstYU2Qbme8anjw7ntf4-CgB3-SEsxnCOl4f2enIN_uLjf7HBG
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CBB7 43 B
363 B 136ms
48ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSG_8kbtHtgdmHd8-mV7J4Gr_jBrLLvgEgIE3e13_RDRGWNipNZHOSdT0YHsLfUt-CTpf5CADAjJxv3jdYi1OlIT5SktDXR&google_gid=CAESEJquVq99GBsgESMLr0ykN2Y&google_cver=1

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:52 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 197430
expires: Tue, 31 Oct 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBB7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEO--rtipj7TlmMEAYpNlKrQ&google_cver=1&google_push=AXcoOmR6d8Of5Urnt90oOxTY52BgD88qgUV_NCYz6kmvhU41CPrrYQ-qRkK7rvtYYWE09RWU37mY5qhE8bwCPUU...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QjMBpBtEUZhhETDG9ru_RcPOaYY&google_push=AXcoOmR6d8Of5Urnt90oOxTY52BgD88qgUV_NCYz6kmvhU41CPrrYQ-qRkK7rvtYYWE09RWU37mY5qhE8bwCPU...

170 B
188 B

37ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QjMBpBtEUZhhETDG9ru_RcPOaYY&google_push=AXcoOmR6d8Of5Urnt90oOxTY52BgD88qgUV_NCYz6kmvhU41CPrrYQ-qRkK7rvtYYWE09RWU37mY5qhE8bwCPUU2KS2VxilJusPs

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QjMBpBtEUZhhETDG9ru_RcPOaYY&google_push=AXcoOmR6d8Of5Urnt90oOxTY52BgD88qgUV_NCYz6kmvhU41CPrrYQ-qRkK7rvtYYWE09RWU37mY5qhE8bwCPUU2KS2VxilJusPs
Date: Tue, 31 Oct 2023 09:12:53 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame CBB7 0
44 B 859ms
280ms Image
text/plain 35.73.229.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEBNMT4_lpgt5LEPtl0fRAz4&google_cver=1&google_push=AXcoOmTXcJkmb00qesxNFsWyvF1aKk8V7laRn1HisIMg5c30_9b8_h-pWU9X29z-3FzdSgQdSUG4GXP1ahuCeabCOZq3-4ze-SvY
Requested by: Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.73.229.47 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-73-229-47.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
server: awselb/2.0

GET
H2

200

/
onetag-sys.com/match/ Frame CBB7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELxEWqSPlZy5F3fw54MTmtE&google_cver=1&google_push=AXcoOmRHORuGn5ezg2LYK6p6144Mcvbev0XU2uxJ-piFi1i1YCM1l0tEDJ8jKBOUQQazsx7hSmm0J2HwfrP...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRHORuGn5ezg2LYK6p6144Mcvbev0XU2uxJ-piFi1i1YCM1l0tEDJ8jKBOUQQazsx7hSmm0J2HwfrP2S7Ew-KnkHsTO7-25Xw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

27ms
26ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CBB7 0
12 B 31ms
31ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LicW-ey3NgcdwTwz8NInLKoMNwLZCijghahskALc3jKey2UmOFSPdWoXGr1dLlSg47L9k-OQ

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3890
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
53ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
URL: https://d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:52 GMT
expires: Tue, 31 Oct 2023 09:12:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Joblex-Banner-728x90-Sujet-1.gif
s0.2mdn.net/sadbundle/5487018471858690984/ Frame 3C24 469 KB
469 KB 23ms
22ms Image
image/gif 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5487018471858690984/Joblex-Banner-728x90-Sujet-1.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5487018471858690984/Banner-728x90.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1877cdf8d8a13e950759b09f02f8ac7c7da352c29c0693f9e9f083509b399629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5487018471858690984/Banner-728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:59:43 GMT
x-content-type-options: nosniff
age: 119589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 480608
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:55:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Oct 2024 23:59:43 GMT

GET
H2 200 652d2f9f843eb9eeda767422 Show response
c.bannerflow.net/a/ Frame B1BE 74 KB
25 KB 158ms
83ms Script
application/javascript 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/652d2f9f843eb9eeda767422?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstU9BRWcMWbXvATupqsqSGmb37fyLQ3D2ASH7ZutMR9tCjTpFiB5UTpBpjbs5Ry5ZIFpL8HwIW6gQ5_eHQKgSl1fugwwXp5nuq1ttpP0FXX-9aOVoLgibUU6qIaxCFDl_-Pk2gES1eAwWiuyJrn3Sib6VznBSAQUOpvow17J0v5VSCDKbuaOywGrU8hFYU7W5okAARqJs8BU5D0U73shCObVQ8ZUeXYqfprqC3OhOb3Qag1IRJIbUdPmqQou5azCWWAMW6KTU924Z_dJbWU2ooDmm2pxURum_YZEaw0e06nqjLazvCHt_iXeU5bnjM4BaSBGCwj219LpHx6vKVB1wqIs96tyFdnVYQti2IVPcrkQGDkzQE0hUsNuqNSjn7Im5B3q-0b6yHKXCSAyIvgX3Io5cdnsiEInGBaxtCKCjyWO0QjR32TB3skKD35uUr2fIWa3XHBczkJKOGqGVdyDDWAQ1NBswelZ0_w2jWUhfPZ6zB9DhpYUiomd-xWG830wGUYcLMYvjiG3W0G7GdtGs_1bYm-3atTAcJnjYR8w9TzGJOnxafeNwrc4EalmaKYiu10SkpIZipPSMBTUhh6NEu8C-dcVT3sG6dfbC0P7EEhsNEkeyZtznCFMvCk8V8kDaCW8pG8GkKvtK9E1tK6BeRlZlhDoVXVH0riTSWg9CQOmF-Dwu8boR6tBum2F3p3lOfETxhQEExAV2dQMgE-a2wJqnx2bkZxfr3GACkaNV8FD2QCLmDAxQt0UJQjANHJcqUHcYCTsgPZa_GfYQcT3gaFB3wrM3RKcIfhoY5sWapVVC18c_bfyTzr2NADUImjQPBWqz691z4dOgG81lxh7i8bWepSRjoXRgYqeEO3twpj-bl7Ps10PUeCcOJebCoQkBIRZ7PTTIbeMNFa_dRIP9gYdcj4e_-50CkxiLW-DUF7PN-OOTbgs8cz5C_jTJARqPqxF8OZQ_qlWVQwzWuBuryhwYnqRsBhyoecHCb2GAI6kW26peTX-sYc-g--zcHWjGBmfFKPXKidqepQwqQLZKveZfTDeSfpZ3KTGTJF_OPKrueu-4BbSsi3iVAPffUsG55Ps7LgE4k31GmuJQrYHGeIilv-BVEN_NAoHdkZDgZyjlPStx1mDxNEfamb2VCWU90jKtrAUalzsSbIO3daKpmChkjd_p_y-ODvUqd-fLjyhB-elWNDIohoiCcg4h6muTHNPokLsw5po_-csd21gxNF8uzjWICP_4bjcP3kskKwmUvBKWh2N_ba5vtNQpwlVDjIkjmnCXyBVbwJozGbHKdCeLMzMss6f_t3trIgq600Ytnazs69RTb3yJab8E8Yffs9p0CTtJtWBgiPVogzsLWnVRUMtIdLLIRx2vpzKvSwJezQFokU-_Is%26sai%3DAMfl-YQ8lEMaeBPCmHu_uZWkBb-JMPK8ChDPLaCyad3sTNf1yFhnMBzW7UpujQzveUD7EflZqBb2LHtr5hFzi9NNDWiJuY3cCrWMOu0y8zIep_MhMtUdOBtnPOiSPOqOCXzkBNMH7hZrx7EVERy6HmxzCKQYQbPUIIV2R8YEgdrxOQzEJ0qAlO6iwipFI0KDVcwgpSjX2JjFktKz-gn3X_Jdc9Ib-VPeFnoFSWcaZ_ooZxgwa69Z3w%26sig%3DCg0ArKJSzMfIgowTO6quEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_525664089
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10710448431421194240/DE-CH_interest_rate_retargetingV3-DECH-728x90-638330569429379235-cf690341-619d-4777-a504-5e9d2673923f.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93817319b6994e316ff62e455d40ec5ff3a9f306c0e086e44a136779981e158e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 Oct 2023 09:12:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 81eac7637ff62c3f-FRA
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 138ms
59ms Preflight
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 31 Oct 2023 09:12:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A395 17 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 04CF 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079133

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4EE0 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 09:12:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A386 17 KB
6 KB 45ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 09:12:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FADB 16 KB
12 KB 139ms
137ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310240101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef7a41a88c6afb72b81f22d3c4f48f67f709867b17e0cb7701bba22f0f47bd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12117
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FADB 0
0 75ms
73ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMo3pwTT4siBkD9PDeiZpgx6m61nM5eylEkn0-YIlWnBF7ur2vXbNHuxsxNmGDND4yw1o37XSO_VeoxjF1N3yIlhiawclFIOevgcwPjjldjRhol2bK0TfNYESHgUlWvJivfy4n0_z7Vl6SzbaH-eOT3ztVdSSdfCoIwe4isTGK1Ow9l-CUubChS1JosckVchM2lwQjONkeDnQJhkPq_VceDOCVlFlKJZ9C-KCuMzmiBO9MP0Qls2QB5gYU34en7kl8CFdnjljkRRHDtwCvP-UoAYjcVD38EkjL7H7OeLjKlws1_mtAsSk9u5UhqxPYMzWA1uek3BfRDotI7NaUvoYxTEBMmel11zSMvVU-You7KmoMn9ZcElGJBdYNfbq7cgYa5rM2C_V6c3c&sai=AMfl-YTpfWTUnZ09eMlD8P-r5w_B5i2O7OeVKuz_7cxyzXHVFULE7fFvHs6zVOeEeIVZ8KQIKPLMh0K0J30rmoA&sig=Cg0ArKJSzKtf9lGXJ4buEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 09:12:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6697 13 KB
5 KB 27ms
26ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 7831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 07:02:22 GMT
expires: Wed, 30 Oct 2024 07:02:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7E25 829 B
559 B 36ms
33ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

17d9179a994074d388f4957b06013317c42eaa22efabfea0d1c4b3d28a359921

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VBKCr6aEGibeJOghPOiAag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VBKCr6aEGibeJOghPOiAag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:53 GMT
expires: Tue, 31 Oct 2023 09:12:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 84D9 13 KB
5 KB 26ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 7831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 07:02:22 GMT
expires: Wed, 30 Oct 2024 07:02:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D17F 829 B
558 B 35ms
32ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1debf54b5eaa232a2de5ee74c98720ba063753870e96685e75d285112e749ae7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6ta2lHr6sduKu4bODapFPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6ta2lHr6sduKu4bODapFPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:53 GMT
expires: Tue, 31 Oct 2023 09:12:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5034 13 KB
5 KB 24ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 7831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 07:02:22 GMT
expires: Wed, 30 Oct 2024 07:02:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FAF3 829 B
561 B 34ms
32ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a48d221d0eae4fa0d090bfa3afd33910ecf29adde349eb2c7467ecc8ffc40ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fn8DYCcMXMdJH6T61DPQVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fn8DYCcMXMdJH6T61DPQVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:53 GMT
expires: Tue, 31 Oct 2023 09:12:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD32 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 7831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 07:02:22 GMT
expires: Wed, 30 Oct 2024 07:02:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA06 829 B
561 B 33ms
32ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5b665f72e338ca43cae39b69204f9d56ae55c0eaf93fc0444ea5f24b822259b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lhmBf6H-KDIKwv6AKFoIkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lhmBf6H-KDIKwv6AKFoIkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:53 GMT
expires: Tue, 31 Oct 2023 09:12:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6697 38 KB
15 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 17:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 17:10:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7E25 0
0 55ms
55ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=417700801574402&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 84D9 38 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 17:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 17:10:51 GMT

GET
H2 200 widget.082a67c3af29c4c18dbd.js Show response
c.bannerflow.net/scripts/ Frame B1BE 24 KB
9 KB 39ms
38ms Script
application/javascript 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.082a67c3af29c4c18dbd.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d2f9f843eb9eeda767422?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstU9BRWcMWbXvATupqsqSGmb37fyLQ3D2ASH7ZutMR9tCjTpFiB5UTpBpjbs5Ry5ZIFpL8HwIW6gQ5_eHQKgSl1fugwwXp5nuq1ttpP0FXX-9aOVoLgibUU6qIaxCFDl_-Pk2gES1eAwWiuyJrn3Sib6VznBSAQUOpvow17J0v5VSCDKbuaOywGrU8hFYU7W5okAARqJs8BU5D0U73shCObVQ8ZUeXYqfprqC3OhOb3Qag1IRJIbUdPmqQou5azCWWAMW6KTU924Z_dJbWU2ooDmm2pxURum_YZEaw0e06nqjLazvCHt_iXeU5bnjM4BaSBGCwj219LpHx6vKVB1wqIs96tyFdnVYQti2IVPcrkQGDkzQE0hUsNuqNSjn7Im5B3q-0b6yHKXCSAyIvgX3Io5cdnsiEInGBaxtCKCjyWO0QjR32TB3skKD35uUr2fIWa3XHBczkJKOGqGVdyDDWAQ1NBswelZ0_w2jWUhfPZ6zB9DhpYUiomd-xWG830wGUYcLMYvjiG3W0G7GdtGs_1bYm-3atTAcJnjYR8w9TzGJOnxafeNwrc4EalmaKYiu10SkpIZipPSMBTUhh6NEu8C-dcVT3sG6dfbC0P7EEhsNEkeyZtznCFMvCk8V8kDaCW8pG8GkKvtK9E1tK6BeRlZlhDoVXVH0riTSWg9CQOmF-Dwu8boR6tBum2F3p3lOfETxhQEExAV2dQMgE-a2wJqnx2bkZxfr3GACkaNV8FD2QCLmDAxQt0UJQjANHJcqUHcYCTsgPZa_GfYQcT3gaFB3wrM3RKcIfhoY5sWapVVC18c_bfyTzr2NADUImjQPBWqz691z4dOgG81lxh7i8bWepSRjoXRgYqeEO3twpj-bl7Ps10PUeCcOJebCoQkBIRZ7PTTIbeMNFa_dRIP9gYdcj4e_-50CkxiLW-DUF7PN-OOTbgs8cz5C_jTJARqPqxF8OZQ_qlWVQwzWuBuryhwYnqRsBhyoecHCb2GAI6kW26peTX-sYc-g--zcHWjGBmfFKPXKidqepQwqQLZKveZfTDeSfpZ3KTGTJF_OPKrueu-4BbSsi3iVAPffUsG55Ps7LgE4k31GmuJQrYHGeIilv-BVEN_NAoHdkZDgZyjlPStx1mDxNEfamb2VCWU90jKtrAUalzsSbIO3daKpmChkjd_p_y-ODvUqd-fLjyhB-elWNDIohoiCcg4h6muTHNPokLsw5po_-csd21gxNF8uzjWICP_4bjcP3kskKwmUvBKWh2N_ba5vtNQpwlVDjIkjmnCXyBVbwJozGbHKdCeLMzMss6f_t3trIgq600Ytnazs69RTb3yJab8E8Yffs9p0CTtJtWBgiPVogzsLWnVRUMtIdLLIRx2vpzKvSwJezQFokU-_Is%26sai%3DAMfl-YQ8lEMaeBPCmHu_uZWkBb-JMPK8ChDPLaCyad3sTNf1yFhnMBzW7UpujQzveUD7EflZqBb2LHtr5hFzi9NNDWiJuY3cCrWMOu0y8zIep_MhMtUdOBtnPOiSPOqOCXzkBNMH7hZrx7EVERy6HmxzCKQYQbPUIIV2R8YEgdrxOQzEJ0qAlO6iwipFI0KDVcwgpSjX2JjFktKz-gn3X_Jdc9Ib-VPeFnoFSWcaZ_ooZxgwa69Z3w%26sig%3DCg0ArKJSzMfIgowTO6quEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_525664089
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e742f7765cc584a0798aeb169bdd36abdcf8fab8912ff23eca35356516f4e20f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Oct 2023 09:12:53 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 5tO1ehpNiXh/YpQpE1HqCw==
age: 3707595
cf-polished: origSize=24203
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 18 Sep 2023 10:33:24 GMT
server: cloudflare
etag: W/"0x8DBB832AFF4DEA1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dadf37ab-001e-004d-7822-ea22ca000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 81eac76448b82c3f-FRA

GET
H2 200 document.000000A5237445.js Show response
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/5831146/7535294/ Frame B1BE 59 KB
11 KB 39ms
39ms Script
application/javascript 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/5831146/7535294/document.000000A5237445.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d2f9f843eb9eeda767422?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstU9BRWcMWbXvATupqsqSGmb37fyLQ3D2ASH7ZutMR9tCjTpFiB5UTpBpjbs5Ry5ZIFpL8HwIW6gQ5_eHQKgSl1fugwwXp5nuq1ttpP0FXX-9aOVoLgibUU6qIaxCFDl_-Pk2gES1eAwWiuyJrn3Sib6VznBSAQUOpvow17J0v5VSCDKbuaOywGrU8hFYU7W5okAARqJs8BU5D0U73shCObVQ8ZUeXYqfprqC3OhOb3Qag1IRJIbUdPmqQou5azCWWAMW6KTU924Z_dJbWU2ooDmm2pxURum_YZEaw0e06nqjLazvCHt_iXeU5bnjM4BaSBGCwj219LpHx6vKVB1wqIs96tyFdnVYQti2IVPcrkQGDkzQE0hUsNuqNSjn7Im5B3q-0b6yHKXCSAyIvgX3Io5cdnsiEInGBaxtCKCjyWO0QjR32TB3skKD35uUr2fIWa3XHBczkJKOGqGVdyDDWAQ1NBswelZ0_w2jWUhfPZ6zB9DhpYUiomd-xWG830wGUYcLMYvjiG3W0G7GdtGs_1bYm-3atTAcJnjYR8w9TzGJOnxafeNwrc4EalmaKYiu10SkpIZipPSMBTUhh6NEu8C-dcVT3sG6dfbC0P7EEhsNEkeyZtznCFMvCk8V8kDaCW8pG8GkKvtK9E1tK6BeRlZlhDoVXVH0riTSWg9CQOmF-Dwu8boR6tBum2F3p3lOfETxhQEExAV2dQMgE-a2wJqnx2bkZxfr3GACkaNV8FD2QCLmDAxQt0UJQjANHJcqUHcYCTsgPZa_GfYQcT3gaFB3wrM3RKcIfhoY5sWapVVC18c_bfyTzr2NADUImjQPBWqz691z4dOgG81lxh7i8bWepSRjoXRgYqeEO3twpj-bl7Ps10PUeCcOJebCoQkBIRZ7PTTIbeMNFa_dRIP9gYdcj4e_-50CkxiLW-DUF7PN-OOTbgs8cz5C_jTJARqPqxF8OZQ_qlWVQwzWuBuryhwYnqRsBhyoecHCb2GAI6kW26peTX-sYc-g--zcHWjGBmfFKPXKidqepQwqQLZKveZfTDeSfpZ3KTGTJF_OPKrueu-4BbSsi3iVAPffUsG55Ps7LgE4k31GmuJQrYHGeIilv-BVEN_NAoHdkZDgZyjlPStx1mDxNEfamb2VCWU90jKtrAUalzsSbIO3daKpmChkjd_p_y-ODvUqd-fLjyhB-elWNDIohoiCcg4h6muTHNPokLsw5po_-csd21gxNF8uzjWICP_4bjcP3kskKwmUvBKWh2N_ba5vtNQpwlVDjIkjmnCXyBVbwJozGbHKdCeLMzMss6f_t3trIgq600Ytnazs69RTb3yJab8E8Yffs9p0CTtJtWBgiPVogzsLWnVRUMtIdLLIRx2vpzKvSwJezQFokU-_Is%26sai%3DAMfl-YQ8lEMaeBPCmHu_uZWkBb-JMPK8ChDPLaCyad3sTNf1yFhnMBzW7UpujQzveUD7EflZqBb2LHtr5hFzi9NNDWiJuY3cCrWMOu0y8zIep_MhMtUdOBtnPOiSPOqOCXzkBNMH7hZrx7EVERy6HmxzCKQYQbPUIIV2R8YEgdrxOQzEJ0qAlO6iwipFI0KDVcwgpSjX2JjFktKz-gn3X_Jdc9Ib-VPeFnoFSWcaZ_ooZxgwa69Z3w%26sig%3DCg0ArKJSzMfIgowTO6quEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_525664089
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78a9e6c0a86212c3b625841fdb4d5f3ccbf0a70ae0194fb7c333f7fcb5be164f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Oct 2023 09:12:53 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: o9hqDm6bd7EMzaKyPnwP4A==
age: 63464
cf-polished: origSize=64386
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 16 Oct 2023 12:42:13 GMT
server: cloudflare
etag: W/"0x8DBCE4552C72DC2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 314c372e-f01e-003b-2246-0ba882000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 81eac76448ba2c3f-FRA

GET
H2 200 animated-creative.5e624ab46620f4fd13c2.js Show response
c.bannerflow.net/scripts/ Frame B1BE 156 KB
53 KB 40ms
40ms Script
application/javascript 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.5e624ab46620f4fd13c2.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d2f9f843eb9eeda767422?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstU9BRWcMWbXvATupqsqSGmb37fyLQ3D2ASH7ZutMR9tCjTpFiB5UTpBpjbs5Ry5ZIFpL8HwIW6gQ5_eHQKgSl1fugwwXp5nuq1ttpP0FXX-9aOVoLgibUU6qIaxCFDl_-Pk2gES1eAwWiuyJrn3Sib6VznBSAQUOpvow17J0v5VSCDKbuaOywGrU8hFYU7W5okAARqJs8BU5D0U73shCObVQ8ZUeXYqfprqC3OhOb3Qag1IRJIbUdPmqQou5azCWWAMW6KTU924Z_dJbWU2ooDmm2pxURum_YZEaw0e06nqjLazvCHt_iXeU5bnjM4BaSBGCwj219LpHx6vKVB1wqIs96tyFdnVYQti2IVPcrkQGDkzQE0hUsNuqNSjn7Im5B3q-0b6yHKXCSAyIvgX3Io5cdnsiEInGBaxtCKCjyWO0QjR32TB3skKD35uUr2fIWa3XHBczkJKOGqGVdyDDWAQ1NBswelZ0_w2jWUhfPZ6zB9DhpYUiomd-xWG830wGUYcLMYvjiG3W0G7GdtGs_1bYm-3atTAcJnjYR8w9TzGJOnxafeNwrc4EalmaKYiu10SkpIZipPSMBTUhh6NEu8C-dcVT3sG6dfbC0P7EEhsNEkeyZtznCFMvCk8V8kDaCW8pG8GkKvtK9E1tK6BeRlZlhDoVXVH0riTSWg9CQOmF-Dwu8boR6tBum2F3p3lOfETxhQEExAV2dQMgE-a2wJqnx2bkZxfr3GACkaNV8FD2QCLmDAxQt0UJQjANHJcqUHcYCTsgPZa_GfYQcT3gaFB3wrM3RKcIfhoY5sWapVVC18c_bfyTzr2NADUImjQPBWqz691z4dOgG81lxh7i8bWepSRjoXRgYqeEO3twpj-bl7Ps10PUeCcOJebCoQkBIRZ7PTTIbeMNFa_dRIP9gYdcj4e_-50CkxiLW-DUF7PN-OOTbgs8cz5C_jTJARqPqxF8OZQ_qlWVQwzWuBuryhwYnqRsBhyoecHCb2GAI6kW26peTX-sYc-g--zcHWjGBmfFKPXKidqepQwqQLZKveZfTDeSfpZ3KTGTJF_OPKrueu-4BbSsi3iVAPffUsG55Ps7LgE4k31GmuJQrYHGeIilv-BVEN_NAoHdkZDgZyjlPStx1mDxNEfamb2VCWU90jKtrAUalzsSbIO3daKpmChkjd_p_y-ODvUqd-fLjyhB-elWNDIohoiCcg4h6muTHNPokLsw5po_-csd21gxNF8uzjWICP_4bjcP3kskKwmUvBKWh2N_ba5vtNQpwlVDjIkjmnCXyBVbwJozGbHKdCeLMzMss6f_t3trIgq600Ytnazs69RTb3yJab8E8Yffs9p0CTtJtWBgiPVogzsLWnVRUMtIdLLIRx2vpzKvSwJezQFokU-_Is%26sai%3DAMfl-YQ8lEMaeBPCmHu_uZWkBb-JMPK8ChDPLaCyad3sTNf1yFhnMBzW7UpujQzveUD7EflZqBb2LHtr5hFzi9NNDWiJuY3cCrWMOu0y8zIep_MhMtUdOBtnPOiSPOqOCXzkBNMH7hZrx7EVERy6HmxzCKQYQbPUIIV2R8YEgdrxOQzEJ0qAlO6iwipFI0KDVcwgpSjX2JjFktKz-gn3X_Jdc9Ib-VPeFnoFSWcaZ_ooZxgwa69Z3w%26sig%3DCg0ArKJSzMfIgowTO6quEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_525664089
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3a77ca3e3a1d649c31554b8dd826b0d8c9177031a5c5558b334c442428a0efd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Oct 2023 09:12:53 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: uTRCnTb2IHOzeC2liDMqDw==
age: 1546797
cf-polished: origSize=159909
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 10:09:15 GMT
server: cloudflare
etag: W/"0x8DBCBD474DDDD90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2258c922-f01e-0014-39c9-fda549000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 81eac76448bb2c3f-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D17F 0
0 55ms
55ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310230101&jk=3634574226846339&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FAF3 0
0 56ms
56ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=3119154461606836&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA06 0
0 72ms
71ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=2854771269670646&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FADB 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 09:12:53 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5034 38 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 17:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 17:10:51 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame DD32 38 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 17:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 17:10:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21E8 13 KB
5 KB 28ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 7831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 07:02:22 GMT
expires: Wed, 30 Oct 2024 07:02:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7094 829 B
561 B 32ms
32ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25c9cd324dafe286f9709fb61c1a2929462b0d50dfcdf3ccdf28020556741cd5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rpzKJ7E8jvOZi-k_xm8KjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rpzKJ7E8jvOZi-k_xm8KjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 09:12:53 GMT
expires: Tue, 31 Oct 2023 09:12:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6697 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3OlnoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame B1BE 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 897cc092-670f-4434-8d25-4515492ebffe Show response
https://s0.2mdn.net/ Frame 8B2F 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/897cc092-670f-4434-8d25-4515492ebffe
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.5e624ab46620f4fd13c2.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7094 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310240101&jk=2036149680815932&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame B1BE 27 KB
28 KB 121ms
43ms Font
font/woff 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20%25.129%3FADEIKMSVZabcdefghiklmnorstuvwz%C3%B6%C3%BC%CC%88
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10710448431421194240/DE-CH_interest_rate_retargetingV3-DECH-728x90-638330569429379235-cf690341-619d-4777-a504-5e9d2673923f.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6821bbca1cd79111ed97d0364803acd3ba0fa4743bf6490cc5d92690e155a13c

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Oct 2023 22:22:48 GMT
server: cloudflare
age: 1248605
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray: 81eac76759cf4d59-FRA
expires: Tue, 15 Oct 2024 22:22:48 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 21E8 38 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 17:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 17:10:51 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 84D9 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_8fumQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame B1BE 3 KB
4 KB 46ms
46ms Font
font/woff 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F48143311-bbb8-4b5b-aab6-8b95e2d0fe50.woff&t=%20Maefhnr
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10710448431421194240/DE-CH_interest_rate_retargetingV3-DECH-728x90-638330569429379235-cf690341-619d-4777-a504-5e9d2673923f.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc8947b18b7fc3d2446959a857ff34b9de9aad59ac9d9e95a31123bd61b69b52

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Oct 2023 03:06:16 GMT
server: cloudflare
age: 21997
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=48143311-bbb8-4b5b-aab6-8b95e2d0fe50-subset.woff
cf-ray: 81eac767da4e4d59-FRA
expires: Wed, 30 Oct 2024 03:06:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4EE0 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugZox_l8bv9TKcTPL_iToSUCRXZkQ31cm75672YuYTgYt3fuSIq9bNbgwlwdsfVJWxPH6fmbw-O5pisxxaS4G2UwUWgKpYLA8hbrYLG0SHDTU6zIMSst04FI2Jerwp8FtakRIiQ9F2oA&sig=Cg0ArKJSzMOJEhgrb91aEAE&id=lidar2&mcvt=1063&p=0,0,90,728&mtos=1063,1063,1063,1063,1063&tos=1063,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698743570144&rpt=2562&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4128 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstr4wHFSDvfCCLv3elr9fBpF_bUZV6zA3jJ1YXmK9Itu6nmkTFc49mtz3MTk7sxkEmxLGMZy9lrXjr5Dj1UW2NgAxde8A4eRBvLWyxmyQBVvtw07UtEjTnC4w_8WF81I7nX9Fju8UuO8w&sai=AMfl-YTgchAtBthcdlnHQt0XrJqvjmal1EdFD0XVJdCgu5FPAsjj8nFbQ38Itci7HtN7s-geWggof0VHHxVOs1Gq4VwHXjm26GpXb1s&sig=Cg0ArKJSzE8uz-Nkqu6SEAE&cid=CAQSKQDICaaNxiv30-yD6KhBV4Wq3H1jMmD5y64v59omR7XGP60zdRNiUrBqGAE&id=lidar2&mcvt=1075&p=0,0,90,728&mtos=1026,1075,1075,1075,1075&tos=1026,49,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698743570763&rpt=2022&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E97 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2100564603207&version=m202309260101&ct=76&x=1&cor=16292279879088101000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5034 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?32Eb4g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4128 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7318039096215&version=m202309260101&ct=119&x=1&cor=10183247774093382000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 09:12:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 97F6 217 B
471 B 28ms
28ms Image
image/svg+xml 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Oct 2023 09:12:54 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: jWK2YKDGtOC5ylmcMWhtkw==
age: 2010
x-ms-lease-status: unlocked
last-modified: Thu, 22 Sep 2022 09:21:09 GMT
server: cloudflare
etag: W/"0x8DA9C7BC8F9699C"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2ae257e5-601e-0074-341b-f9d9d6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 81eac7699cf42c3f-FRA

GET
H2 200 064f98af-9ba7-4244-940f-43207ce3a2fb.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 97F6 272 B
325 B 32ms
32ms Image
image/svg+xml 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/064f98af-9ba7-4244-940f-43207ce3a2fb.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Oct 2023 09:12:54 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: C50rliIMDPE8SiFZGvsxQQ==
age: 5000
x-ms-lease-status: unlocked
last-modified: Wed, 14 Dec 2022 14:52:58 GMT
server: cloudflare
etag: W/"0x8DADDE2E4532F74"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bc39a7c8-101e-007e-10bd-0b7d61000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 81eac7699cf62c3f-FRA

GET
H2 200 d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 97F6 4 KB
2 KB 36ms
35ms Image
image/svg+xml 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Oct 2023 09:12:54 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: o8BlfxpL6pDvDJmSY4p8ew==
age: 1300
x-ms-lease-status: unlocked
last-modified: Wed, 05 Oct 2022 10:56:08 GMT
server: cloudflare
etag: W/"0x8DAA6C03538AA86"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 377bd17a-801e-0053-1bc5-f9ce12000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 81eac7699cf72c3f-FRA

GET
H2 200 c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 97F6 151 B
282 B 33ms
33ms Image
image/svg+xml 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Oct 2023 09:12:54 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: w+egTtB742SWTpq1qkS5Mw==
age: 6438
x-ms-lease-status: unlocked
last-modified: Tue, 13 Dec 2022 11:43:57 GMT
server: cloudflare
etag: W/"0x8DADCFF51C6E2BD"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: de218210-c01e-0099-2dd4-02929b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 81eac7699cf82c3f-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DD32 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?D9vg0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 lottie.min.js Show response
shared.bannerflow.com/libs/lottie/ Frame B9C9 245 KB
63 KB 507ms
47ms Script
application/javascript 2606:4700::6810:307e

General

Check archive.org

Show headers Download Go to

Full URL: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.082a67c3af29c4c18dbd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:307e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Oct 2023 09:12:54 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 3jN+4HvsftV/jNd4P/RFbA==
age: 10
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Tue, 03 Dec 2019 09:22:06 GMT
server: cloudflare
etag: W/"0x8D777D243C9FCFD"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 246f666a-b01e-002b-4c25-b692ce000000
x-ms-version: 2014-02-14
cf-ray: 81eac76d0fb69b25-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 21E8 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IUUjXg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A395 0
0 58ms
58ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=417700801574402&bg=!nZ6lntHNAAbo5yKYyOc7ADQBe5WfOPUDIL2jBSy81oogpDEeuU6csiveVS4hB_fxBJKvsWQlGRpHivw-FVc8O0GEEUrgAgAAAoBSAAAAAmgBBwoAPHuJ1GuZJSdDFzrUvBjhwvJuVqPvcR6RqS27ZELlucZtnbExHHmnsJ9YzbVT-OusXaFzr4DqtBpBUeRimZkC_Z35n_4O0OPOdSTEHdwQSLFXVGyfLsqOWei6yyzQox9JpOqog9vx1JVR33mXEk2LVxBr6F4_cLmk-ysll9A1a1iJz_E6bhJVXdIs4F8UGEwekDnoj6oqagvvOifomuJAq2L86q0MS0v7HGGMhwyvbCiekvPVykDx_dcNETK58OWcvdRmPz3T0lRC5lk_3cbkZteqh2lvjVzYSLky8zDWY58hfz2_LVSsUcEe6ktHmhtb9sX0pzjsoR5rwAZMeFWhJ8N5iJETo5xJFo6T-ng0Br2Y3at3zT2BhW9t7VVhekr3uyeVVchoobK-dS_tRA-XJYLnR9ezDousnq17R_mxfQA9eUuTQ0nb52_ViOsH82vBrCEumWN_SaBvwo-zSWdBRt86TB6sVGNMoDAfzg0xSHIBMvdIUNJIHpseItjRb-HvfgmW2u-py61FE-zJ117g3lgaRJ9DyxatFAI_L8BQwVdJe0yGwgWFIB7_wHBpHgtWeEqm-eXlxG0Em55OieXpDD8eRYPHCyc53er4VknqNWajM6Vfjnk8Jweca4eCjwUVNoe52CS_d5olCbZxAtv9PSDfKOBvS6s1cPNK0q8-WZXC8uezBFo-7Xq8iYoK7s5OFugFuA_F-kOKCjb0kW1Yp0vAfBOuvFMMkRrCBu6sblM2CoShpYQkBm0DgzmNYFSvqCDW4Ip71TJZe90JKOMj2G2Gcy7BY1uTiJ6csjoIrloTYehdIF7-bnLza0-NK2Cuem24hPNzggqHWeYmcmwPZnVL0wgU5iXhR8zoBnAHskvOXMbc-MjymNIurf7OyayuHhYABcosLzFPlWmMXWjGxXkRB9Ohx5dYerLQ5CNt6YmMoXzAEobbbiSYXPRPceqK7fOzT09duFJ35w41QhiyrFNiiK_xIinpSSBX1b1HQWG7SWlmZIdt0FkdgS9NeoieDKm770fFNOYIQF_ON26jDTedsLSXoHYJ-wykoOENaf5RESxiHPDfJXpq9ViqbZIx81u3iSBiUv6yKItWCg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 04CF 0
0 61ms
61ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310230101&jk=3634574226846339&bg=!iomlicbNAAbo5yKYyOc7ADQBe5WfOJKksIN9QqxzvIooTnjNUKIkzVhgqqrDfpAQEgPylkyo22t25hM-UtEEEiVRQ01oAgAAAz5SAAAACWgBB5kDFKmxLbB_PJj2WI5ykMzQklqecAdUHUDK5ZMDGLuUVYwE5NQ1UedpJ_Bz3pjAYVw_3sryP65I0fNAtASUQGB3E_MbTkTEDpFogO30BjRrXywnkuVKxqNcBvl3w8vXLZRc-wV2HUEsAEvEqXhUkazz7Bujy7i1JZ7Z5nRrdQ0GtZJp8fHpOJRm5A4goEQx9lxL9CHX_p2M054blBWnu6bYeUsabfQ_wlXZfui2FhwACHESPk0evW_UdtC8mZ5mFQt2rN34PB62q_l-Ieyo_8IV9CAH1eP9d5od-lJlsxPlq7PL_xXFcN6W_yBxH53Mbs3WuZbxGBsfFIBK_t85AoIabKoFKtqUF_a8LufrPEouyJVo_WcMbNsVXIWu2Rm9XjGeN8TQXypIlhMioANfjVBHyAVF2Ws7hsiPVZOb2fhjlMMXo9vr-XdZDn9IaOSyqvhW3wHgQI1yes6wCVpXX0OULmQblhODEEo8rBrpZ2hhJyOajaUDBBdglhKHNcuH16rrsycxHlPxicG3IfzEj8xOhjumTvQ6ph4wcgc6_AMG0aF55pJvHebgAnBGs7xKWUu6IlQr3HTHPy4achJbBpQaoXDBvxvMO-RVYxeAgWSCG2_uYq93r9WxeWh65fIoXoufuMrbe_mqvirR1jIRUmm6iEdAcA0_SnWqtrjP2xHD3jLBtmhVCGIbWc_ES8pVpAWKRhqO-sN5E9g5gFSnLeun7CwDGLsAB4UNnTfVc46KhbvfjiCn4yrfkr5_fNhGONBdarVobMAKCyN0_CyleSo9kMRXNcMo3lxLfQPN1_r1G6IfikMJgTCX89Xls46njra_c88VXU8g-gac-928LxLjdqdUdC-YqHJ4Adriepk9yFy_g7AHRxha94kEu1C52fgCmBITwzCcUH97Xrw1_w-Jctss3t_wMFPxZR9auh4zro4I4TD2Fey5-KKC-jd9y_rJcic2lsFhV-lpztktN97o3j7t27Um0UnnwJLemk03hqwwYjfvPlmhk0EkjiaBUq8JmvIBZ_dBdL64Ys2oBo_H8YTlLFqc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame B1BE 0
100 B 43ms
43ms Ping
text/plain 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d2f9f843eb9eeda767422?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstU9BRWcMWbXvATupqsqSGmb37fyLQ3D2ASH7ZutMR9tCjTpFiB5UTpBpjbs5Ry5ZIFpL8HwIW6gQ5_eHQKgSl1fugwwXp5nuq1ttpP0FXX-9aOVoLgibUU6qIaxCFDl_-Pk2gES1eAwWiuyJrn3Sib6VznBSAQUOpvow17J0v5VSCDKbuaOywGrU8hFYU7W5okAARqJs8BU5D0U73shCObVQ8ZUeXYqfprqC3OhOb3Qag1IRJIbUdPmqQou5azCWWAMW6KTU924Z_dJbWU2ooDmm2pxURum_YZEaw0e06nqjLazvCHt_iXeU5bnjM4BaSBGCwj219LpHx6vKVB1wqIs96tyFdnVYQti2IVPcrkQGDkzQE0hUsNuqNSjn7Im5B3q-0b6yHKXCSAyIvgX3Io5cdnsiEInGBaxtCKCjyWO0QjR32TB3skKD35uUr2fIWa3XHBczkJKOGqGVdyDDWAQ1NBswelZ0_w2jWUhfPZ6zB9DhpYUiomd-xWG830wGUYcLMYvjiG3W0G7GdtGs_1bYm-3atTAcJnjYR8w9TzGJOnxafeNwrc4EalmaKYiu10SkpIZipPSMBTUhh6NEu8C-dcVT3sG6dfbC0P7EEhsNEkeyZtznCFMvCk8V8kDaCW8pG8GkKvtK9E1tK6BeRlZlhDoVXVH0riTSWg9CQOmF-Dwu8boR6tBum2F3p3lOfETxhQEExAV2dQMgE-a2wJqnx2bkZxfr3GACkaNV8FD2QCLmDAxQt0UJQjANHJcqUHcYCTsgPZa_GfYQcT3gaFB3wrM3RKcIfhoY5sWapVVC18c_bfyTzr2NADUImjQPBWqz691z4dOgG81lxh7i8bWepSRjoXRgYqeEO3twpj-bl7Ps10PUeCcOJebCoQkBIRZ7PTTIbeMNFa_dRIP9gYdcj4e_-50CkxiLW-DUF7PN-OOTbgs8cz5C_jTJARqPqxF8OZQ_qlWVQwzWuBuryhwYnqRsBhyoecHCb2GAI6kW26peTX-sYc-g--zcHWjGBmfFKPXKidqepQwqQLZKveZfTDeSfpZ3KTGTJF_OPKrueu-4BbSsi3iVAPffUsG55Ps7LgE4k31GmuJQrYHGeIilv-BVEN_NAoHdkZDgZyjlPStx1mDxNEfamb2VCWU90jKtrAUalzsSbIO3daKpmChkjd_p_y-ODvUqd-fLjyhB-elWNDIohoiCcg4h6muTHNPokLsw5po_-csd21gxNF8uzjWICP_4bjcP3kskKwmUvBKWh2N_ba5vtNQpwlVDjIkjmnCXyBVbwJozGbHKdCeLMzMss6f_t3trIgq600Ytnazs69RTb3yJab8E8Yffs9p0CTtJtWBgiPVogzsLWnVRUMtIdLLIRx2vpzKvSwJezQFokU-_Is%26sai%3DAMfl-YQ8lEMaeBPCmHu_uZWkBb-JMPK8ChDPLaCyad3sTNf1yFhnMBzW7UpujQzveUD7EflZqBb2LHtr5hFzi9NNDWiJuY3cCrWMOu0y8zIep_MhMtUdOBtnPOiSPOqOCXzkBNMH7hZrx7EVERy6HmxzCKQYQbPUIIV2R8YEgdrxOQzEJ0qAlO6iwipFI0KDVcwgpSjX2JjFktKz-gn3X_Jdc9Ib-VPeFnoFSWcaZ_ooZxgwa69Z3w%26sig%3DCg0ArKJSzMfIgowTO6quEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_525664089
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 09:12:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81eac76da8892c3f-FRA
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A386 0
0 59ms
59ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=2854771269670646&bg=!UlGlUR7NAAbo5yKYyOc7ADQBe5WfOHZCYCnMjVlxo7_d4HQcVBDrIytoJ0TBBt4-b8dYlSau4pwEz4NHEuzKh-PLvSuKAgAAA01SAAAACGgBBwoAaA0dEUEaV1AoPcU9spGd28fXMwltY3QJvXEdIjDXxFyJ3C2nybcq7HjT840Lj2JfMHWmW_WpSHzxlPTQw0_MDArjnNVjts3N1nmQ77Iwdz3oDlUpgs6scTBlIA4Hzb8wZXEvO85b8yErmQMKwLVdxzGSfi_yRI6uW6CvZAv4bI4Cbl6U55odlG-uMpBV7OFxaW3VdDZ13ecOlSB31QNr6vdscQ7zmN0QnWjrHUEI_sSkT5e46k4lqpMmG6T16sropLK6NWqZLnygzTDvn-KBaWparnxbwAfDrRqYxxQZdwZNy2o9wvW0PK2L1WDR7D-cCC0OpHT2TW9mzt5zYLcN-9V5jHstTwOXoS3U5T8HGV3dm3kXssmZt37MD1W4ntJ-X4r0JeQ-d_8_hP52YiTCHi1rMqvcXfPq_rhXzQBlp1eaK_yVY-R35g7-3UIKkFjPScQLALeohRjGIS2zFi3dg2bjVvTYYbi-Wdcz0pCxvkkKoUjrYvAltcHUbaX45MUYrpam8BiDxqEPJV6rCGR8AtWCvgpRYJxExP73hOjdz7BrL7k8OqsbcazlNqy3_wcCf2GJFsxaDZhM2if6uqaMDdLL707rRKdsbuY5HDHVSINXS10Cmm3BbLN18GMuceo9GOYOEjj4L29_4VAH-cAK-70M_je5My-yyuSaBNKkKP3_Ck0ejumn8wlfZtd3FSh5D4IIfMUy_Hn1wBWicvuJ0ahZJRjI_tRrivj8-Pwv7nXat-PZmpMOonJ2U_87K311nkXvuhIA1FCaHEicVhc9df0tsv67M-O6egNMSpY7UOgV14G7avVmLW7a_0KHNWXza5FaqPxpBFIqvo2FVrmjSsFjjiUZYUgFIfHAJbDlZa5b1swgHaMlvU-dUCagdmOOYszIc62g0fnL6H5-u6TYSXj3Sd6a9IH2jZ2SzxX_f2Fcew8h0CYl0Y3unWO2rymHMLT-77zSVHeEByU5efIL8iajU9RwztzXZuH_KJJ79BxX6HqjZMaEt_JikmxUQfRGLSAoQRPsVtpaHQA_1YOyuTETlstT1SOJVw4wR84gyjLC6Wmh6xa1TML9e8P1d9JbIXj79z6bC2Cr4G1VAuorNXbaJjq_rL__A8ceqA-JHpmM16_H8H-daOhqX4WstRWW25UmsYV5n9wOqPt3Kq2LyNrboVJjHg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4EE0 0
0 57ms
57ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=3119154461606836&bg=!DA-lD0DNAAbo5yKYyOc7ADQBe5WfOFodCCJ5WdtwRmE2PIyMgbgur0K0KcFT7gjwMisNLYdaIggiHzXQnAudLW6pvXzUAgAAA2BSAAAAA2gBB5kDE3IHYiYBjkOn8dXDjX9T2Gze9V8cAamxALYhSPJuIoSOCn21qPUIao08OL7BVj4KExDjnzTRtlSw_gG--5LuvEMw9MY4NxK_7lPUngAeUn_1mEkRWJv3-krdqhMNasxhrlSrBNe9v2P8eObn_I4CTvLkjYEf6wmY6dhWcrxBDlFszGm17t6fIV6-Ad99U1H7yTqvdFkfrI1SPuUPIStdhY7n9mIGtnquNxgBT-etB9T5iXKtF9kBVrgYNou94OEfwhSU0lBz9zcFgbcEoQz4z734mdS5s9g1ccMRUPslqhuYigmPD-cpuolGR_fSdZXM3XP4hHrlHhWlxzSubCVWNgU_8Lrof8dzZySrBabz7Vno6S6eyjX0ngM-tPshMf9CtzAV9iqEqCPW6IKEVwYgOnIEHp6zVViz8KgYolgdkdzlQGnqRIESxhKEaGVNiFBxUAqYyOwZn-zgsS8V4t7EfBAuA1dMoP0YJsxQhqQMmCu-MxR3DdDPt5TpE-n23M0a8syJqfyL2SlE6a22027f3dStCKl0LMyTd3seykYl0-TtCE5ZqEdZVC1_NClpJG1wDIrmDPFCYxLhz9XmPCkE-qeCl7rY6z1QUDimUFbXAAd-kAeJbM8ADB6XPhlS04lJPev8vDDRiVlzvujGheMr6Dj1CVVH_cfA9nBNsZDOM_ed08hjeQrlJqhRLRl_sDSMl0xNnP1ivCEnL02TgVc_IsoxZA3ajOrFnJW1jFicehLs-lJKbxs0OMv8pLwYEHrxQ3-jNI2PcJGsNBHWbrSjEuJoUKXpgDo1Ql8tslCFM078iZVhG0-_0no3S0su45lE33pMKjAV96vbfWUbjpsDpT4j7Bx7N0cTPnvxLvidLdnASBAAyz_fVh4UCVZgHzBcDprEY8qn3qwt3jsp_U66eVgDq1O9bZwHyPQKdWutPL2sdbJfrsJKdKil4p3W6mD36YQBQz9dl79OEUczul8Mxi4x8kViGeoMiah5Kldaxr856ptIC9N2c1BHwM2aBpnMiyun_wSN-NZPQWNEsrbvuTsmP88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FADB 0
0 58ms
58ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310240101&jk=2036149680815932&bg=!ERKlEl3NAAbo5yKYyOc7ADQBe5WfOPsgaLALPwui-5udutihNrAk4Uwl1ZF2QKoK-n7vOgCxUjzTCyVmQ_UF-SRDz9eMAgAAAZ1SAAAAA2gBBwoAVTGf-MsqOyqzLfVhg9jlKhKl6h2ucWeq5FUMGoxRmKWFju6dDCxvJF_plX9xxCvLgR2zdpPQSfyWnSYIFA2lBDq_7OAm9qNAXS27YnNvr7iGIkxioRKZAwq9hLYdTlydxRnzap1HCl2DDMvtUSzSse-N_RDa28kkONYrYKLIj3vJ1u-BGfaI9XwmRdzoOq2-tftDCQJP_-LmKd6EzwYpkmkqkIL7QIO_y04jYCYTDXT_hcYLAGW8o3NDHrjWYN_YQO2j3cjhB_wDLKhhfYxZK9lVhnyilxekievEQGE4jQ5NgonyhL-oNKmUUQSHJVuDLfj-t4uRy_M4kK1ZLE7ezR-VFlpTqaU2RXQJqRa5w2jjJe_dRrPZnUF3y7ZGyAmtU2_cKBJMcWK5DseumchSrtEiTRkh9Yi_2oP5LvRNZjfzE4lRWcrzmC3SJa36brla9o-l_2_kS_Vg98vOtmXkYaUrR0MRd0QZwRjQvEOOnsXhGunbDZSeSpCjRuADtSQkcQ_8oIgi5YsoI73u18fd2baQjlayk5J8U0gVi6J7mrQEO2wvF5a4xzahBhsK9Op-pM4L4oEIvYbijTNNPc8YGxEj_xu-BD0IHQA_CRzh_3rDkrckogZfJeWciFzHyJDNaq4afP8j7pnTeW70GrMBDb63WQOkDwCz9w3eq47TribrPU_oa1mGbWYMH8-ro-CugUg5TWfet0XdRiTXCVLrppm0J5fG8gK2YVWcLoNrGAsHotQhvLo5BNvHRTGMKdSB2aUKqovUk4fFlFcMCchM6lPk5PlUhBHDg6NXM0zAVsKymrWq93dGU3Jojsczw9NvgO_JdxOGjqIv57nHjQ2B7RBPXkhhCQM9bwA8alCu1Z-ytQXUzlhztrhWkTXIOLF5itHTJe207M5S2nbYLpIz6UE9F4NJvSrUNFGXP74XkES7Wd-BLkRORb9UKc_slXiiSMOhVvObQ5E9k2hOgIQVz4uLap3jvS_usIr4_G6zhB5EqJxq83CqL-bGWVcbNmJQMC35GVp5xehCjJeQY1NI-iaK0SQgOHW18tSc5NE3GmEyWyv_wLxkPUcunWPgRVrLG4fyqLt3xDUS8MnReHOTGJViik9F91RE5rnBMI8xfTcj38lLoTcovgy7evnR5DYD8BbY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 01:28:23	Name: is_unique Value: sc12916097.1698743568.0
.statcounter.com/	1970-01-21 01:28:23	Name: is_visitor_unique Value: 1698743568324059990
.xgcartoon.com/	1970-01-21 00:37:59	Name: _ga Value: amp-7Bc53Jrxof6LvlmqGx78ww
.doubleclick.net/	1970-01-21 01:28:23	Name: IDE Value: AHWqTUljL9XKEISY8tAuWqdpvQpKUY-W0kISqRmanjCfgn3R53DQUSWpv0o9bUTJ1ow
.casalemedia.com/	1970-01-21 00:37:59	Name: CMID Value: ZUDFEwj9GFM2YcKJYbgoLgAA
.casalemedia.com/	1970-01-20 18:01:59	Name: CMPS Value: 2151
.casalemedia.com/	1970-01-20 18:01:59	Name: CMPRO Value: 2151
.quantserve.com/	1970-01-20 18:01:59	Name: d Value: EBoBCQGoKoEA
.quantserve.com/	1970-01-21 01:22:37	Name: mc Value: 6540c513-64612-25ac7-6a657
.bidswitch.net/	1970-01-21 00:37:59	Name: c Value: 1698743571
.bidswitch.net/	1970-01-21 00:37:59	Name: tuuid_lu Value: 1698743571
.bidswitch.net/	1970-01-21 00:37:59	Name: tuuid Value: ffef5e6c-c065-4968-8cb2-8af99f8fe122
.bidswitch.net/	1970-01-20 15:52:23	Name: google_push Value: AXcoOmQcUhx8p2qIOvVKsT9ZFE3dB9DRONrAXgTlfyRgu0yh3snjLW_dbWd7VaGMNZCvhORXR9BSixRBF-6jbIxd8CY3Z9E-bfzFog
.smaato.net/	1970-01-20 16:22:37	Name: SCM Value: 0b8e256cf9
.smaato.net/	1970-01-20 16:22:37	Name: SCMaps Value: 0b8e256cf9
.dotomi.com/	1970-01-20 15:52:23	Name: DotomiTest Value: 78b652ca1aa015bb
.uuidksinc.net/	1970-01-21 00:37:59	Name: jcsuuid Value: 0fbCZtUM6aeeBJtUI4Ah
.1rx.io/	1970-01-21 00:37:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-252d82a3-6222-4550-9630-3b6ed6c02ffa-003%22%7D
.360yield.com/	1970-01-20 18:01:59	Name: tuuid Value: d5b93bd3-406f-4974-8bb6-a9a65d5204bd
.360yield.com/	1970-01-20 18:01:59	Name: tuuid_lu Value: 1698743571
.mediago.io/	1970-01-21 00:37:59	Name: __mguid_ Value: f34e9699ce05e31d13lnaf00loe428sh
.targeting.unrulymedia.com/	1970-01-21 00:37:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-252d82a3-6222-4550-9630-3b6ed6c02ffa-003%22%7D
.amazon-adsystem.com/	1970-01-20 21:43:45	Name: ad-id Value: A3oFrFECw0vxkOv8eM_3fzc
.amazon-adsystem.com/	1970-01-21 01:28:23	Name: ad-privacy Value: 0
.inmobi.com/	1970-01-20 18:01:59	Name: idsp_c Value: 039d61c5-0299-4625-a25e-12b460e80929
.adfarm1.adition.com/	1970-01-20 18:01:59	Name: UserID1 Value: 7296048086053746844
.doubleclick.net/	1970-01-20 15:52:27	Name: DSID Value: NO_DATA
.de17a.com/	1970-01-21 00:30:47	Name: guid Value: 1.2880753791869838123
.googleadservices.com/	1970-01-20 18:01:59	Name: ar_debug Value: 1
fksnk.com/	1970-01-20 16:02:28	Name: AWSALBCORS Value: rImOqTpr7+tj8EX/CSXxu9PRPFdnaaeDooHrv8xDVR/5n6gQYdXh0zKRqD0xuMUpFE1Gvold+vOjU0M00xUOFoXyBWo8LU65YKq64JkyEsnJPK3I0pFDMhWbB9gO
.fksnk.com/	1970-01-20 18:01:59	Name: f_001 Value: C99D37AD4995F790
.fksnk.com/	1970-01-20 15:53:49	Name: g_001 Value: 1
sync.srv.stackadapt.com/	1970-01-21 00:37:59	Name: sa-user-id Value: s%3A0-423301a4-1b44-5198-6111-30c6f6bbbf45.B3GcBvTq2LUULpxrPbtTIilAzbpFSj7O0cfbslCgI5Q
.srv.stackadapt.com/	1970-01-21 00:37:59	Name: sa-user-id Value: s%3A0-423301a4-1b44-5198-6111-30c6f6bbbf45.B3GcBvTq2LUULpxrPbtTIilAzbpFSj7O0cfbslCgI5Q
sync.srv.stackadapt.com/	1970-01-21 00:37:59	Name: sa-user-id-v2 Value: s%3AQjMBpBtEUZhhETDG9ru_RcPOaYY.b49avi9%2F1OZkOHqX1ADaWRsch07y5ZvtLYO3IJ3OOqQ
.srv.stackadapt.com/	1970-01-21 00:37:59	Name: sa-user-id-v2 Value: s%3AQjMBpBtEUZhhETDG9ru_RcPOaYY.b49avi9%2F1OZkOHqX1ADaWRsch07y5ZvtLYO3IJ3OOqQ
sync.srv.stackadapt.com/	1970-01-21 00:37:59	Name: sa-user-id-v3 Value: s%3AAQAKIHt83e0IyEUvixewggvBfq9PCih3XInfGs2TQ6613jrfEHwYBCCVioOqBjABOgTwi70wQgRQU1wi.ov0ZjobXAjMeTx9UKXM4sDrhAlhNxtbPn9FQ%2FpI0QZc
.srv.stackadapt.com/	1970-01-21 00:37:59	Name: sa-user-id-v3 Value: s%3AAQAKIHt83e0IyEUvixewggvBfq9PCih3XInfGs2TQ6613jrfEHwYBCCVioOqBjABOgTwi70wQgRQU1wi.ov0ZjobXAjMeTx9UKXM4sDrhAlhNxtbPn9FQ%2FpI0QZc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.xgcartoon.com/detail/jinglingbaokemeng_di1ji_wuyinbaokemeng_wuyinpianyueyu-tangshanbangyan Message: The resource https://9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9455d50fa5fd568bc656035e27331484.safeframe.googlesyndication.com
9eff515f3c2ba8afa4805d6b67d75a5e.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
c.bannerflow.net
c.statcounter.com
cc.adingo.jp
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
d362ac7242613ae50f7efef1c097abd3.safeframe.googlesyndication.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fksnk.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
id5-sync.com
im.bluevoox.com
lh5.googleusercontent.com
match.360yield.com
match.adsrvr.org
mweb.ck.inmobi.com
onetag-sys.com
pagead2.googlesyndication.com
region1.google-analytics.com
s.ad.smaato.net
s.uuidksinc.net
s0.2mdn.net
securepubads.g.doubleclick.net
shared.bannerflow.com
static-a.xgcartoon.com
sync.1rx.io
sync.inmobi.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
trace.mediago.io
www.google.com
www.googleadservices.com
www.googletagservices.com
www.xgcartoon.com
x.bidswitch.net
104.18.36.155
104.20.218.77
142.250.185.226
142.250.185.70
142.250.186.130
142.250.74.194
162.19.138.116
169.150.222.217
178.250.1.9
18.158.5.115
20.127.253.7
20.253.86.149
2001:4860:4802:34::36
213.155.156.180
2600:9000:211e:9000:1b:5138:8a40:93a1
2606:4700:10::ac43:2a0b
2606:4700::6810:307e
2606:4700::6811:c96e
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2006
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a02:fa8:8806:21::1720
3.210.56.15
3.33.220.150
31.220.27.135
35.208.249.213
35.73.229.47
46.228.174.117
51.89.9.251
52.45.175.185
52.95.122.74
54.197.54.94
54.220.88.250
85.114.159.93
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd
0fa0bd28109db2f67a86ba35904659d3b5527a7e4209c8b56cb56c92de6e8891
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17d9179a994074d388f4957b06013317c42eaa22efabfea0d1c4b3d28a359921
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1877cdf8d8a13e950759b09f02f8ac7c7da352c29c0693f9e9f083509b399629
19ef36d000460f3ddb07951ef3b692bea1df46cd1eb4d2b589998f2f090900fc
1a48d221d0eae4fa0d090bfa3afd33910ecf29adde349eb2c7467ecc8ffc40ad
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
1debf54b5eaa232a2de5ee74c98720ba063753870e96685e75d285112e749ae7
25c9cd324dafe286f9709fb61c1a2929462b0d50dfcdf3ccdf28020556741cd5
2927beb7b152a1d6cf2976e3667c5048ca26f66679b7b483ea4e575eb197901f
292e87271a357e6fa7c0e9aec72ccdc26a8784a03e707ae057ccbe7ce3173dfb
29cc53c94045f5992fe796c8c978b1c06e691ad2509afcbbf9fcccd09a748944
29d2ce9d8c380fc3b9348c234b6b9202741b81485b1b2c30324b304f4364eb2b
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3163409afb54fe7233aa9744efb4da056312382e35f01bdf7b8c105e4961b9a3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45ae7110e10b3f22fa274c773ba4ae973b72244a776be7dd25ea5566a6661
3c4c951d2f340f201152162fc2ed2548c8f271a2b595a27e865310e293ed9d94
3cb8d8e7c172a0ecd19f38e42f1f2e6e6e493ad343324caaa3ad7f5ad36060d3
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4d49f317fbb82c72e0b49aef5d80b4524c282d50d49b14258e2facb1dae6bb07
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8a4a479c067c13069e18f60db1ceba87348552835ad96246bea781d3a9d667
54d928fb5b4d3f2f0d55f07cce9eefc654d52ea3c67166e55eb722fc8773d945
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6
5805815269440bc3c7491e53bf0207108c25779bc6b3953725b7d351b2d8fd2c
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17
5b1e55c33e1d9ad97b57374de29319c6db85b90006189420aeee51e388e8719d
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5cc06e6c2f2dd7b2fd52a2f868d99fbb19cc4265a042ba6d9c3ba213d7b33d4c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad
6821bbca1cd79111ed97d0364803acd3ba0fa4743bf6490cc5d92690e155a13c
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
707d23c9945509dfea0e64a23ae7d8572cad82ff4df2809d4416e2a7bbbf2210
7730df113cb00a7eebaa3bb187cfd50f92bded024a5f13d13eb550fee9ca9daf
78a9e6c0a86212c3b625841fdb4d5f3ccbf0a70ae0194fb7c333f7fcb5be164f
79018faf162399a68f6811504a776ad64866faf1a08bfb40c941ab24aae6a67e
79444aa316d8763fe5ab64dfea33a7190861686114ba8e8e062e0cec3c709302
7e8b34b211059ac233da032d11d5b96b9382aa7a2164f63d18adb54086ad9dc7
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
81bb18f5d75f17662f36f678924e9e15e432fb814b2a35d6a948f7d382fa45de
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8ccb468c058da5e92426f3a868dbe38245e3e4ed71985f96264ae1407c130ff9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
93817319b6994e316ff62e455d40ec5ff3a9f306c0e086e44a136779981e158e
96ac84759bf1cdbcef8d4750802777e86d59ee364f48e541e70e4095f2a0352d
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fe0497de60cceeebbda2647c655384818ef60478122d56be394f39a354b4449
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1305d7fe22cdb72433cedc38f8d72a05efb434400b066a5e42ec9a74ddd74be
a260229e2c8fb6852923d6b674196f7d1409caac8203178d9efb04e29e9b60ee
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a48fb424eb387c731848fbba825557b23cba384487e834318c94d34a16098194
a519a69711a4afaa89b35690561b45a6505efc7c9b495b3ad5efd95d29524a7c
a662868c226d447e032e657063f835a5cb14077b1862ed7e9706fd644555da89
aae706a08fe337a95ff045fdae179d44e0e937a7c9af396c0ddd8f837e680bea
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
ad5392c9cb4578b23da59ef5a19c404d9407f329ee5fbd388ffe2b600bf88645
ad973753e09e4d83b77873cb1f13e6e9c2b98206993e756a0f111bec62194cbb
ae2edc55d208e6c41aea56a07933f47c9661cc82adc3cf687ae304c2faef7eea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bf38c8beac5dce1b008454494e725cb8797a5f8091bc89d46db2184ff407ba
b3a77ca3e3a1d649c31554b8dd826b0d8c9177031a5c5558b334c442428a0efd
b48e13597c690c299f5a24b6e7f4a1cdb0db6de27e64ce42e8f5eeca2692f133
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d893147bdb85c6671c355db1a5e0147ab1c28d300d26f4aa7c3fb2996f42ea
c5b665f72e338ca43cae39b69204f9d56ae55c0eaf93fc0444ea5f24b822259b
c6ca130a71a71bc9ff7649d3a967a3f2b5d92ecbe00abb220fc7334c023eb3fb
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c8713f5965763be21e851f18074f92aecc06bf90abae3e14d6172d6332c480cc
c8c2c6197978c0e97c688810a516e8b3f7f8eae8565663eccff42299d2ae0938
cd5de11a9cd11f86feac18842dfb501cf13c160641298ed35bcf9eb68166151b
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d659da6aedd0ac4192474dc98c4ec024d41f26fecb28cfb299a33430b0814c34
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b6d811e9ecfce9e54ea94ca84356eb58dd7ab74de16e48a7927b3f28bea923
e742f7765cc584a0798aeb169bdd36abdcf8fab8912ff23eca35356516f4e20f
e75608f90f28063966d0bbbbad9bdea88dfdec0a9e1b9de6e19cac62bd4944e6
e81856c712e2357d424d8ba3fd7c1f37defb8b6da148d0a51e0b13a3874cb343
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041
e9f7a2af1bf6818e492a118a7d1b5e7eafb049c1700293dde27dfa73f5a4f411
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebe00e03813af8710231b2ee44f7361cd141e2c573f43ddc6d514900b1641c3b
ee7bbca5358b17c7a5e8c724f09e8f93eae7596fa32396fceebfc4c9ab0abaec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4df554ca21e59538cb3397f977be3e7d3b34a36357e1ff9758f0a20621c1dc
ef7a41a88c6afb72b81f22d3c4f48f67f709867b17e0cb7701bba22f0f47bd8c
f4d52000136c81e02a4959600f0da5cf57f776572b80b1beda60fa652d787e5c
f5e76ecb8cb7acac46c85434f8c63a3cccd06a04765ef3ff726fc57308def2f3
fc8947b18b7fc3d2446959a857ff34b9de9aad59ac9d9e95a31123bd61b69b52
ff4c8a509e22e5e733ff02cb382ca7497356af7275d43b8f755db52bab293388

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

226 Requests

89 %HTTPS

40 %IPv6

35 Domains

45 Subdomains

29 IPs

11 Countries

3588 kBTransfer

8863 kBSize

38 Cookies

1 Outgoing links

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

89 %
HTTPS

40 %
IPv6

35
Domains

45
Subdomains

29
IPs

11
Countries

3588 kB
Transfer

8863 kB
Size

38
Cookies

226 HTTP transactions
14 data transactions