urlscan.io logo urlscan.io
SecurityTrails logo

www.xgcartoon.com Open in urlscan Pro
169.150.222.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Submission: On December 19 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 5 countries across 23 domains to perform 146 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 169.150.222.217 60068 (CDN77 ^_^)
12 2a00:1450:400... 15169 (GOOGLE)
1 104.20.94.138 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 14 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 28 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 23.35.237.86 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 213.227.153.222 60781 (LEASEWEB-...)
1 146.75.118.132 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.226 15169 (GOOGLE)
1 213.227.153.220 60781 (LEASEWEB-...)
4 2a00:1450:400... 15169 (GOOGLE)
2 10 142.250.186.34 15169 (GOOGLE)
3 5 104.18.36.155 13335 (CLOUDFLAR...)
2 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 23.212.215.156 16625 (AKAMAI-AS)
2 2 3.69.92.105 16509 (AMAZON-02)
1 1 185.196.197.130 39572 (ADVANCEDH...)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
2 2 13.248.245.213 16509 (AMAZON-02)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 1 35.214.242.163 15169 (GOOGLE)
146 26
5    169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com
www.xgcartoon.com
12    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)
c.statcounter.com
5    2606:4700:20::681a:3f3 (United States)

ASN13335 (CLOUDFLARENET, US)
static-a.xgcartoon.com
14    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
28    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
34    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    213.227.153.222 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1t-eudc1.zemanta.com
1    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1-eudc1.zemanta.com
4    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
5    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    23.212.215.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-215-156.deploy.static.akamaitechnologies.com
px.owneriq.net
2    3.69.92.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-92-105.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    185.196.197.130 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    2600:1f18:612b:4200:b356:89b7:4cae:66dd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
google.partners.tremorhub.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
cs.media.net
1    35.214.242.163 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 163.242.214.35.bc.googleusercontent.com
csync.loopme.me
Apex Domain
Subdomains		 Transfer
68 googlesyndication.com
62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
2 MB
32 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
151 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
251 KB
10 xgcartoon.com
www.xgcartoon.com
static-a.xgcartoon.com
461 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
322 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 zemanta.com
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 25865
b1-eudc1.zemanta.com — Cisco Umbrella Rank: 27582
544 B
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
57 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
1 KB
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1523
476 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2138
15 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
461 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1381
934 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 13423
678 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 9014
335 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
78 KB
1 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 3815
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
256 B
1 statcounter.com
c.statcounter.com — Cisco Umbrella Rank: 10182
469 B
146 23
Domain Requested by
34 pagead2.googlesyndication.com 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.xgcartoon.com
tpc.googlesyndication.com
www.googletagservices.com
googleads.g.doubleclick.net
28 tpc.googlesyndication.com 1 redirects 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
14 securepubads.g.doubleclick.net 1 redirects cdn.ampproject.org
62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
www.googletagservices.com
12 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
10 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com cdn.ampproject.org
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.googletagservices.com 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 static-a.xgcartoon.com www.xgcartoon.com
5 www.xgcartoon.com www.xgcartoon.com
cdn.ampproject.org
4 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
3 b1t-eudc1.zemanta.com 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
widgets.outbrain.com
2 eb2.3lift.com 2 redirects
2 x.bidswitch.net 2 redirects
2 px.owneriq.net 1 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 www.googleadservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 widgets.outbrain.com 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
1 csync.loopme.me 1 redirects
1 cs.media.net 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 s0.2mdn.net googleads.g.doubleclick.net
1 b1-eudc1.zemanta.com
1 zem.outbrainimg.com 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
1 www.gstatic.com 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
1 fonts.googleapis.com 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
1 region1.google-analytics.com cdn.ampproject.org
1 c.statcounter.com www.xgcartoon.com
146 31

This site contains links to these domains. Also see Links.

Domain
tw.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G4		 2023-09-24 -
2024-10-25		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
xgcartoon.com
GTS CA 1P5		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.outbrainimg.com
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 20 frames:

Primary Page: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Frame ID: C3333B1F43777656A31D0E27FD51249B
Requests: 38 HTTP requests in this frame

Frame: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 75B4EEDCC9F9A2E0E07DB0D7C40B710E
Requests: 16 HTTP requests in this frame

Frame: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 2166E7C39CD0DF0CB50D654C7F64E436
Requests: 11 HTTP requests in this frame

Frame: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: A2D17FF22EE44BD133DD4FAED3192156
Requests: 11 HTTP requests in this frame

Frame: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 232EFFC910491AE014ABFEEA5C6DE2E5
Requests: 12 HTTP requests in this frame

Frame: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 48C77C92F07F1C259F12BED188CBFC54
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: D6C61022D9372FC4696C6A0994E4A20B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 9CC5270C8CCA360266CDAA3392F2446A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729211&bpp=171&bdt=147&idt=359&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3892282519&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079758%2C44798934%2C95320869%2C95320884&oid=2&pvsid=2248161989973387&tmod=1293038511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dqwppjcd5nac&fsb=1&dtd=368
Frame ID: D53F17ACE82147B8D3ABB3C337ACDAE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729311&bpp=136&bdt=247&idt=424&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3892282519&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C95320885&oid=2&pvsid=1095494245638371&tmod=322215430&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3mwmel1dgncf&fsb=1&dtd=431
Frame ID: CC2E7CD861FDD598616404C21AC1E42E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Frame ID: 610C1B3E6570178648C722FA86D1BC38
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AC4DCA704A6AC75C30FC26C2415DC0FC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 50D25B1D40B38D881AAF6D38C126B3B9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9044AD99CFB9040B4FBAD1D1A9BAC8EB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C321081A4E6150B7B5392DA4DB1C653B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYu5aJ-QEwAQ&v=APEucNX2W3T5ga_mGO4bJ89zzYxpHYY1ZBsqIm5ihz2eDC8lzMi_q6fJsHUe6Ewzr3jf_gxNeLf70Y5mjjX1PuSxVePTc_-rEQ
Frame ID: 049EA3E7867BA1863CBBFA87E530349D
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20DAC718AE8F156FE9B11A818014B508
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 569C9CB17C4DA1F5A061EDEF10A7C02F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 91FBA161ECE4B0798B67946158FE9394
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90B06C6D0C27CCE4F88A1ADB404D58B2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🍹黑莲花攻略手册 第1季 动态漫画 免费高清卡通动漫在线看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

146
Requests

92 %
HTTPS

48 %
IPv6

23
Domains

31
Subdomains

26
IPs

5
Countries

3272 kB
Transfer

6714 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCE4_G-2AEQoB8Y6AcyCAp2gl6LCUWc HTTP 301
  • https://tpc.googlesyndication.com/simgad/12441929713272658926
Request Chain 84
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CaP-HB1WBZaGsN4LVgQeVx4SYCszshtB0yvu32KQR-4KGy8IBEAEg08vOMGD1hYCA_AOgAZ_lg5oDyAEJqQLTxpYh-FizPuACAKgDAcgD2wSqBNECT9ATOBlFsU55tL-_kJ35Q3GvFidJ0nQqfmNuWMbAy6ay-zbwjokAFW_ctyP3gUNVo8rvPxEJg7rNN7mpiCtW17BT4PMOVlij_ztqbdbutAY4Aaa5jxGUveMLpw1GVpc9lB_YRbZ8uhfw2wGzpBhNzJkj7THucJcSuJpaD-tURXOBoyWg2Ir5u_2aLve2iZ8JPI5XzvoNOLtljpAFkLYgFEc2D3-zSn5SVBjixLc0WGChg5uO29zm1kx9YbqDIpkHSTa_pJpL0sI4bFfqAnUZ65xJAhZ4m4ZdxUzr5feceqR9ykb5A_LagkGk9GfhQPo6hf3uRam97Gq8CFMYW5g5CQh8BZAm2C6UFfHRy6xoVu1hXuDXtt9QiLw43fjpqRlqBlC9p8sfzy8K3hpoQoN6bIdYaHqUNVssOZu8pJutnk09T5Uu3SRdTj2K5Y_HwIoqAsAE_927nK4E4AQBiAWmlrGvRJIFBAgEGAGSBQQIBRgEoAYugAfe_IE4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEM_bAtIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYm5jenYubgwOaCWZodHRwczovL3d3dy5hdXRvc2NvdXQyNC5jaC9kZS9hdXRvcy9hbGxlLW1hcmtlbj9mdWVsPTE2JTJDNTElMkMyNDclMkMyNDglMkMyNDAlMkMyNDMmbWFrZT0tMSZ2ZWh0eXA9MTCACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAtoMEQoLEJCE_oqx8MHMhwESAgED4g0TCLHH3p2Lm4MDFYJq4AodlSMBo9gTDdAVAYAXAbIXHgocCAASFHB1Yi0zMDM5MTk5NTAzNDAzNjM0GJnSIQ&sigh=YV98HYzwQk8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_ochu2-7ECWkzHCyxTW_uDVBzxBGmzBgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x47d8e63e66d539b90000000000000000%22,%222%22:%220x7f87a098ba5f1f8a0000000000000000%22,%223%22:%220xfa76d43e3f1ca27f0000000000000000%22,%224%22:%220xb4d260145528ce730000000000000000%22,%225%22:%220x754efc4d0704bd720000000000000000%22},%22debug_key%22:%222602572594245365584%22,%22debug_reporting%22:true,%22destination%22:%22https://autoscout24.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22859894431%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222391747811665090737%22}&andc=true
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECy0K-pZMJSXibh9XlffN7A&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECy0K-pZMJSXibh9XlffN7A&google_cver=1&C=1
Request Chain 122
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYFVCmlax41NlwzYNEe-EwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECy0K-pZMJSXibh9XlffN7A&google_cver=1
Request Chain 136
  • https://px.owneriq.net/ecmg?google_gid=CAESELLAhiJKMw8Wcpdb605I6Nk&google_cver=1&google_push=AXcoOmTV08gE7zgGCeRuTsNZGM66gu6Z8S6KiWtySLynShQqKbSUy-9iG6nJp8L75XW0W2F6LTBLBmNAz37RhYG3iuYSbxF7u2ONK19vePaD-WRwdRMKfsbtYXhlC1-gwxg_IAbTLYbZDMKucVmnr4O1KYPX HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 137
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKkT5CN7j9vP54jrZYY9JVI&google_cver=1&google_push=AXcoOmQ8FlvyR-_MUVaDeI-Jb7GrV-eyX__8VWjMjNY70vHn5US6kJoddkbpNJnosyHzFkK9cKgaV6A1xZjBQN1PqG63TavYtA5v0CikW7MBAUMRKoQfCj-8WV4jaAyIsrtdKtQNounOkDg3D5kEeK-8lO2r HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKkT5CN7j9vP54jrZYY9JVI&google_cver=1&google_push=AXcoOmQ8FlvyR-_MUVaDeI-Jb7GrV-eyX__8VWjMjNY70vHn5US6kJoddkbpNJnosyHzFkK9cKgaV6A1xZjBQN1PqG63TavYtA5v0CikW7MBAUMRKoQfCj-8WV4jaAyIsrtdKtQNounOkDg3D5kEeK-8lO2r HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ8FlvyR-_MUVaDeI-Jb7GrV-eyX__8VWjMjNY70vHn5US6kJoddkbpNJnosyHzFkK9cKgaV6A1xZjBQN1PqG63TavYtA5v0CikW7MBAUMRKoQfCj-8WV4jaAyIsrtdKtQNounOkDg3D5kEeK-8lO2r&google_hm=fDIXrN20Qey-cKOoLVzT4A==
Request Chain 138
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEDYKtbJ-VHFiOmlFxmmC_mM&c_param1=AXcoOmR5YG3IBXt_ytFCGA27a4JnwOPVXzW8-Fyj0tFcUNbfUVC92DO3YsQY-1GBq88paoCmChwhE1A0JG21yDMgHpkJgBeN9CvZ9wkPeerD79ryv6RTFPfnbJF1ZwnVcNQEh52eN5Bppxmw6x-sQvSuoWvX&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmR5YG3IBXt_ytFCGA27a4JnwOPVXzW8-Fyj0tFcUNbfUVC92DO3YsQY-1GBq88paoCmChwhE1A0JG21yDMgHpkJgBeN9CvZ9wkPeerD79ryv6RTFPfnbJF1ZwnVcNQEh52eN5Bppxmw6x-sQvSuoWvX
Request Chain 139
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEJvKW94cOvTcejV1C6xIkE8&google_cver=1&google_push=AXcoOmSHYBwv-kmgnGtNLqU2jgZ2AJbQqNTb85o1Kdlpf7xUkmJcckSfM5mAtxqaay-UNPm4uUHLG07aWik_C8hJ2PKUD6qJo76GQPg5-L_2J5bxQn9tCn10sTJX7K9jJE0gXDX23GDdUjIHlDCXNb7TxA7K HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MGQ0OTA3MDVmZWU0NGExNWFiZmUwN2E0NTM3M2Q3ZWQ%3D&UIDF=CAESEJvKW94cOvTcejV1C6xIkE8&google_cver=1&google_push=AXcoOmSHYBwv-kmgnGtNLqU2jgZ2AJbQqNTb85o1Kdlpf7xUkmJcckSfM5mAtxqaay-UNPm4uUHLG07aWik_C8hJ2PKUD6qJo76GQPg5-L_2J5bxQn9tCn10sTJX7K9jJE0gXDX23GDdUjIHlDCXNb7TxA7K
Request Chain 140
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKkit6XTcnXv9BpCF2zn7ts&google_cver=1&google_push=AXcoOmRnSMIo0q4J_ZTuL49HwnJKq8DLC1IE42rtWn2Euz1E2LwDk-EzUzgOnC-rR2z4T48VEFSrHMDcWd3UlKTuhQv5aDd9rKDZv7v1jDuLobOIkE0fze_bLCSskzOo-YxC-iU2h5Df3m4ma4zMso-Pq4ZU HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRnSMIo0q4J_ZTuL49HwnJKq8DLC1IE42rtWn2Euz1E2LwDk-EzUzgOnC-rR2z4T48VEFSrHMDcWd3UlKTuhQv5aDd9rKDZv7v1jDuLobOIkE0fze_bLCSskzOo-YxC-iU2h5Df3m4ma4zMso-Pq4ZU&google_gid=CAESEKkit6XTcnXv9BpCF2zn7ts HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTQ5MDcwOTU5NTAyMzkzMzIyNDI0&google_push=AXcoOmRnSMIo0q4J_ZTuL49HwnJKq8DLC1IE42rtWn2Euz1E2LwDk-EzUzgOnC-rR2z4T48VEFSrHMDcWd3UlKTuhQv5aDd9rKDZv7v1jDuLobOIkE0fze_bLCSskzOo-YxC-iU2h5Df3m4ma4zMso-Pq4ZU
Request Chain 141
  • https://cs.media.net/cksync?type=g&google_gid=CAESEB_2zsn1qRC9Og8pme-s1bU&google_cver=1&google_push=AXcoOmQLZUnS-pMm7zARlHxsDzeEWk7wiM4UkyJuOVh35FnBvKoccOhNnw7RlLlSrOUSFcMILqR4_M6W4LoKYHgBm4F-Tz1B0-_0_4zEJc77qGJmSab2WDNMOum8TEJj_q6g1O4MmhCv0mwttF1gOBLcahty HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1OTc2MzMxNzI1Mzc5MTAwMFYxMA%3d%3d&mn_hm=MzQ1OTc2MzMxNzI1Mzc5MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQLZUnS-pMm7zARlHxsDzeEWk7wiM4UkyJuOVh35FnBvKoccOhNnw7RlLlSrOUSFcMILqR4_M6W4LoKYHgBm4F-Tz1B0-_0_4zEJc77qGJmSab2WDNMOum8TEJj_q6g1O4MmhCv0mwttF1gOBLcahty&gdpr=&gdpr_consent=
Request Chain 142
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEEFcyvnz1TkbFG_2ektNuIY&google_cver=1&google_push=AXcoOmSXC-QGhA0FGjj2G-7U74dMiBj5LhbNnwgCYYxJHNCJNC2osTctHM1f3g8sKo_kmhPrEdS40gszwvO6nCvCvT2EbppbU2J9OGyqd-S4UBjR8injf-61Vz4BkZExVcUvXFf5grBg_JrW4hqJ3zGv-8IKGQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=04466c0e-3921-46f1-b655-7900e995e7fa&google_cver=1&google_gid=CAESEEFcyvnz1TkbFG_2ektNuIY&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSXC-QGhA0FGjj2G-7U74dMiBj5LhbNnwgCYYxJHNCJNC2osTctHM1f3g8sKo_kmhPrEdS40gszwvO6nCvCvT2EbppbU2J9OGyqd-S4UBjR8injf-61Vz4BkZExVcUvXFf5grBg_JrW4hqJ3zGv-8IKGQ&gdpr=${GDPR}

146 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
www.xgcartoon.com/detail/ 		86 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
59c30fd287c710b8df7d0976849eb628c7097cd2d0c517bce730392b70e79343

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 19 Dec 2023 08:32:07 GMT
etag
"15935-lr1h7jikDtt+G+jBjfMVP+HLvsc"
expires
Tue, 19 Dec 2023 08:33:07 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 08:32:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73141
x-xss-protection
0
server
sffe
etag
"20620290c9309704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Dec 2023 08:32:07 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 08:32:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23125
x-xss-protection
0
server
sffe
etag
"03885caa855825de"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Dec 2023 08:32:07 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 08:32:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9459
x-xss-protection
0
server
sffe
etag
"8a483731af74fd28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Dec 2023 08:32:07 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 08:32:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14979
x-xss-protection
0
server
sffe
etag
"5c37322451a9f07d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Dec 2023 08:32:07 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 08:32:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15383
x-xss-protection
0
server
sffe
etag
"10ecb1b2e6eeaabe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Dec 2023 08:32:07 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 08:32:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4740
x-xss-protection
0
server
sffe
etag
"e23d2a0d990fab56"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Dec 2023 08:32:07 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 08:32:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10344
x-xss-protection
0
server
sffe
etag
"710c75735c511774"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Dec 2023 08:32:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 08:32:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32187
x-xss-protection
0
server
sffe
etag
"f62e83b3b94bc414"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Dec 2023 08:32:07 GMT
logo.png
www.xgcartoon.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:07 GMT
last-modified
Sun, 28 Aug 2022 14:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"3473-182e4ca3706"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
13427
expires
Tue, 19 Dec 2023 08:35:07 GMT
/
c.statcounter.com/12916097/0/c55d9f9f/1/ 		49 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray
837e4b0f5f690e73-MXP
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT
heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong.jpg
static-a.xgcartoon.com/cover/ 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adc68f5e7262c801ba96bf28010d98881c702e823c8a0ee9e9d6a377cc16ad1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:08 GMT
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2023 01:46:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"EE2C5C12A9970ABFDDF468630CA09D98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73%2FiVyXXfBDeLasymYeHsf1zK24UOuMtJk8q4GASHiafF7ualbRGyk8hr5TCFAl6nDgq9IzhlQoomcK9e1P4ZNAdOjtGJ8UDq7gkbNVaV%2BRRf4VgwUFmF%2BjhRMg7%2FRTghOEYtVGXgLn0S%2B4VyrqrngKFGBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
837e4b107ff80e4f-MXP
content-length
147277
expires
Wed, 20 Dec 2023 04:02:52 GMT
play.png
www.xgcartoon.com/img/ 		470 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:07 GMT
last-modified
Wed, 17 Aug 2022 11:09:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1d6-182ab7e5700"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
470
expires
Tue, 19 Dec 2023 08:35:07 GMT
star.png
www.xgcartoon.com/img/ 		424 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:07 GMT
last-modified
Wed, 17 Aug 2022 11:09:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1a8-182ab7e37c0"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
424
expires
Tue, 19 Dec 2023 08:35:07 GMT
yangdiweihuan_dongtaimanhua_diyiji-fengyuziran.jpg
static-a.xgcartoon.com/cover/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/yangdiweihuan_dongtaimanhua_diyiji-fengyuziran.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cbce237f220a3cd2094e1692fcec22889209595a5caab7d47c7df5bccbe8914

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:08 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Jan 2023 08:05:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"FB7E7E7846219CAD17A40EA6BAE27903"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehnlEjCmpEPwiMSU00JWxzlsKkQUO%2BxtlGSG2Po%2B54XHj0Y%2BUE9Pour1ELjOCdvr0%2BAJSW%2BXGP8NQqPJ6Xc2X1FuODnymadceZBfdWFMd0oMctNH9D8QdJwRXlZZop3ecva6SzGIdLIJJDVQKYNIbIiAbxA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
837e4b107ff70e4f-MXP
content-length
70229
expires
Tue, 19 Dec 2023 17:34:36 GMT
tianguancifuguoyu-moxiangtongchou.jpg
static-a.xgcartoon.com/cover/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/tianguancifuguoyu-moxiangtongchou.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22179d4bbc973a8a199b1b367d47bd30a25c8890e46d11f949fca034810ff59d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:08 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 01:27:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8E8085D9C0DDAC2BE7D3FA930A36390D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BI828vxGfrrgygFJvC58gYc%2FRI7ripFAX8IpFIl4spGs0Vv4D0NRlPSOwNJdOwFVHPTSAzcIbbwThW5dA%2BAvEcPfaDHewy77isjDJFZHwsCKVHuhEalhg0VG%2Bz83RpKSxOMufdIEa0DObAI6UVeRcmA2uo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
837e4b107ff60e4f-MXP
content-length
76591
expires
Wed, 20 Dec 2023 18:25:27 GMT
yangdiweihuan_dongtaimanhua_dierji-fengyuziran.jpg
static-a.xgcartoon.com/cover/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/yangdiweihuan_dongtaimanhua_dierji-fengyuziran.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96be44e64fcde173dd1f4a09044898489e11f46040a158dd4c4ff04c628b742

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:08 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Jan 2023 08:25:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D920591BA0D87440FF947355DECAED8A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKGfe0CbhRIEjXBeuGtCuRAJzmQpP%2FE%2Fb7FonBXKrimATTugY4tAxZptvFNTLpt%2Bw6o%2Fu%2FW9Doe9tcjewCc3OrNxNghmp%2FBLeWSw1oIL4JY8nxxh4mRcr4XdyGbSUPfw%2FaaYCl8a%2FNb2UFU5yANgiPA4RNw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
837e4b107ff90e4f-MXP
content-length
63880
expires
Fri, 22 Dec 2023 05:32:39 GMT
fanpaidatuiwobaodingle_dongtaimanhua-akewenhua.jpg
static-a.xgcartoon.com/cover/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/fanpaidatuiwobaodingle_dongtaimanhua-akewenhua.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae13bd0417de7d7102ec2080124ed40f8ccf9277c70c3f00cb03823f1223fcf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:07 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Dec 2022 04:44:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
67576
etag
"A61727D13AEEBF329C29133F54621AEC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVipKBzOgjKhipxiSmG8sUF%2BQff0jWX224j3m7sYjJzObUVN%2FmWArZfLmzGXqEYQIqJw7wkz5JKqc%2BkPD4zjfgld43Ib3jkz292u1B%2FZXFdw3K%2FyI9bhBvHH3IPqXim0nrX0EjNLQFihQCCwQdOnI2Ijp%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
837e4b107ff50e4f-MXP
content-length
75533
expires
Wed, 20 Dec 2023 06:17:43 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 17:16:01 GMT
age
573366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"a9f93cfafa19b094"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 17:16:01 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		953 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		792 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		440 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		394 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		227 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		154 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		237 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 17:16:24 GMT
age
573343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63654
x-xss-protection
0
server
sffe
etag
"7d5e78ba8c7d5e5d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 17:16:24 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Dec 2023 06:27:05 GMT
age
93902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3942
x-xss-protection
0
server
sffe
etag
"4694a1430564add5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 17 Dec 2024 06:27:05 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		39 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=172001956&ga_cid=amp-eIAX1nvWPJuOkXNcR72KfA&ga_hid=1956&dt=1702974727806&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fheilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong&bdt=325&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a846dccef04cf7bf765ae31400de6f62d95f9f8328e9ff8ed24f5a40dce6af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15976
x-xss-protection
0
google-lineitem-id
-1
x-qqid
COihm56Lm4MDFTYwVQgdTx0ENA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Tue, 19 Dec 2023 08:32:09 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		132 KB
41 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=172001956&ga_cid=amp-eIAX1nvWPJuOkXNcR72KfA&ga_hid=1956&dt=1702974727807&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fheilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong&bdt=326&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7872b217d2bedf22a5adb47ddd8c1f3fb25e30c42b3a764e7f5b520d9f588fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
232x600
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41111
x-xss-protection
0
google-lineitem-id
-1
x-qqid
COHL352Lm4MDFYJq4AodlSMBow
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Tue, 19 Dec 2023 08:32:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=172001956&ga_cid=amp-eIAX1nvWPJuOkXNcR72KfA&ga_hid=1956&dt=1702974727807&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fheilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong&bdt=326&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c03e943822fa68d66807880022fc1e101a71e3d61cbba046564f184311d28f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
300x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13724
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CO3b3p2Lm4MDFc8jVQgdEdILoA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324663403
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Tue, 19 Dec 2023 08:32:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=172001956&ga_cid=amp-eIAX1nvWPJuOkXNcR72KfA&ga_hid=1956&dt=1702974727807&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fheilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong&bdt=326&dtd=9&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7953467a2baf93d63b71b947f3b06ebb59e845889b0a9093fb93d6038b459f00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
320x50
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13739
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CLvV3p2Lm4MDFUY0VQgdgM4MmA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027455953
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Tue, 19 Dec 2023 08:32:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=172001956&ga_cid=amp-eIAX1nvWPJuOkXNcR72KfA&ga_hid=1956&dt=1702974727807&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fheilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong&bdt=326&dtd=9&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a54b4a311113804e5faf2f5ce18cba7386309775479d468c59f9b1087768f160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
728x90
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13708
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CNjY3p2Lm4MDFUwGVQgdXzsLBw
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027453313
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Tue, 19 Dec 2023 08:32:08 GMT
container.html
62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
googleanalytics.json
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Dec 2023 06:42:41 GMT
age
6567
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"e666ca0e175b1b23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Dec 2024 06:42:41 GMT
ga4.json
www.xgcartoon.com/js/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
AMP-Same-Origin
true
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:08 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 10:49:40 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"11d8-187c255423d"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cache-control
max-age=180
accept-ranges
bytes
expires
Tue, 19 Dec 2023 08:35:08 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=1956&cid=amp-eIAX1nvWPJuOkXNcR72KfA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fheilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong&dr=&dt=%F0%9F%8D%B9%E9%BB%91%E8%8E%B2%E8%8A%B1%E6%94%BB%E7%95%A5%E6%89%8B%E5%86%8C%20%E7%AC%AC1%E5%AD%A3%20%E5%8A%A8%E6%80%81%E6%BC%AB%E7%94%BB%20%E5%85%8D%E8%B4%B9%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8A%A8%E6%BC%AB%E5%9C%A8%E7%BA%BF%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1702974729&sct=1&seg=1&_et=1000&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75B4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:09 GMT
expires
Wed, 18 Dec 2024 08:32:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2166 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:09 GMT
expires
Wed, 18 Dec 2024 08:32:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A2D1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:09 GMT
expires
Wed, 18 Dec 2024 08:32:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 232E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:09 GMT
expires
Wed, 18 Dec 2024 08:32:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 75B4 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 07:26:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 08:32:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 75B4 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
23870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 75B4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
34312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 75B4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 22:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 22:13:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 75B4 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
23870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 01:54:19 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 75B4 		202 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:52:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
2405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62114
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-9
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:52:04 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 75B4 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 17 Mar 2024 13:56:43 GMT
8923442123103604869
tpc.googlesyndication.com/gpa_images/simgad/ Frame 75B4 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/8923442123103604869
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5387650a25157591603cfb8911451ff912ef2c6f9d584247131ae8db7fad3718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:18:20 GMT
x-content-type-options
nosniff
age
602029
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219860
x-xss-protection
0
last-modified
Sat, 25 Nov 2023 12:36:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:18:20 GMT
2955432601998823778
tpc.googlesyndication.com/gpa_images/simgad/ Frame 75B4 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/2955432601998823778
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e41a88abd791194546dc153850b2d45750ea6adfb8d8b4a6158f93db6b899a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 04:04:10 GMT
date
Tue, 19 Dec 2023 04:04:10 GMT
x-content-type-options
nosniff
age
16079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
262590
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 12:21:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
8533843401586138335
tpc.googlesyndication.com/gpa_images/simgad/ Frame 75B4 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/8533843401586138335
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b375eca35c7defed13c09a3ccf5a4f3a5ac601c35a3739c3efafb3ed23747971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 14 Dec 2024 23:10:48 GMT
date
Fri, 15 Dec 2023 23:10:48 GMT
x-content-type-options
nosniff
age
292881
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174350
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 22:12:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
12441929713272658926
tpc.googlesyndication.com/simgad/ Frame 75B4
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCE4_G-2AEQoB8Y6AcyCAp2gl6LCUWc
  • https://tpc.googlesyndication.com/simgad/12441929713272658926
333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12441929713272658926
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63c8b3c43ed081543104b404ce5877b1c794e01a6a9e2c06303fb3b591b2d05a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 04:00:57 GMT
date
Sat, 16 Dec 2023 04:00:57 GMT
x-content-type-options
nosniff
age
275472
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
340935
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 12:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true

Redirect headers

date
Mon, 18 Dec 2023 12:05:43 GMT
x-content-type-options
nosniff
server
cafe
age
73586
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/12441929713272658926
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 Jan 2024 12:05:43 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2166 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
24940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Dec 2024 01:36:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2166 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0980710eec750d23efdab8ccc9eb5c98fb66bf99e93c30978fc24b0620a52f28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10281
x-xss-protection
0
server
cafe
etag
998849249425960447
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2166 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A2D1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
24940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Dec 2024 01:36:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A2D1 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ae56bf7ed6a1b512a9e91eb3a9bde38a640f12e9cb2305fa22c27c672eee48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10276
x-xss-protection
0
server
cafe
etag
7421675374042392167
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A2D1 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 232E 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
24940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Dec 2024 01:36:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 232E 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b4ab467cb9a01f083b4fd37b808ea5797f28acfaa15516286e1701ecd1656a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10276
x-xss-protection
0
server
cafe
etag
248113207115717106
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 232E 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
container.html
62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 48C7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:09 GMT
expires
Wed, 18 Dec 2024 08:32:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 75B4 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f7620698fa7b2437e7a8110863ec62b871deeb08175fa0271aa19418ed4258a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2166 		0
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmOIMRytCtOEo2ACl4rmdME9dJ2sWMCsh_PxliJPNfT4e-8cDbDye1hlc1wrMxAlmDMVknFg3kP6Q1ER3CI5SGxswVTICGELRwQtDcL6JbRhrPlwLQEcbuHVksqfXtoyMKclikWZa-yjWU5MLcJcazjoW7Y--g3nABw-VspmKxC_fuOd2O3K68BZBx0_s3oVp1xpxkePGjk7pmw-D3Zkr-CPB92g3LpqlQMvnGC5gAp1Vt2CxlcVJgAQoZLFOg3Klj5Somfc_M-Gw__gAqn56h5B0cizjEiCgakmMvJ-sEZpQJQL1T9tM8c6nZ0y_0QMQJ83hDvYk54SdSVWsy7o57VLQ4o8YxEcNrC2R5CIb9-z2LrMeDD7wLN_pTWppFdFpparwhZ7Wz9938a8O0&sai=AMfl-YTiIkHtfic3BK4UnGMLVTJVPXGPlggzcE1vpkpkXAOk50mwy8-uZO-RLv253gRgZ5O3ew-_Q8V_-intqTA&sig=Cg0ArKJSzBN8ukyAsALfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 08:32:09 GMT
widget.js
widgets.outbrain.com/n2d/widget/ Frame 48C7 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a65b149dbc152f0357b23971dce7a05cef1d1fdb53434b1dc3b51e6588a1f74b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
gzip
content-length
13461
last-modified
Fri, 15 Dec 2023 09:31:53 GMT
server
AkamaiNetStorage
etag
"ad6a1228938275cf89d1d737900117ae:1702633185.193327"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Tue, 19 Dec 2023 12:32:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 48C7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 22:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 22:13:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 48C7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
23870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 01:54:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 48C7 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
24940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Dec 2024 01:36:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 48C7 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A2D1 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7hOAeCsaCpUCH8zsMFsHijWryvM9CLQ5a-eaQje-3Tb2pUO7ftfIeun8jugNxjCs_mvro3qO-rFHTG33ygw8sTr2OsjW6IIUQr_tWKGAP0fFq2sYKfOIHh_Ybzh2lXmhNDX2hypTVMYiuiczVTifuxggBVUipSOjINbiT4wC4fm8ue_7i5tk9VWh6ND0_9CWZrKi2p456Cykxa-AAwSq-ojBv_wJkXSQ9XGSg88ilgu488ugqDsn16fz7BuPFTu2Hn9XInj0m59525iHc71uKVSrhjLwAEIN5dZORVPXgWCWzqB3gKyHe3QtgDjo0g5sq39fRhbXmJCLg3NmzUJ3FRv9julkYm2CxFyPxb_8SistCS_B4P28nobNaG7dVEQI2dYOd_73-WkidPsN5&sai=AMfl-YTq32n45x5YCR_-J2krG9qHB0iyuFfA09sa3s2NeYkguF1SAhNx7Taw9z2ZQnCMAx0QNjnuNwUUb7gsUZA&sig=Cg0ArKJSzKF6vfX7thPaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 08:32:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 232E 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvU4hVhgXBGOkOqIRugECcT-4IGunyEWL05uzdWv9zfKHNHtnlMR6LGsnsNC-RlzFK0WJqEflmkzUTTbC5dvLsVXLe9VANzGYutAzHpbMM6mD-f0U5fsc_CJyZaXU3BiDn-UHqkdM6KfUQ-tJSkfK2dMV0AVdKP2aKWDS__-3Dp60ok250vJdDwOH7cUhA-UaqrY4I42fB_FPAtXRA9Cq0e2t4trbaDvKMrzm2irZes7RNgLlNeDIlv8_7cM4MRpWigUtoOT_t8c7tQNtvars205LEQ4OinvXBpsB4HFYb6NCmj_fq5xgYYvPEEzEAoDZrpWubzDDteQe-Su9LU74J--U0ql5jmdUBhBPdRpEGFHdKj2f4IYbDlC_d_MVtKCXNGgncH3cqxPYoDhAPzwg&sai=AMfl-YRsUuVpE4fZGCP5XnOMEUwoipu_WcYWEisu6gwrnY1nS-JUYSkjEGR052Q0n0ZJfHzP6fHqOhgbt9qKjso&sig=Cg0ArKJSzF_0a1lmsMjIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 08:32:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2166 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1ea4bb0857ce1e8b80a4a0412436dd65d01480ce61ed02c685a1528b454d40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51243
x-xss-protection
0
server
cafe
etag
15997061101183180683
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 75B4 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 18:16:46 GMT
x-content-type-options
nosniff
age
51323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 18:16:46 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 75B4 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 10:23:28 GMT
x-content-type-options
nosniff
age
79721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 10:23:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A2D1 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a85f0021ebd5d5ddc7861ff8d2f5c8324b1881ad19d6fc5b759b0e0054b703a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51242
x-xss-protection
0
server
cafe
etag
12813513490072743959
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 48C7 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 18 Jan 2024 08:32:09 GMT
date
Tue, 19 Dec 2023 08:32:09 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
b1t-eudc1.zemanta.com/t/imp/impression/Y7IRTYJWCVLZMD36F3J56K4ADRBFMU6PICGUVQF2F7AV24GR5NHLRDGQMDHYT5Y2I4K27NBGNSFY34ZXXPNEQ3ALP6D3ZL5YA2HQY6VCFKA7XNOLZBO7YDMVKDIKEYSLGYEDSTZGMA24IBAIX56NNXVTSZ6HOV... Frame 48C7 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/Y7IRTYJWCVLZMD36F3J56K4ADRBFMU6PICGUVQF2F7AV24GR5NHLRDGQMDHYT5Y2I4K27NBGNSFY34ZXXPNEQ3ALP6D3ZL5YA2HQY6VCFKA7XNOLZBO7YDMVKDIKEYSLGYEDSTZGMA24IBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NECFSDO3DLK6JHJXYV7WVOY3RNLAGGE3BY4N42LXE5FSGX5ILUU6ZFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS63RQBDQ5VCIZT3ZPRL6RVRUK3CNE52KR6WTMP3GXHXQ6NZKM6NP6XH3F5HD2EF2JB5ISYBNG5BCB6SJBGEBP6MWNVT37UGAOC6QO6JTQ/?
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 08:32:09 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 232E 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45f3df2234154bbd9bde190b827b37241c0bad859a95ca180bca739155ae11ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51243
x-xss-protection
0
server
cafe
etag
10024293457004305388
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
0aee8a2ffe083c2e2cd0b56c86bc6928c4.png
zem.outbrainimg.com/p/srv/sha/77/c7/72/ Frame 48C7 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/77/c7/72/0aee8a2ffe083c2e2cd0b56c86bc6928c4.png?fit=crop&crop=faces&w=180&h=90&fm=jpg
Requested by
Host: 62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
URL: https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
24d18bcf8211d5ae00302987ae9d022aa37207d9adf7209fea35a98b52612c4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1603279
x-cache
HIT, MISS, HIT
x-imgix-id
17580994ae37060fdac910812b5fb148904c3c2d
cross-origin-resource-policy
cross-origin
content-length
8452
x-served-by
cache-sjc10044-SJC, cache-fra-eddf8230045-FRA, cache-fra-eddf8230116-FRA
x-imgix-render-farm
01.140328
last-modified
Thu, 30 Nov 2023 19:10:50 GMT
server
imgix
x-timer
S1702974729.415955,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
truncated
/ Frame 48C7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddb696bd97259d6221915957148c4c5f80b5a67853a12637d35ac74d2bd8bc04

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 232E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a4c670ddddb18227cc91775dfddba77e8c22eff2ea920bc51a9d1563bfc3a19

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 2166 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137924
x-xss-protection
0
server
cafe
etag
12092095142277381491
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame D6C6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
33196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Mon, 01 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaP-HB1WBZaGsN4LVgQeVx4SYCszshtB0yvu32KQR-4KGy8IBEAEg08vOMGD1hYCA_AOgAZ_lg5oDyAEJqQLTxpYh-FizPuACAKgDAcgD2wSqBNECT9ATOBlFsU55tL-_kJ35Q3GvFidJ0nQqfmNuWMbAy6ay-zbwjokAFW_ctyP3gUNVo8rvPxEJg7rNN7mpiCtW17BT4PMOVlij_ztqbdbutAY4Aaa5jxGUveMLpw1GVpc9lB_YRbZ8uhfw2wGzpBhNzJkj7THucJcSuJpaD-tURXOBoyWg2Ir5u_2aLve2iZ8JPI5XzvoNOLtljpAFkLYgFEc2D3-zSn5SVBjixLc0WGChg5uO29zm1kx9YbqDIpkHSTa_pJpL0sI4bFfqAnUZ65xJAhZ4m4ZdxUzr5feceqR9ykb5A_LagkGk9GfhQPo6hf3uRam97Gq8CFMYW5g5CQh8BZAm2C6UFfHRy6xoVu1hXuDXtt9QiLw43fjpqRlqBlC9p8sfzy8K3hpoQoN6bIdYaHqUNVssOZu8pJutnk09T5Uu3SRdTj2K5Y_HwIoqAsAE_927nK4E4AQBiAWmlrGvRJIFBAgEGAGSBQQIBRgEoAYugAfe_IE4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEM_bAtIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYm5jenYubgwOaCWZodHRwczovL3d3dy5hdXRvc2NvdXQyNC5jaC9kZS9hdXRvcy9hbGxlLW1hcmtlbj9mdWVsPTE2JTJDNTElMkMyNDclMkMyNDglMkMyNDAlMkMyNDMmbWFrZT0tMSZ2ZWh0eXA9MTCACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAtoMEQoLEJCE_oqx8MHMhwESAgED4g0TCLHH3p2Lm4MDFYJq4AodlSMBo9gTDdAVAYAXAbIXHgocCAASFHB1Yi0zMDM5MTk5NTAzNDAzNjM0GJnSIQ&sigh=YV98HYzwQk8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_ochu2-7ECWkzHCyxTW_uDVBzxBGmzBgB&template_id=494&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 08:32:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 75B4
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CaP-HB1WBZaGsN4LVgQeVx4SYCszshtB0yvu32KQR-4KGy8IBEAEg08vOMGD1hYCA_AOgAZ_lg5oDyAEJqQLTxpYh-FizPuACAKgDAcgD2wSqBNECT9ATOBlFsU55tL-_kJ35Q3GvFidJ...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x47d8e63e66d539b90000000000000000%22,%222%22:%220x7f87a098ba5f1f8a0000000000000000%22,%223%22:%220xfa76d4...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x47d8e63e66d539b90000000000000000%22,%222%22:%220x7f87a098ba5f1f8a0000000000000000%22,%223%22:%220xfa76d43e3f1ca27f0000000000000000%22,%224%22:%220xb4d260145528ce730000000000000000%22,%225%22:%220x754efc4d0704bd720000000000000000%22},%22debug_key%22:%222602572594245365584%22,%22debug_reporting%22:true,%22destination%22:%22https://autoscout24.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22859894431%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222391747811665090737%22}&andc=true
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x47d8e63e66d539b90000000000000000","2":"0x7f87a098ba5f1f8a0000000000000000","3":"0xfa76d43e3f1ca27f0000000000000000","4":"0xb4d260145528ce730000000000000000","5":"0x754efc4d0704bd720000000000000000"},"debug_key":"2602572594245365584","debug_reporting":true,"destination":"https://autoscout24.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["859894431"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"2391747811665090737"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 08:32:09 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 19 Dec 2023 08:32:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x47d8e63e66d539b90000000000000000","2":"0x7f87a098ba5f1f8a0000000000000000","3":"0xfa76d43e3f1ca27f0000000000000000","4":"0xb4d260145528ce730000000000000000","5":"0x754efc4d0704bd720000000000000000"},"debug_key":"2602572594245365584","debug_reporting":true,"destination":"https://autoscout24.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["859894431"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"2391747811665090737"}&andc=true
access-control-allow-origin
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 9CC5 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/heilianhuagonglveshouce_di1ji_dongtaimanhua-baiyuzhaidiaogong
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
70863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 12:51:06 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 48C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDsP-CFWBZej9Nbbg1PIPz7qQoAPXrJyCbsrq_Lz9EMCNtwEQASAAYPUFggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQngAgCoAwHIAwKqBLwCT9CmojS0ytkiVgfNt2La95gkGHnShaDx3QxaOIHPk1ELiuhCkA2DZ9nQ6g3eCKddOvX5IiPKqZc-5kIZP29FOo5Y6JCzKayDiB0Y7We_2OniSbrDNf0UzXpnS_FiDI6iLiABZASgqE4jXy4DUPcx3YboQ33VKpJRdr-edPfLmefm4Uamk7LfXGSFciEVtNrf2Vji01_U6VgO-mH2rn-_TueDnOVlnoM77FDZbh-kq0zB92OrwvCIwFKUlFPZibKtJjtCQ2v9m7QrmNkPSM2yEhZMCMVGhv7KHULuQSIZkqF9sZVjczcA_ZCJ6-RpEBaCuB2XJS91zHfEA3dhZqZt3S0-equA0csdHWyywRZ1CMbXoAJAMDxLpiATLn7Br7ppdLYavg9q-flb0ZFkgxkHCOLZHWK7Ry-eawugeuAEAYAG-oX575CmwrriAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOli2qd6di5uDA4AKA_oLAggBgAwB4g0TCNvd3p2Lm4MDFTYwVQgdTx0ENNAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=GmMH4RVadrs&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf_0v2jYdF_VLCXdE6s6XuQmdl975N36RgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
b1-eudc1.zemanta.com/bidder/win/googleadx_display/194f7a51-9e49-11ee-afbf-c1f11fff4e84/ZYFVCAANfugIVTA2AAQdT23lKq6_RezMc_Lyyg/JSAG3CWR6P6YMJYG2ZCKUZUC7SCKRB5FZ46XLSVPFIVGIE2FM3UBA33L3HK5TLUXFWE5VJU... Frame 48C7 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/194f7a51-9e49-11ee-afbf-c1f11fff4e84/ZYFVCAANfugIVTA2AAQdT23lKq6_RezMc_Lyyg/JSAG3CWR6P6YMJYG2ZCKUZUC7SCKRB5FZ46XLSVPFIVGIE2FM3UBA33L3HK5TLUXFWE5VJUIKH6DHGREMLFG4ESTGWGAGM474MGQWZGEUW2FYBDVY6INB752WRNLUU2WEYMLC7G2FZ2KKX2KJ6R27E4Z3BTL667L2QDGXITEPBRCIANDVUHI6QKYARKMVTPQGLJZQTNSFG7X6MJ5TPAATLNSIK3NY5BCPUZ5MMPYZZ7IH6XHFOAOMSSAITD2R2QJ4B5SP4ZQZE67OTIL6VMGJVIJ5YWQ7HAHLR4JHTV37ZHFYT73Y5SFKULXPP3Y3RH5P4F4PYUNVMDKEFBDJTL6C5YVTDRFN5A7KWXSOUB6X2OMAYDODVI42Y2YUUC43676YHMN3TYWRK426IU4ZIN3WJKH44ZSKQEILNTZD57KOHVGNIEVQIHDF4NFGFKRCRGPPC6UTRTZVBJBEZ5ZLQGQ6UIHKWAAYEAIDR4X2ZIJ53SKNVE4GRDZ2H35YAZAEPCOYFI6XVJVZ6GVQXEYROZB6WTCDQGZLM4KBJCUBYI/?amtw=&cbvp=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 19 Dec 2023 08:32:09 GMT
Content-Length
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame A2D1 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f71cf43d2c7f291d9b1bbf3d41aba7b86834718cefcc173a2407ff7dc7e4b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137927
x-xss-protection
0
server
cafe
etag
8975419293502978690
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 232E 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d57aa233be32941dd179520a51c4fe97189091df34ec1863bc0e77bb7372d8bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137934
x-xss-protection
0
server
cafe
etag
14435397972786892502
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D53F 		603 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729211&bpp=171&bdt=147&idt=359&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3892282519&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079758%2C44798934%2C95320869%2C95320884&oid=2&pvsid=2248161989973387&tmod=1293038511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dqwppjcd5nac&fsb=1&dtd=368
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x47d8e63e66d539b90000000000000000%22,%222%22:%220x7f87a098ba5f1f8a0000000000000000%22,%223%22:%220xfa76d43e3f1ca27f0000000000000000%22,%224%22:%220xb4d260145528ce730000000000000000%22,%225%22:%220x754efc4d0704bd720000000000000000%22},%22debug_key%22:%222602572594245365584%22,%22debug_reporting%22:true,%22destination%22:%22https://autoscout24.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22859894431%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222391747811665090737%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 08:32:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CC2E 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729311&bpp=136&bdt=247&idt=424&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3892282519&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C95320885&oid=2&pvsid=1095494245638371&tmod=322215430&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3mwmel1dgncf&fsb=1&dtd=431
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 610C 		24 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47cd9c974d258b031c74041b2bf4e1afe4335ae88ba1650d15d99a0f57376570
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11927
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2166 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSUzjwVvhpW9PceulMhjM_GH_4deeKLNsYqJ9ArSGwlmRZpidYwsDg5BnrvbEsfQirokRLfZB5EfQI3-4friuNwoXCPD0X2i5WtlQsHtitl-atP7Z-ZHPAPzfzHcCPucO9liSzkTqdmLSBTTaBlDezWf3zmBT7D0CguLzUzFABby6vQJ_IbaDmNHtKV5WY9nBkjzWsSqbX5qIQrmvMJ079E6_e5V6-yDrSbYUxYYiCGLGncA5mGs12qzQVhQPde8pbkQSgn6APc41LNWhMgHsxPnmYxv64NzFpck-2cAPydZJA3Fp3Bd_ScG48u-zDYd6OHsylOLwTp04yeN7z7i14BTlOAb8JqF7w99NMg174nZPVxxV_gRFvubVl3mrJrvLQlNTWUFUS3QezHNKmkoI&sai=AMfl-YS0C7B_b53o-IKtGaf5pClRoCS9BYo6UctfwAIUzt3A8IPjzWenc1Av3FmlMrX49toZQNEOzeSpujX6sm8&sig=Cg0ArKJSzPDAnOsJkm5SEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 08:32:10 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2166 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bed92c411b6f552856ed234d50c3a11afb4dd43319f04b9a78d4191c8578a85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12198
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A2D1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6rU8VcVQBIEkQlHxnZtppOeCxLDpRWitbuZJjGHhV7ixUdsAE4wvC2cr0lDV8y6ewvNy1N1-WWS79QRPX49dnhXeErZ_BH_coHW0Hr137unduB6rg-oFgCl5X-SDw4RwE6Y_LGXVheGRpn82O8_eiLKsmFyU4CNC88NbuoM3Yz2ZQNhOJhuf2IEsC5p2WL5oIOV-eWqF-l4dJ2uvJSCk46m3zLkUzwnsdy0KfpsX7Djmp2A8OzfKFAASi4dLSNgPRn2h0iiDahalfUdVFHpHu653gRbyHG0DAT2_RdcpbiOTNaHAwxfPk-dNfk35-nxTN_TjQlkZd-DZCQz7FQ2MNfvkyPAR1gVgs_ZcByjOW4ngrb2m0diFGEODX6bbWwNPkj3GDNJOfdIymhkpIcx0&sai=AMfl-YR034lDZvUeHtFcJ4kPgGQMShmL3sihxA1Y66yidjHxHSB30Pu8FSWwGoTZXsPFJzW6L5lFB95C3zzi1fw&sig=Cg0ArKJSzJ44rtpBsWzhEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 08:32:10 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A2D1 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60f2f5b378fde4736be88dca1fcfec3f921c327d7daa00e9c260e0042757377c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12401
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2166 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 08:32:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AC4D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
37110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 22:13:40 GMT
expires
Tue, 17 Dec 2024 22:13:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 50D2 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a2f35465b050e2c915064e68f48a230ecf17ccb614d1dcf9d8961250012e3bc0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oZX-E6yUpRZhHlZtlwioOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-oZX-E6yUpRZhHlZtlwioOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:10 GMT
expires
Tue, 19 Dec 2023 08:32:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame AC4D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 22:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
37109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 22:13:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A2D1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 08:32:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9044 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
37110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 22:13:40 GMT
expires
Tue, 17 Dec 2024 22:13:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C321 		829 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e5044aba406bbc6b05789d47db4ade8cf9ef316adba5cca3ce73c38edfba4c87
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3rbj9IdCS_-6uCoL6kyLKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3rbj9IdCS_-6uCoL6kyLKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:10 GMT
expires
Tue, 19 Dec 2023 08:32:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 50D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2248161989973387&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame AC4D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TYq0dA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9044 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 22:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
37109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 22:13:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C321 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1095494245638371&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
b1t-eudc1.zemanta.com/t/imp/view/Y7IRTYJWCVLZMD36F3J56K4ADRBFMU6PICGUVQF2F7AV24GR5NHLRDGQMDHYT5Y2I4K27NBGNSFY34ZXXPNEQ3ALP6D3ZL5YA2HQY6VCFKA7XNOLZBO7YDMVKDIKEYSLGYEDSTZGMA24IBAIX56NNXVTSZ6HOVWAHYFI... Frame 48C7 		26 B
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/Y7IRTYJWCVLZMD36F3J56K4ADRBFMU6PICGUVQF2F7AV24GR5NHLRDGQMDHYT5Y2I4K27NBGNSFY34ZXXPNEQ3ALP6D3ZL5YA2HQY6VCFKA7XNOLZBO7YDMVKDIKEYSLGYEDSTZGMA24IBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NECFSDO3DLK6JHJXYV7WVOY3RNLAGGE3BY4N42LXE5FSGX5ILUU6ZFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS63RQBDQ5VCIZT3ZPRL6RVRUK3CNE52KR6WTMP3GXHXQ6NZKM6NP6XH3F5HD2EF2JB5ISYBNG5BCB6SJBGEBP6MWNVT37UGAOC6QO6JTQ/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
Date
Tue, 19 Dec 2023 08:32:10 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
/
b1t-eudc1.zemanta.com/t/imp/view/Y7IRTYJWCVLZMD36F3J56K4ADRBFMU6PICGUVQF2F7AV24GR5NHLRDGQMDHYT5Y2I4K27NBGNSFY34ZXXPNEQ3ALP6D3ZL5YA2HQY6VCFKA7XNOLZBO7YDMVKDIKEYSLGYEDSTZGMA24IBAIX56NNXVTSZ6HOVWAHYFI... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/Y7IRTYJWCVLZMD36F3J56K4ADRBFMU6PICGUVQF2F7AV24GR5NHLRDGQMDHYT5Y2I4K27NBGNSFY34ZXXPNEQ3ALP6D3ZL5YA2HQY6VCFKA7XNOLZBO7YDMVKDIKEYSLGYEDSTZGMA24IBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NECFSDO3DLK6JHJXYV7WVOY3RNLAGGE3BY4N42LXE5FSGX5ILUU6ZFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS63RQBDQ5VCIZT3ZPRL6RVRUK3CNE52KR6WTMP3GXHXQ6NZKM6NP6XH3F5HD2EF2JB5ISYBNG5BCB6SJBGEBP6MWNVT37UGAOC6QO6JTQ/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD, GET, OPTIONS
Access-Control-Allow-Origin
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
Access-Control-Max-Age
600
Connection
keep-alive
Date
Tue, 19 Dec 2023 08:32:10 GMT
generate_204
tpc.googlesyndication.com/ Frame 9044 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fUVNDA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 48C7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY7Lh8eyKwazTQM-o82ocpXfJc_oE5m02O1_s8nA-LAhtGzCkDEXxAv8C1lb9PdYfAiZhLP_Q0XHMtcsBSjqTHzbOkT0uO4XMrp2UJULpxmFvnMn8k17nP&sig=Cg0ArKJSzDCb2VgIFcNdEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702974729115&rpt=317&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 610C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C22P7CGQyj4B2uxNnl11Uxs0Mav4zGdhXzYOwZEOMq7yX70Td00pAdNchocVjlZO8gLydVihR8fnxvR7eO77ohvQQeaX6I5S8LrC-MS4yBHioTcWQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 610C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 610C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 22:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 22:13:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 610C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
23871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 610C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWYp_lqqr8HfsuiwZsqswWlE5yv1qG0nCyO6_CE8UoobhACn_d0zI31lU-8nYdfgh8LTo4fYfFaYfFlus7bkzcn3jUdw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 610C 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:32:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 049E 		478 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYu5aJ-QEwAQ&v=APEucNX2W3T5ga_mGO4bJ89zzYxpHYY1ZBsqIm5ihz2eDC8lzMi_q6fJsHUe6Ewzr3jf_gxNeLf70Y5mjjX1PuSxVePTc_-rEQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 049E 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYu5aJ-QEwAQ&v=APEucNX2W3T5ga_mGO4bJ89zzYxpHYY1ZBsqIm5ihz2eDC8lzMi_q6fJsHUe6Ewzr3jf_gxNeLf70Y5mjjX1PuSxVePTc_-rEQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 049E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECy0K-pZMJSXibh9XlffN7A&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECy0K-pZMJSXibh9XlffN7A&google_cver=1&C=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECy0K-pZMJSXibh9XlffN7A&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYu5aJ-QEwAQ&v=APEucNX2W3T5ga_mGO4bJ89zzYxpHYY1ZBsqIm5ihz2eDC8lzMi_q6fJsHUe6Ewzr3jf_gxNeLf70Y5mjjX1PuSxVePTc_-rEQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZlvof290HpsMmo5XNGpfstxPy8EN%2F1ZfXiLcDZv4i%2BqjDb5rSNKab7k7pkR0oOx47AiNXVz6CVFzQQoseq1lm6z%2BJUXH7yTAB2JKImvqeL9yz0iqtQ2ubfXTe6mVP0nL1mz6M8upl8wag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
837e4b230e6824c2-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B68wqRvZZazpEYDLzP16aKZesQsbEu8m9mZeiOJu9cOE5Td91HKRS4okis1H96WQm193MNZqDAoMhq80%2FLAto7crS2Xed4js8XQf9kFZRDUj3C%2FAKXdKCBCQ7I18MKEsnn575C2G84Y3zg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESECy0K-pZMJSXibh9XlffN7A&google_cver=1&C=1
cache-control
no-cache
cf-ray
837e4b22bc38021d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 049E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYFVCmlax41NlwzYNEe-EwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECy0K-pZMJSXibh9XlffN7A&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECy0K-pZMJSXibh9XlffN7A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYu5aJ-QEwAQ&v=APEucNX2W3T5ga_mGO4bJ89zzYxpHYY1ZBsqIm5ihz2eDC8lzMi_q6fJsHUe6Ewzr3jf_gxNeLf70Y5mjjX1PuSxVePTc_-rEQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEYl5XG57TRHYsI2h1qoeUNMv9W1riCtOr16gynihUQy5AzgXvpZnQFNMMrgbjTUiMVis9saMfRbBVxJ6%2Fvo4fm3Jl9xAwPeMHHKIUe1xmcmiXyz%2FHV1Uw%2FRjAF2bJyBaivNA2TE10eyUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
837e4b235f4524c2-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECy0K-pZMJSXibh9XlffN7A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 610C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2236307195481&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 610C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2236307195481&version=m202309260101&ct=2&x=1&cor=6751888511326657000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 610C 		77 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTbLpptIGjZOXBPsHcDcwuDPiIfB5MOHvR5I5Po9IougBNW-4j5KONlGIJeyHasV9OlOB-belXdjwHKqlfyABj2OIE2JbVOmbFC21miBQ61nxLw-RHbNsDx7u_x0fGxDXpXGDHAYgwFX8RZc8YBdxP4DptiOWjJVS2Mb3T81H5BNUqFUg&cry=1&dbm_d=AKAmf-CBsvZzOloPE9AWcpsJ4kUGw4RVgn7nG8aAG6Htnitst1OMqm_m0FJ5G9YBkk_8OjsY5QqQozOpIY8SG1xkcDV_buq5DCslpDLztgEjsRMcdc5Ds3jvI-iVZmFNxSlBXOOEOerDv_QvbpjLN5CqfKlWmUqHia3I8xofi7KUUhcvYyMCFFuI4w90QFVtxC5eNWj6bURl1gW0sVRDczrrK8r0yodagpYXf6wbiTB8_MwFalvYSnOOCPtEbiRU-iiqrVkwE9Mn7vhbBVSMEL7tz9dlhqh0exeDr7kiRoRnsNMr6bE7DfkC2fS_1cEDYkZAhxjlDbjhJ0-Sa-qxLP7VukWSFh0cG5566Bj9abMzLdsdKgF82Ih4oMVC3_67YAxp6SoypT6GYKhAPTxN2Trk83YT_Q71ivsY2kNh-86whBLOLkRAtP3aABdNj0qWXs2MUycZ0FZj4sVwhFvucM1GYCUMqxPSG3mGRwwYoZFR1_nef5Q1XbvGHK3YTJ6Xa_bSntMphb81PdnqfgXURos-D-wAZ_yLnx1zfH5yo6D2SdG6JC7LJ1BVfMIC0XqmpXOff8A_W8BrnOOQOjm5ZJy22M6TCGgBdhJv2RCF1wJjKGO67Kqo1-iOm8cAS1ziYUuc9FHcuI-5niso2IlQDC18x83dKMGe3ybwLXwrN5I11qlKvNy0Htbrh7tg755uYRLQ6wGRfgCrK10iIngVM6XVAPaXPIHzrVRrFps5xj0mhdAuTdpkrRGVcf1AcNVs-E6lj2Xpbe6AXSrPY0-e7zNpswLLGXM9PBHwWvYX2zbJktBh47xMD4Aj11ENgTxF6oLoLz2p6ajqVsMuK3PovuxuNBK_1641IWJT5XMrTu-sVuKU9VIdBnNqgWoRwHEJUr6GwZ7DvUxcbVCbF5B9z_kZxdXh4yRKz1DKr8WAwcf9We-6G30Ugq_wpp7_oCVjiJ7ckZyJLEZijSu5w55U3xv3rG_kEKoEScp0qZOjBBZFtzYKTZt1XSRZGPUKv6OuCxg8CTH3X8wI9_wRKVkv0NVTPGA7ZlARJHGc9AL0C15wB9904jr3xRepW0RLadFQWXOjF1EzJ1hifyK4UC_QmnJrVe7ce_jD3cybNwQEppnKC9J1k2f-LCp_ipzpo_nn0cdfK2Ns9eQ_h7eriBYSiRBb_sDFJG9eR8_7yjaLlBuqsyoNCfYaIfnlMf3VjpIw6NkahHj-d338Vl0-rnXeGf31MuQqHQbR71EyWKbo6870z2pY9evVFUdngnZgJPKQPQ4UMR8uHQBElbP4wKIDLhd3Og6B7kSCr8XTrtONhHOsLGGjndYG5sTjSAUkMLbygemalQB66I8AZbaO14IYhdwQ6Q1daPfN1vhHCA8vzUrPPYG7QwQ3fR3pJMD_xTyMkzlF7oTUWr2_-ognzn43CU97g_hRYn_NWn747VX9GBi7TQRhdLftFm8LudNKlt789yDmQ9J7X61dmWs1hJDhZvXhtrojBgbfXmDTWTPrdTuDhbwBdUO--RJrYoKWZUAbimq7hdnR8wAqYYhYQKMxeZYMVSu6bYlVZ6VRYuKzKKpNgW4TrYdRmiwWnRuzX5lyBqZqJTiD1KQg6r0Vr4XDlVk6NOGa5oKTrv7v1wZm4oGZtivY-K_iSrxaLOTdSuhjQaT0nnSCwUdkZyxSH1zHGwtzI_bZPEgvdG35_A-HtMYHVi8a4ULdkF6uZNXQWKAyzglqIWYlIyl1Aj6SseNbd1_SoglcQcI7t_kWcZ32s_4G7pbuEYbkRQb5v8cb2QcbjcX9bt6UGMr8vHdc_hQ5OxgwMEcRjJ0nu1wRBp65g67aeTB-pJ9Ggoh7WvnZsW9Q17yHrsXuIfPfB0Xb9D_Jk7b5xgS5FFIWV9f4iptK39ihEC4VUOb79wxDutqwLJAiKnC7t69O_fKGnDkR4Q21ivTFuLaQf_lMefq0fFgeGyrcewlwEtfKi0lsf1n7432mCvnSbWA_0716n5evgomf4M-4WlWVnHqBsL-oaQHRyhm0Euj0QChvR9CY8Rwbp3kM4hJr9uvj9_YnFo70lu5ecrcmFcL53VQC5kX2Kzbf_KdxV6FC0ITt0YxV2Jn2jmCvnxm7pvGHHkjE5Yc-_2--oG2ilCSTRk48Ym0GTNLR3X9W6i8icai6RZitS2Hn8Km-Gh_g20SwJVCQYO30IZqJKbb6yn9uSBNOemwcPo5h6myyi-Z-BcSZ9bYFTu76CITUQWAuYxeNaOZWSSFcze42DdHivmEP0vO-pMm0lEVxMR1MB8Bifs-nMedbpy3m5_IFvXY6r7c7R81HsG1UrFQAEd30wtXQ_V8DlHTkOBdqbmsqOUtYgvwneulcCqZI4g4flPcM6IJOcrPZPa6DGcdQ0YPJhyyamLFbdpg02GXsI18oVhGHwZaTApxgr6DneA0ryhqbR8Cr-Dx2SCLourtWPeTwjZP8Xuqvi48S5ZZKvf6aTWOQsRKi-34-jzHTjH_iu3pbGAjEaC8_iikxHn2ndEhEozVeNdHexgpOh7FXb4Ckv6AnnZPS0hknUeCKOBPaB2F3td8dnzCxP4BBZy2ataQuJrOQxde9n6PgDhYlUYiH6LjjXCjkRezNE4g2uD-rcLru8DDgjBhYQp-PuU9O3pMQM1qWw_0zDp6oE6Fy42bGyA_YvxshnophUZsvv1mlsWwTVybQiAxn_qrlmcDg9Wk734kHJzz1Xohiz7STBqxKVoTBKV8YVT_sWxbU4rft3xNgiFT2g0PLZm-rh9aJYQJd51fdv5pNL0akh2Yze9K9ohUe-w19ZDkPzNeSuKJhNfNKmIo1OxoUbqefOi9CLmA0UJJSlYW6GN-Hl0Pk7r12ijxdPW1MIFqx1IrTaDpetqoovIDpGrmde27IEXjfuZ1poKIlg7qvoWz-Vm_2LpMEeE8sEOd1gvWqtnkepinI8LIDVHuH6m59tZVyewiDHkqbMJ5yzwOvFFE-v6whzmUjlMekmpjiMn08tC8gkVKj-vkQK5FnLDSiZ5IodBOC8SMHikXjY0iGX4_CnoAtGHtBAZASW9f-o7eDPjvcm57eeBXeD2DhIoSKarppn8IkC5hJHYNfRTKneGkcaBuLrK6jWwjpLIs2C1iO79nEqxXjMlt4G3-ZVl-vMzZZVW1VhF--PP9u7_coloFW0e12qu2gShAEoMC5DnPtBeTvzhHWzvd8AoljeAULJo2DI-wCrKUhlxHlKo2o7SsOCECMCiPl6a-dDeUl0KsJhFk90mUxkRn592ExanJwaLpuAIjo0n7J0teMjgvrv_GJa8YgUcZx_toPzWo_qRNrm1u6y1kI0t0ZyaYSUemgBeySkyD8GH7EcbcW3p7I1HpNRHWYxV3BDFfT7cW-MmdBPAeIwdNxTFfi-v5n2143RPxUaIWG8dYCo29hDOn843xpHMhubzTyW6cDbi3j1oxvdyrV-zjsGmrY9hs6g9JjKgKf77y5-LRfOcuLqnT2m-fI7B-Z7wcBaXXUA7_N1F16OgF-D2OADEvkUFwIKk7NsedcMJcOwM6OekIpHw8zeYhZ-FeU0GJkKJD08sjdEj85z_26yoy3BgJL-vx3JEyRl7xVlzRDrWBNWm9lzSKKNnzCL9bEDsq23m225B4nRM750Aw2zPn4VkG3p_BsEg2_&cid=CAQSKQAvHhf_grb4kmcs6Z2l3qQ6C5MgwaafWDCWmsgzHXrW9wjJTAXOQLFGGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=6751888511326657000&adk=497053792&idt=122&cac=0&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52934f9b81f2cb1996e70672a971456375ee720adc34167942dab2a2dd16da72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34560
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2166 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2248161989973387&bg=!09Cl0J_NAAY3kmNgF5I7ADQBe5WfOKyiUX0ChQ_OUDzpPEP_rMvpJSHSI-u9-Ha8v5oxOIdsnotey-En9Ng6aHg8z6lsAgAAADhSAAAAAmgBBwoAUGcoa1qMVRMCBupFnjpW2q4gGab6RG7I76irCPEgTf2IkyBVbhZvhJOo1x2yywYycdr-gORCh1Hxm3qQto6vCmsgl-a7f0cI0dOmSalPf2MSmQMJrUxwUzwE_QYWjopJZDB-A25hoLgG8HOshZ-ZpKlLmjDeCHh_5gwYX1DqzpJWuLE_co2rfpKOSzKccXSCmJNuPDlFzrI21CBQTKk93i7RPKCH1jBsrVSe1nPXRMzIisDD8vjXD1p6f8CS4TAcbg-sdeMT4cI1cDK1d5j7xha0jbtXbacATCgx3mB_L659BQmGiDIgY0JGI-fZT_uzMrWzHisCfc-St4mEgdGYTynu1UZBTeJ997ouChmmbuSJvV89zD5FNynozaQ9mdqgaXJdj395XKq1Q1Z05AW3DoOLn4ezPw8D-yW6rSEh4WHWnTxhK4i__m3AaH7nMzdo0_XCQFeIWPQSMBBtWDzP7ca4giniQRL0LibL7vBhsE0pb9MLn3p_25YOramnTgQcehyk9RJ0xW71Tn8T_97zrOIQBZn7FFtwI2PE2LzgmnyjIK0p2QomTYHWyJgDW0wjh6CAWM8ldQlAeusZquMyXXXP6TasWUTK-BLyHTpNpcF5n7YWqAX8eNEHJceqn_V5HxxZzOYCiEadr1FiEZYRKCxa4nyzxObziZjjdWXcVVXdthIG93fZAPHmHpPZkTNjYFfmj7OqnRiWlmWHqdfsqTCCyLGNwBz4-SrWrcqQOCtuDXyMXa38KvfVWZBXNYWRn31nQRSVuz40NtInweD9lev7NyyFHu6pg10ghOzHVj6dXIrnO86UOz9wUDRIg2seUROJAFVYFnnVvcwMRqzbJ3YL1I-TKoG_e0sjEjdrMCkz5EetgkbO8jVGp92iQ3d7EyJz_aGjvE92Dz5GBAnXltCjfpHaTSf1u4pFt6huGzJFLzoRSOrt_7Azm-w6tLagbAhexx2nC8B5wVm7qLEcwLnj1vHg_1eW8yh_peRdH84ei-KppfIxYywfzeQ7p-orraIHYpCLY0Y_tYO1zbiOtJ2FWWSZFPCKIzDVS4biPJkKAnoaPRkSX2lTgZ9MNIVCIO9AvVSukmvkHLqhftx3SjXZHa8h3O2i18jkmyjy6TYkIuBjG3aBR8Cup-7i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 610C 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTbLpptIGjZOXBPsHcDcwuDPiIfB5MOHvR5I5Po9IougBNW-4j5KONlGIJeyHasV9OlOB-belXdjwHKqlfyABj2OIE2JbVOmbFC21miBQ61nxLw-RHbNsDx7u_x0fGxDXpXGDHAYgwFX8RZc8YBdxP4DptiOWjJVS2Mb3T81H5BNUqFUg&cry=1&dbm_d=AKAmf-CBsvZzOloPE9AWcpsJ4kUGw4RVgn7nG8aAG6Htnitst1OMqm_m0FJ5G9YBkk_8OjsY5QqQozOpIY8SG1xkcDV_buq5DCslpDLztgEjsRMcdc5Ds3jvI-iVZmFNxSlBXOOEOerDv_QvbpjLN5CqfKlWmUqHia3I8xofi7KUUhcvYyMCFFuI4w90QFVtxC5eNWj6bURl1gW0sVRDczrrK8r0yodagpYXf6wbiTB8_MwFalvYSnOOCPtEbiRU-iiqrVkwE9Mn7vhbBVSMEL7tz9dlhqh0exeDr7kiRoRnsNMr6bE7DfkC2fS_1cEDYkZAhxjlDbjhJ0-Sa-qxLP7VukWSFh0cG5566Bj9abMzLdsdKgF82Ih4oMVC3_67YAxp6SoypT6GYKhAPTxN2Trk83YT_Q71ivsY2kNh-86whBLOLkRAtP3aABdNj0qWXs2MUycZ0FZj4sVwhFvucM1GYCUMqxPSG3mGRwwYoZFR1_nef5Q1XbvGHK3YTJ6Xa_bSntMphb81PdnqfgXURos-D-wAZ_yLnx1zfH5yo6D2SdG6JC7LJ1BVfMIC0XqmpXOff8A_W8BrnOOQOjm5ZJy22M6TCGgBdhJv2RCF1wJjKGO67Kqo1-iOm8cAS1ziYUuc9FHcuI-5niso2IlQDC18x83dKMGe3ybwLXwrN5I11qlKvNy0Htbrh7tg755uYRLQ6wGRfgCrK10iIngVM6XVAPaXPIHzrVRrFps5xj0mhdAuTdpkrRGVcf1AcNVs-E6lj2Xpbe6AXSrPY0-e7zNpswLLGXM9PBHwWvYX2zbJktBh47xMD4Aj11ENgTxF6oLoLz2p6ajqVsMuK3PovuxuNBK_1641IWJT5XMrTu-sVuKU9VIdBnNqgWoRwHEJUr6GwZ7DvUxcbVCbF5B9z_kZxdXh4yRKz1DKr8WAwcf9We-6G30Ugq_wpp7_oCVjiJ7ckZyJLEZijSu5w55U3xv3rG_kEKoEScp0qZOjBBZFtzYKTZt1XSRZGPUKv6OuCxg8CTH3X8wI9_wRKVkv0NVTPGA7ZlARJHGc9AL0C15wB9904jr3xRepW0RLadFQWXOjF1EzJ1hifyK4UC_QmnJrVe7ce_jD3cybNwQEppnKC9J1k2f-LCp_ipzpo_nn0cdfK2Ns9eQ_h7eriBYSiRBb_sDFJG9eR8_7yjaLlBuqsyoNCfYaIfnlMf3VjpIw6NkahHj-d338Vl0-rnXeGf31MuQqHQbR71EyWKbo6870z2pY9evVFUdngnZgJPKQPQ4UMR8uHQBElbP4wKIDLhd3Og6B7kSCr8XTrtONhHOsLGGjndYG5sTjSAUkMLbygemalQB66I8AZbaO14IYhdwQ6Q1daPfN1vhHCA8vzUrPPYG7QwQ3fR3pJMD_xTyMkzlF7oTUWr2_-ognzn43CU97g_hRYn_NWn747VX9GBi7TQRhdLftFm8LudNKlt789yDmQ9J7X61dmWs1hJDhZvXhtrojBgbfXmDTWTPrdTuDhbwBdUO--RJrYoKWZUAbimq7hdnR8wAqYYhYQKMxeZYMVSu6bYlVZ6VRYuKzKKpNgW4TrYdRmiwWnRuzX5lyBqZqJTiD1KQg6r0Vr4XDlVk6NOGa5oKTrv7v1wZm4oGZtivY-K_iSrxaLOTdSuhjQaT0nnSCwUdkZyxSH1zHGwtzI_bZPEgvdG35_A-HtMYHVi8a4ULdkF6uZNXQWKAyzglqIWYlIyl1Aj6SseNbd1_SoglcQcI7t_kWcZ32s_4G7pbuEYbkRQb5v8cb2QcbjcX9bt6UGMr8vHdc_hQ5OxgwMEcRjJ0nu1wRBp65g67aeTB-pJ9Ggoh7WvnZsW9Q17yHrsXuIfPfB0Xb9D_Jk7b5xgS5FFIWV9f4iptK39ihEC4VUOb79wxDutqwLJAiKnC7t69O_fKGnDkR4Q21ivTFuLaQf_lMefq0fFgeGyrcewlwEtfKi0lsf1n7432mCvnSbWA_0716n5evgomf4M-4WlWVnHqBsL-oaQHRyhm0Euj0QChvR9CY8Rwbp3kM4hJr9uvj9_YnFo70lu5ecrcmFcL53VQC5kX2Kzbf_KdxV6FC0ITt0YxV2Jn2jmCvnxm7pvGHHkjE5Yc-_2--oG2ilCSTRk48Ym0GTNLR3X9W6i8icai6RZitS2Hn8Km-Gh_g20SwJVCQYO30IZqJKbb6yn9uSBNOemwcPo5h6myyi-Z-BcSZ9bYFTu76CITUQWAuYxeNaOZWSSFcze42DdHivmEP0vO-pMm0lEVxMR1MB8Bifs-nMedbpy3m5_IFvXY6r7c7R81HsG1UrFQAEd30wtXQ_V8DlHTkOBdqbmsqOUtYgvwneulcCqZI4g4flPcM6IJOcrPZPa6DGcdQ0YPJhyyamLFbdpg02GXsI18oVhGHwZaTApxgr6DneA0ryhqbR8Cr-Dx2SCLourtWPeTwjZP8Xuqvi48S5ZZKvf6aTWOQsRKi-34-jzHTjH_iu3pbGAjEaC8_iikxHn2ndEhEozVeNdHexgpOh7FXb4Ckv6AnnZPS0hknUeCKOBPaB2F3td8dnzCxP4BBZy2ataQuJrOQxde9n6PgDhYlUYiH6LjjXCjkRezNE4g2uD-rcLru8DDgjBhYQp-PuU9O3pMQM1qWw_0zDp6oE6Fy42bGyA_YvxshnophUZsvv1mlsWwTVybQiAxn_qrlmcDg9Wk734kHJzz1Xohiz7STBqxKVoTBKV8YVT_sWxbU4rft3xNgiFT2g0PLZm-rh9aJYQJd51fdv5pNL0akh2Yze9K9ohUe-w19ZDkPzNeSuKJhNfNKmIo1OxoUbqefOi9CLmA0UJJSlYW6GN-Hl0Pk7r12ijxdPW1MIFqx1IrTaDpetqoovIDpGrmde27IEXjfuZ1poKIlg7qvoWz-Vm_2LpMEeE8sEOd1gvWqtnkepinI8LIDVHuH6m59tZVyewiDHkqbMJ5yzwOvFFE-v6whzmUjlMekmpjiMn08tC8gkVKj-vkQK5FnLDSiZ5IodBOC8SMHikXjY0iGX4_CnoAtGHtBAZASW9f-o7eDPjvcm57eeBXeD2DhIoSKarppn8IkC5hJHYNfRTKneGkcaBuLrK6jWwjpLIs2C1iO79nEqxXjMlt4G3-ZVl-vMzZZVW1VhF--PP9u7_coloFW0e12qu2gShAEoMC5DnPtBeTvzhHWzvd8AoljeAULJo2DI-wCrKUhlxHlKo2o7SsOCECMCiPl6a-dDeUl0KsJhFk90mUxkRn592ExanJwaLpuAIjo0n7J0teMjgvrv_GJa8YgUcZx_toPzWo_qRNrm1u6y1kI0t0ZyaYSUemgBeySkyD8GH7EcbcW3p7I1HpNRHWYxV3BDFfT7cW-MmdBPAeIwdNxTFfi-v5n2143RPxUaIWG8dYCo29hDOn843xpHMhubzTyW6cDbi3j1oxvdyrV-zjsGmrY9hs6g9JjKgKf77y5-LRfOcuLqnT2m-fI7B-Z7wcBaXXUA7_N1F16OgF-D2OADEvkUFwIKk7NsedcMJcOwM6OekIpHw8zeYhZ-FeU0GJkKJD08sjdEj85z_26yoy3BgJL-vx3JEyRl7xVlzRDrWBNWm9lzSKKNnzCL9bEDsq23m225B4nRM750Aw2zPn4VkG3p_BsEg2_&cid=CAQSKQAvHhf_grb4kmcs6Z2l3qQ6C5MgwaafWDCWmsgzHXrW9wjJTAXOQLFGGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=6751888511326657000&adk=497053792&idt=122&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 20:42:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
42583
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 20:42:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 610C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTbLpptIGjZOXBPsHcDcwuDPiIfB5MOHvR5I5Po9IougBNW-4j5KONlGIJeyHasV9OlOB-belXdjwHKqlfyABj2OIE2JbVOmbFC21miBQ61nxLw-RHbNsDx7u_x0fGxDXpXGDHAYgwFX8RZc8YBdxP4DptiOWjJVS2Mb3T81H5BNUqFUg&cry=1&dbm_d=AKAmf-CBsvZzOloPE9AWcpsJ4kUGw4RVgn7nG8aAG6Htnitst1OMqm_m0FJ5G9YBkk_8OjsY5QqQozOpIY8SG1xkcDV_buq5DCslpDLztgEjsRMcdc5Ds3jvI-iVZmFNxSlBXOOEOerDv_QvbpjLN5CqfKlWmUqHia3I8xofi7KUUhcvYyMCFFuI4w90QFVtxC5eNWj6bURl1gW0sVRDczrrK8r0yodagpYXf6wbiTB8_MwFalvYSnOOCPtEbiRU-iiqrVkwE9Mn7vhbBVSMEL7tz9dlhqh0exeDr7kiRoRnsNMr6bE7DfkC2fS_1cEDYkZAhxjlDbjhJ0-Sa-qxLP7VukWSFh0cG5566Bj9abMzLdsdKgF82Ih4oMVC3_67YAxp6SoypT6GYKhAPTxN2Trk83YT_Q71ivsY2kNh-86whBLOLkRAtP3aABdNj0qWXs2MUycZ0FZj4sVwhFvucM1GYCUMqxPSG3mGRwwYoZFR1_nef5Q1XbvGHK3YTJ6Xa_bSntMphb81PdnqfgXURos-D-wAZ_yLnx1zfH5yo6D2SdG6JC7LJ1BVfMIC0XqmpXOff8A_W8BrnOOQOjm5ZJy22M6TCGgBdhJv2RCF1wJjKGO67Kqo1-iOm8cAS1ziYUuc9FHcuI-5niso2IlQDC18x83dKMGe3ybwLXwrN5I11qlKvNy0Htbrh7tg755uYRLQ6wGRfgCrK10iIngVM6XVAPaXPIHzrVRrFps5xj0mhdAuTdpkrRGVcf1AcNVs-E6lj2Xpbe6AXSrPY0-e7zNpswLLGXM9PBHwWvYX2zbJktBh47xMD4Aj11ENgTxF6oLoLz2p6ajqVsMuK3PovuxuNBK_1641IWJT5XMrTu-sVuKU9VIdBnNqgWoRwHEJUr6GwZ7DvUxcbVCbF5B9z_kZxdXh4yRKz1DKr8WAwcf9We-6G30Ugq_wpp7_oCVjiJ7ckZyJLEZijSu5w55U3xv3rG_kEKoEScp0qZOjBBZFtzYKTZt1XSRZGPUKv6OuCxg8CTH3X8wI9_wRKVkv0NVTPGA7ZlARJHGc9AL0C15wB9904jr3xRepW0RLadFQWXOjF1EzJ1hifyK4UC_QmnJrVe7ce_jD3cybNwQEppnKC9J1k2f-LCp_ipzpo_nn0cdfK2Ns9eQ_h7eriBYSiRBb_sDFJG9eR8_7yjaLlBuqsyoNCfYaIfnlMf3VjpIw6NkahHj-d338Vl0-rnXeGf31MuQqHQbR71EyWKbo6870z2pY9evVFUdngnZgJPKQPQ4UMR8uHQBElbP4wKIDLhd3Og6B7kSCr8XTrtONhHOsLGGjndYG5sTjSAUkMLbygemalQB66I8AZbaO14IYhdwQ6Q1daPfN1vhHCA8vzUrPPYG7QwQ3fR3pJMD_xTyMkzlF7oTUWr2_-ognzn43CU97g_hRYn_NWn747VX9GBi7TQRhdLftFm8LudNKlt789yDmQ9J7X61dmWs1hJDhZvXhtrojBgbfXmDTWTPrdTuDhbwBdUO--RJrYoKWZUAbimq7hdnR8wAqYYhYQKMxeZYMVSu6bYlVZ6VRYuKzKKpNgW4TrYdRmiwWnRuzX5lyBqZqJTiD1KQg6r0Vr4XDlVk6NOGa5oKTrv7v1wZm4oGZtivY-K_iSrxaLOTdSuhjQaT0nnSCwUdkZyxSH1zHGwtzI_bZPEgvdG35_A-HtMYHVi8a4ULdkF6uZNXQWKAyzglqIWYlIyl1Aj6SseNbd1_SoglcQcI7t_kWcZ32s_4G7pbuEYbkRQb5v8cb2QcbjcX9bt6UGMr8vHdc_hQ5OxgwMEcRjJ0nu1wRBp65g67aeTB-pJ9Ggoh7WvnZsW9Q17yHrsXuIfPfB0Xb9D_Jk7b5xgS5FFIWV9f4iptK39ihEC4VUOb79wxDutqwLJAiKnC7t69O_fKGnDkR4Q21ivTFuLaQf_lMefq0fFgeGyrcewlwEtfKi0lsf1n7432mCvnSbWA_0716n5evgomf4M-4WlWVnHqBsL-oaQHRyhm0Euj0QChvR9CY8Rwbp3kM4hJr9uvj9_YnFo70lu5ecrcmFcL53VQC5kX2Kzbf_KdxV6FC0ITt0YxV2Jn2jmCvnxm7pvGHHkjE5Yc-_2--oG2ilCSTRk48Ym0GTNLR3X9W6i8icai6RZitS2Hn8Km-Gh_g20SwJVCQYO30IZqJKbb6yn9uSBNOemwcPo5h6myyi-Z-BcSZ9bYFTu76CITUQWAuYxeNaOZWSSFcze42DdHivmEP0vO-pMm0lEVxMR1MB8Bifs-nMedbpy3m5_IFvXY6r7c7R81HsG1UrFQAEd30wtXQ_V8DlHTkOBdqbmsqOUtYgvwneulcCqZI4g4flPcM6IJOcrPZPa6DGcdQ0YPJhyyamLFbdpg02GXsI18oVhGHwZaTApxgr6DneA0ryhqbR8Cr-Dx2SCLourtWPeTwjZP8Xuqvi48S5ZZKvf6aTWOQsRKi-34-jzHTjH_iu3pbGAjEaC8_iikxHn2ndEhEozVeNdHexgpOh7FXb4Ckv6AnnZPS0hknUeCKOBPaB2F3td8dnzCxP4BBZy2ataQuJrOQxde9n6PgDhYlUYiH6LjjXCjkRezNE4g2uD-rcLru8DDgjBhYQp-PuU9O3pMQM1qWw_0zDp6oE6Fy42bGyA_YvxshnophUZsvv1mlsWwTVybQiAxn_qrlmcDg9Wk734kHJzz1Xohiz7STBqxKVoTBKV8YVT_sWxbU4rft3xNgiFT2g0PLZm-rh9aJYQJd51fdv5pNL0akh2Yze9K9ohUe-w19ZDkPzNeSuKJhNfNKmIo1OxoUbqefOi9CLmA0UJJSlYW6GN-Hl0Pk7r12ijxdPW1MIFqx1IrTaDpetqoovIDpGrmde27IEXjfuZ1poKIlg7qvoWz-Vm_2LpMEeE8sEOd1gvWqtnkepinI8LIDVHuH6m59tZVyewiDHkqbMJ5yzwOvFFE-v6whzmUjlMekmpjiMn08tC8gkVKj-vkQK5FnLDSiZ5IodBOC8SMHikXjY0iGX4_CnoAtGHtBAZASW9f-o7eDPjvcm57eeBXeD2DhIoSKarppn8IkC5hJHYNfRTKneGkcaBuLrK6jWwjpLIs2C1iO79nEqxXjMlt4G3-ZVl-vMzZZVW1VhF--PP9u7_coloFW0e12qu2gShAEoMC5DnPtBeTvzhHWzvd8AoljeAULJo2DI-wCrKUhlxHlKo2o7SsOCECMCiPl6a-dDeUl0KsJhFk90mUxkRn592ExanJwaLpuAIjo0n7J0teMjgvrv_GJa8YgUcZx_toPzWo_qRNrm1u6y1kI0t0ZyaYSUemgBeySkyD8GH7EcbcW3p7I1HpNRHWYxV3BDFfT7cW-MmdBPAeIwdNxTFfi-v5n2143RPxUaIWG8dYCo29hDOn843xpHMhubzTyW6cDbi3j1oxvdyrV-zjsGmrY9hs6g9JjKgKf77y5-LRfOcuLqnT2m-fI7B-Z7wcBaXXUA7_N1F16OgF-D2OADEvkUFwIKk7NsedcMJcOwM6OekIpHw8zeYhZ-FeU0GJkKJD08sjdEj85z_26yoy3BgJL-vx3JEyRl7xVlzRDrWBNWm9lzSKKNnzCL9bEDsq23m225B4nRM750Aw2zPn4VkG3p_BsEg2_&cid=CAQSKQAvHhf_grb4kmcs6Z2l3qQ6C5MgwaafWDCWmsgzHXrW9wjJTAXOQLFGGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=6751888511326657000&adk=497053792&idt=122&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
23652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 01:57:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 610C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNZiKuJINiwiq8w618H6SYQiDQ4nbO4dppKmD9emLCpYrDbvzDxsmMP6RPGPQRoZBBIgoYbvrfpxG_a67doqLRN5HIDvgc0k20UBIy_lasua_UI7k_9ADtItw94FrC3uPzvDhAeECiGDu4Odpd6tqsTtnF83-l3IHPVg_NSmi_X5jnO0v1ZFdRGkiEpVn1UWdVl91f5VxzkdISV4-3dUviV8pNSrphMhk_L7IH3XHo9PQnSZC647uquEzlk-djC9F3Dk8hcIN7A4x3GWotx9NJ28kzcusNiVSNKiPJjsf7-cLE3xw2NRyDjedruFbq5kRBXlouePW76vxKwOzFXbpq85TEi2bdB3WPOhfttB_lnhMPWHApkoT7wZphpk4i3CRJZdXucPjiTW3_IT_1kVb_qEJvucm3NSD9GjkPpOtGS267RSa5cYCjRqgsdQ4AFb2KhAi8Vg83mH8vgDX2mNJucuzJRicNMCkxv9VGrzSBl0oRL-gXwiLrbtNLJU77dVefqlMkw8KtbA0DmqpAIl7dNo6Z90GDLtnRAGjFQC5hywz84aPfkDAps7mBjqn_XfOG2g4IPo09vNYBawFfiOKz3hhcHjGAdq9_NyMWaVklXSzQMAb_GMgAkf6EKUtAwLwfFe8_kpLUsZgMmmqjaVYQrgTeBeCSoUQG8EoKxny3lQPiGZE8wH120izX89Wd1VLKEeoK__tXKdUIvDlQgYDmmQqdTmm6aC42NHk2G_p6vJKSS18TCzoPL-i4IRwYGlUIVXKOJgjH8SbnOB5WcO1DlXgPzwvESLyKLHRKtS2w21kJ9jbKj3Xtf4BAGEDsCn2oRjfbldLz1-nxcYR0DSQWIdePdn_ER9NEOkP03zONOXqxXjE1hYR9O-53MHTH8xl28yeOCJUK4U-h_yBgm3Hu7uvH_DdUibVBsTA8L837LSdrz24QbB3QXEbOaVVi3wQXhIX8zCW1R1OWw_V87xxFuvGHFyNwbEKXjdEXMwLs0yXmA0Ms-DE_ypDp_xKx58AKsJYXM5DVPD6ZXTPaMSD53izmlKhFxe5VGkYp84aXrbBtsGOtbCgZqEK37_CvDlzcaLIVRExJMVkx2N4lW37eSBaxcrak_sfLqj5pJZjh7RLncj4vt3y5aRnUzm8QudYBwy1YYLduy9mOwIWyMDCw8UZVF3SbKX36n15tuJC1kqGMYWqpsGAGR7D2zO_TlRyr7ayTvS9vKVeYToLXTyOGES-Qy_Rx_6m6kjtsdbMXL2af1krMpCHW0vWb6YE5JMlYGzLTvmla0FtaOAU6DXPwJw_-5n5-BLrHAAtgk7VVrWJJroby6bCOYr_nk2hyVubX&sai=AMfl-YSLiy6-WBlFfavPQHB4uyv0Zd2n09Vqu9fcaVjRHJrfbBUXSEf1Jr8oYd7QvW8YJTs8Q4KXbWkIamjtx5haAB92gskWbY3egdpGDllnoxwsN_ujpZPh7jHUGmdkE_b4m9eyFdgWaaoTVBhWSv-sqwLlg2DxRJ7gzjcc8-2NORS_c1z8TeTA-JwaQXCdMIcflyYrjfnocZ3O&sig=Cg0ArKJSzDZwRI0p27zXEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231207.19763&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTbLpptIGjZOXBPsHcDcwuDPiIfB5MOHvR5I5Po9IougBNW-4j5KONlGIJeyHasV9OlOB-belXdjwHKqlfyABj2OIE2JbVOmbFC21miBQ61nxLw-RHbNsDx7u_x0fGxDXpXGDHAYgwFX8RZc8YBdxP4DptiOWjJVS2Mb3T81H5BNUqFUg&cry=1&dbm_d=AKAmf-CBsvZzOloPE9AWcpsJ4kUGw4RVgn7nG8aAG6Htnitst1OMqm_m0FJ5G9YBkk_8OjsY5QqQozOpIY8SG1xkcDV_buq5DCslpDLztgEjsRMcdc5Ds3jvI-iVZmFNxSlBXOOEOerDv_QvbpjLN5CqfKlWmUqHia3I8xofi7KUUhcvYyMCFFuI4w90QFVtxC5eNWj6bURl1gW0sVRDczrrK8r0yodagpYXf6wbiTB8_MwFalvYSnOOCPtEbiRU-iiqrVkwE9Mn7vhbBVSMEL7tz9dlhqh0exeDr7kiRoRnsNMr6bE7DfkC2fS_1cEDYkZAhxjlDbjhJ0-Sa-qxLP7VukWSFh0cG5566Bj9abMzLdsdKgF82Ih4oMVC3_67YAxp6SoypT6GYKhAPTxN2Trk83YT_Q71ivsY2kNh-86whBLOLkRAtP3aABdNj0qWXs2MUycZ0FZj4sVwhFvucM1GYCUMqxPSG3mGRwwYoZFR1_nef5Q1XbvGHK3YTJ6Xa_bSntMphb81PdnqfgXURos-D-wAZ_yLnx1zfH5yo6D2SdG6JC7LJ1BVfMIC0XqmpXOff8A_W8BrnOOQOjm5ZJy22M6TCGgBdhJv2RCF1wJjKGO67Kqo1-iOm8cAS1ziYUuc9FHcuI-5niso2IlQDC18x83dKMGe3ybwLXwrN5I11qlKvNy0Htbrh7tg755uYRLQ6wGRfgCrK10iIngVM6XVAPaXPIHzrVRrFps5xj0mhdAuTdpkrRGVcf1AcNVs-E6lj2Xpbe6AXSrPY0-e7zNpswLLGXM9PBHwWvYX2zbJktBh47xMD4Aj11ENgTxF6oLoLz2p6ajqVsMuK3PovuxuNBK_1641IWJT5XMrTu-sVuKU9VIdBnNqgWoRwHEJUr6GwZ7DvUxcbVCbF5B9z_kZxdXh4yRKz1DKr8WAwcf9We-6G30Ugq_wpp7_oCVjiJ7ckZyJLEZijSu5w55U3xv3rG_kEKoEScp0qZOjBBZFtzYKTZt1XSRZGPUKv6OuCxg8CTH3X8wI9_wRKVkv0NVTPGA7ZlARJHGc9AL0C15wB9904jr3xRepW0RLadFQWXOjF1EzJ1hifyK4UC_QmnJrVe7ce_jD3cybNwQEppnKC9J1k2f-LCp_ipzpo_nn0cdfK2Ns9eQ_h7eriBYSiRBb_sDFJG9eR8_7yjaLlBuqsyoNCfYaIfnlMf3VjpIw6NkahHj-d338Vl0-rnXeGf31MuQqHQbR71EyWKbo6870z2pY9evVFUdngnZgJPKQPQ4UMR8uHQBElbP4wKIDLhd3Og6B7kSCr8XTrtONhHOsLGGjndYG5sTjSAUkMLbygemalQB66I8AZbaO14IYhdwQ6Q1daPfN1vhHCA8vzUrPPYG7QwQ3fR3pJMD_xTyMkzlF7oTUWr2_-ognzn43CU97g_hRYn_NWn747VX9GBi7TQRhdLftFm8LudNKlt789yDmQ9J7X61dmWs1hJDhZvXhtrojBgbfXmDTWTPrdTuDhbwBdUO--RJrYoKWZUAbimq7hdnR8wAqYYhYQKMxeZYMVSu6bYlVZ6VRYuKzKKpNgW4TrYdRmiwWnRuzX5lyBqZqJTiD1KQg6r0Vr4XDlVk6NOGa5oKTrv7v1wZm4oGZtivY-K_iSrxaLOTdSuhjQaT0nnSCwUdkZyxSH1zHGwtzI_bZPEgvdG35_A-HtMYHVi8a4ULdkF6uZNXQWKAyzglqIWYlIyl1Aj6SseNbd1_SoglcQcI7t_kWcZ32s_4G7pbuEYbkRQb5v8cb2QcbjcX9bt6UGMr8vHdc_hQ5OxgwMEcRjJ0nu1wRBp65g67aeTB-pJ9Ggoh7WvnZsW9Q17yHrsXuIfPfB0Xb9D_Jk7b5xgS5FFIWV9f4iptK39ihEC4VUOb79wxDutqwLJAiKnC7t69O_fKGnDkR4Q21ivTFuLaQf_lMefq0fFgeGyrcewlwEtfKi0lsf1n7432mCvnSbWA_0716n5evgomf4M-4WlWVnHqBsL-oaQHRyhm0Euj0QChvR9CY8Rwbp3kM4hJr9uvj9_YnFo70lu5ecrcmFcL53VQC5kX2Kzbf_KdxV6FC0ITt0YxV2Jn2jmCvnxm7pvGHHkjE5Yc-_2--oG2ilCSTRk48Ym0GTNLR3X9W6i8icai6RZitS2Hn8Km-Gh_g20SwJVCQYO30IZqJKbb6yn9uSBNOemwcPo5h6myyi-Z-BcSZ9bYFTu76CITUQWAuYxeNaOZWSSFcze42DdHivmEP0vO-pMm0lEVxMR1MB8Bifs-nMedbpy3m5_IFvXY6r7c7R81HsG1UrFQAEd30wtXQ_V8DlHTkOBdqbmsqOUtYgvwneulcCqZI4g4flPcM6IJOcrPZPa6DGcdQ0YPJhyyamLFbdpg02GXsI18oVhGHwZaTApxgr6DneA0ryhqbR8Cr-Dx2SCLourtWPeTwjZP8Xuqvi48S5ZZKvf6aTWOQsRKi-34-jzHTjH_iu3pbGAjEaC8_iikxHn2ndEhEozVeNdHexgpOh7FXb4Ckv6AnnZPS0hknUeCKOBPaB2F3td8dnzCxP4BBZy2ataQuJrOQxde9n6PgDhYlUYiH6LjjXCjkRezNE4g2uD-rcLru8DDgjBhYQp-PuU9O3pMQM1qWw_0zDp6oE6Fy42bGyA_YvxshnophUZsvv1mlsWwTVybQiAxn_qrlmcDg9Wk734kHJzz1Xohiz7STBqxKVoTBKV8YVT_sWxbU4rft3xNgiFT2g0PLZm-rh9aJYQJd51fdv5pNL0akh2Yze9K9ohUe-w19ZDkPzNeSuKJhNfNKmIo1OxoUbqefOi9CLmA0UJJSlYW6GN-Hl0Pk7r12ijxdPW1MIFqx1IrTaDpetqoovIDpGrmde27IEXjfuZ1poKIlg7qvoWz-Vm_2LpMEeE8sEOd1gvWqtnkepinI8LIDVHuH6m59tZVyewiDHkqbMJ5yzwOvFFE-v6whzmUjlMekmpjiMn08tC8gkVKj-vkQK5FnLDSiZ5IodBOC8SMHikXjY0iGX4_CnoAtGHtBAZASW9f-o7eDPjvcm57eeBXeD2DhIoSKarppn8IkC5hJHYNfRTKneGkcaBuLrK6jWwjpLIs2C1iO79nEqxXjMlt4G3-ZVl-vMzZZVW1VhF--PP9u7_coloFW0e12qu2gShAEoMC5DnPtBeTvzhHWzvd8AoljeAULJo2DI-wCrKUhlxHlKo2o7SsOCECMCiPl6a-dDeUl0KsJhFk90mUxkRn592ExanJwaLpuAIjo0n7J0teMjgvrv_GJa8YgUcZx_toPzWo_qRNrm1u6y1kI0t0ZyaYSUemgBeySkyD8GH7EcbcW3p7I1HpNRHWYxV3BDFfT7cW-MmdBPAeIwdNxTFfi-v5n2143RPxUaIWG8dYCo29hDOn843xpHMhubzTyW6cDbi3j1oxvdyrV-zjsGmrY9hs6g9JjKgKf77y5-LRfOcuLqnT2m-fI7B-Z7wcBaXXUA7_N1F16OgF-D2OADEvkUFwIKk7NsedcMJcOwM6OekIpHw8zeYhZ-FeU0GJkKJD08sjdEj85z_26yoy3BgJL-vx3JEyRl7xVlzRDrWBNWm9lzSKKNnzCL9bEDsq23m225B4nRM750Aw2zPn4VkG3p_BsEg2_&cid=CAQSKQAvHhf_grb4kmcs6Z2l3qQ6C5MgwaafWDCWmsgzHXrW9wjJTAXOQLFGGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=6751888511326657000&adk=497053792&idt=122&cac=0&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 19 Dec 2023 08:32:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 610C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTbLpptIGjZOXBPsHcDcwuDPiIfB5MOHvR5I5Po9IougBNW-4j5KONlGIJeyHasV9OlOB-belXdjwHKqlfyABj2OIE2JbVOmbFC21miBQ61nxLw-RHbNsDx7u_x0fGxDXpXGDHAYgwFX8RZc8YBdxP4DptiOWjJVS2Mb3T81H5BNUqFUg&cry=1&dbm_d=AKAmf-CBsvZzOloPE9AWcpsJ4kUGw4RVgn7nG8aAG6Htnitst1OMqm_m0FJ5G9YBkk_8OjsY5QqQozOpIY8SG1xkcDV_buq5DCslpDLztgEjsRMcdc5Ds3jvI-iVZmFNxSlBXOOEOerDv_QvbpjLN5CqfKlWmUqHia3I8xofi7KUUhcvYyMCFFuI4w90QFVtxC5eNWj6bURl1gW0sVRDczrrK8r0yodagpYXf6wbiTB8_MwFalvYSnOOCPtEbiRU-iiqrVkwE9Mn7vhbBVSMEL7tz9dlhqh0exeDr7kiRoRnsNMr6bE7DfkC2fS_1cEDYkZAhxjlDbjhJ0-Sa-qxLP7VukWSFh0cG5566Bj9abMzLdsdKgF82Ih4oMVC3_67YAxp6SoypT6GYKhAPTxN2Trk83YT_Q71ivsY2kNh-86whBLOLkRAtP3aABdNj0qWXs2MUycZ0FZj4sVwhFvucM1GYCUMqxPSG3mGRwwYoZFR1_nef5Q1XbvGHK3YTJ6Xa_bSntMphb81PdnqfgXURos-D-wAZ_yLnx1zfH5yo6D2SdG6JC7LJ1BVfMIC0XqmpXOff8A_W8BrnOOQOjm5ZJy22M6TCGgBdhJv2RCF1wJjKGO67Kqo1-iOm8cAS1ziYUuc9FHcuI-5niso2IlQDC18x83dKMGe3ybwLXwrN5I11qlKvNy0Htbrh7tg755uYRLQ6wGRfgCrK10iIngVM6XVAPaXPIHzrVRrFps5xj0mhdAuTdpkrRGVcf1AcNVs-E6lj2Xpbe6AXSrPY0-e7zNpswLLGXM9PBHwWvYX2zbJktBh47xMD4Aj11ENgTxF6oLoLz2p6ajqVsMuK3PovuxuNBK_1641IWJT5XMrTu-sVuKU9VIdBnNqgWoRwHEJUr6GwZ7DvUxcbVCbF5B9z_kZxdXh4yRKz1DKr8WAwcf9We-6G30Ugq_wpp7_oCVjiJ7ckZyJLEZijSu5w55U3xv3rG_kEKoEScp0qZOjBBZFtzYKTZt1XSRZGPUKv6OuCxg8CTH3X8wI9_wRKVkv0NVTPGA7ZlARJHGc9AL0C15wB9904jr3xRepW0RLadFQWXOjF1EzJ1hifyK4UC_QmnJrVe7ce_jD3cybNwQEppnKC9J1k2f-LCp_ipzpo_nn0cdfK2Ns9eQ_h7eriBYSiRBb_sDFJG9eR8_7yjaLlBuqsyoNCfYaIfnlMf3VjpIw6NkahHj-d338Vl0-rnXeGf31MuQqHQbR71EyWKbo6870z2pY9evVFUdngnZgJPKQPQ4UMR8uHQBElbP4wKIDLhd3Og6B7kSCr8XTrtONhHOsLGGjndYG5sTjSAUkMLbygemalQB66I8AZbaO14IYhdwQ6Q1daPfN1vhHCA8vzUrPPYG7QwQ3fR3pJMD_xTyMkzlF7oTUWr2_-ognzn43CU97g_hRYn_NWn747VX9GBi7TQRhdLftFm8LudNKlt789yDmQ9J7X61dmWs1hJDhZvXhtrojBgbfXmDTWTPrdTuDhbwBdUO--RJrYoKWZUAbimq7hdnR8wAqYYhYQKMxeZYMVSu6bYlVZ6VRYuKzKKpNgW4TrYdRmiwWnRuzX5lyBqZqJTiD1KQg6r0Vr4XDlVk6NOGa5oKTrv7v1wZm4oGZtivY-K_iSrxaLOTdSuhjQaT0nnSCwUdkZyxSH1zHGwtzI_bZPEgvdG35_A-HtMYHVi8a4ULdkF6uZNXQWKAyzglqIWYlIyl1Aj6SseNbd1_SoglcQcI7t_kWcZ32s_4G7pbuEYbkRQb5v8cb2QcbjcX9bt6UGMr8vHdc_hQ5OxgwMEcRjJ0nu1wRBp65g67aeTB-pJ9Ggoh7WvnZsW9Q17yHrsXuIfPfB0Xb9D_Jk7b5xgS5FFIWV9f4iptK39ihEC4VUOb79wxDutqwLJAiKnC7t69O_fKGnDkR4Q21ivTFuLaQf_lMefq0fFgeGyrcewlwEtfKi0lsf1n7432mCvnSbWA_0716n5evgomf4M-4WlWVnHqBsL-oaQHRyhm0Euj0QChvR9CY8Rwbp3kM4hJr9uvj9_YnFo70lu5ecrcmFcL53VQC5kX2Kzbf_KdxV6FC0ITt0YxV2Jn2jmCvnxm7pvGHHkjE5Yc-_2--oG2ilCSTRk48Ym0GTNLR3X9W6i8icai6RZitS2Hn8Km-Gh_g20SwJVCQYO30IZqJKbb6yn9uSBNOemwcPo5h6myyi-Z-BcSZ9bYFTu76CITUQWAuYxeNaOZWSSFcze42DdHivmEP0vO-pMm0lEVxMR1MB8Bifs-nMedbpy3m5_IFvXY6r7c7R81HsG1UrFQAEd30wtXQ_V8DlHTkOBdqbmsqOUtYgvwneulcCqZI4g4flPcM6IJOcrPZPa6DGcdQ0YPJhyyamLFbdpg02GXsI18oVhGHwZaTApxgr6DneA0ryhqbR8Cr-Dx2SCLourtWPeTwjZP8Xuqvi48S5ZZKvf6aTWOQsRKi-34-jzHTjH_iu3pbGAjEaC8_iikxHn2ndEhEozVeNdHexgpOh7FXb4Ckv6AnnZPS0hknUeCKOBPaB2F3td8dnzCxP4BBZy2ataQuJrOQxde9n6PgDhYlUYiH6LjjXCjkRezNE4g2uD-rcLru8DDgjBhYQp-PuU9O3pMQM1qWw_0zDp6oE6Fy42bGyA_YvxshnophUZsvv1mlsWwTVybQiAxn_qrlmcDg9Wk734kHJzz1Xohiz7STBqxKVoTBKV8YVT_sWxbU4rft3xNgiFT2g0PLZm-rh9aJYQJd51fdv5pNL0akh2Yze9K9ohUe-w19ZDkPzNeSuKJhNfNKmIo1OxoUbqefOi9CLmA0UJJSlYW6GN-Hl0Pk7r12ijxdPW1MIFqx1IrTaDpetqoovIDpGrmde27IEXjfuZ1poKIlg7qvoWz-Vm_2LpMEeE8sEOd1gvWqtnkepinI8LIDVHuH6m59tZVyewiDHkqbMJ5yzwOvFFE-v6whzmUjlMekmpjiMn08tC8gkVKj-vkQK5FnLDSiZ5IodBOC8SMHikXjY0iGX4_CnoAtGHtBAZASW9f-o7eDPjvcm57eeBXeD2DhIoSKarppn8IkC5hJHYNfRTKneGkcaBuLrK6jWwjpLIs2C1iO79nEqxXjMlt4G3-ZVl-vMzZZVW1VhF--PP9u7_coloFW0e12qu2gShAEoMC5DnPtBeTvzhHWzvd8AoljeAULJo2DI-wCrKUhlxHlKo2o7SsOCECMCiPl6a-dDeUl0KsJhFk90mUxkRn592ExanJwaLpuAIjo0n7J0teMjgvrv_GJa8YgUcZx_toPzWo_qRNrm1u6y1kI0t0ZyaYSUemgBeySkyD8GH7EcbcW3p7I1HpNRHWYxV3BDFfT7cW-MmdBPAeIwdNxTFfi-v5n2143RPxUaIWG8dYCo29hDOn843xpHMhubzTyW6cDbi3j1oxvdyrV-zjsGmrY9hs6g9JjKgKf77y5-LRfOcuLqnT2m-fI7B-Z7wcBaXXUA7_N1F16OgF-D2OADEvkUFwIKk7NsedcMJcOwM6OekIpHw8zeYhZ-FeU0GJkKJD08sjdEj85z_26yoy3BgJL-vx3JEyRl7xVlzRDrWBNWm9lzSKKNnzCL9bEDsq23m225B4nRM750Aw2zPn4VkG3p_BsEg2_&cid=CAQSKQAvHhf_grb4kmcs6Z2l3qQ6C5MgwaafWDCWmsgzHXrW9wjJTAXOQLFGGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=6751888511326657000&adk=497053792&idt=122&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
311222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
15889722553585875498
s0.2mdn.net/simgad/ Frame 610C 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15889722553585875498?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qmYrLWC9YGYBGXUysj3eUF4k3ClZg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe28ae3191e5cc66bcd37107aed067de16ce0b3906dc71393d24af8670fed5a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 19:04:12 GMT
x-content-type-options
nosniff
age
48478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79827
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 07:16:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Dec 2024 19:04:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 20DA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Tue, 19 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 610C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a2d0681432da63d18ab3a7a27c0c1144514d83d86dd8bf79256281c6d21061c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 569C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
602323
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:13:27 GMT
expires
Wed, 11 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A2D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1095494245638371&bg=!8_Cl8L_NAAY3kmNgF5I7ADQBe5WfOBPjdYuzsRidRVa3Ly4eVMaNaoGDnLtHNfzrU4dRbDIrlSAbzdhsafIEx1tzmTcJAgAAADpSAAAABWgBBwoAIG3Y5QfIA_MVjIAstx0SxGlIMLLvBD3uirr8YbIv82hWmQMKZQLt5H3zvk4TOrXq2TPLuVbQicjzWhaWB1P-CkBgWRn4LzCOJaYV69U0i8EaoS2IpnytaQj2qAXmKp6U7kqaRsYH5P5zLB_IjUqkYqYaDp4kboL0GbtroH7tb8-aIy_3LoUy4t6nZlTyejXrjgv9OC44DW24bA5E5l4lhsoaTvziyfaUt5-hgbwUA1gaxTCJpYohM8bDMMRxCnjb903EZf6BHCJDbipLPrI22EkfanA6Wc7mwspLhfDa1oOJi50SXhN_GzNE2-PL2U5xcbajSFa0EGgLMinyJO4yj9LXf-XA2SP-EQHJk5zd8aX3YWJ2c7I17JkFHNlRzbhGDVB0cKELgiAc_OYhO1g4sJgllSNpQBo1EoTtGaRyKqzdM5WzJU3SriXaRFG1rchXYPXs1Qj-lnDmdthY5J1tVBDFjKTqo3t6N1BT5Q97g7Y7wJavS1EZbEsy5v0zeRts3dStCUyfJM_awvYxEC3b0Fj20aADiqONHaBYtJWa23bDE6-3Orr4Oc8j9yTcwNndVFUCU-vOOCXirGty1-5ldoN-FUN9bE6yZIgULAxC2iuO-hlbQ7aZ-m7uk5o0BczBPTD5749td-Oj8PlJWptMVx_XPgx-YPqZuWAmjgsznlr4-63MsdnbvVOgFXfxIsp3gVl6EnrgKm0TQwbO8mXtCsp3CeL3Y8N4cay3N1o35EQfK_RiRUd3P4Z3H1nkzMbFu9Ujbmsvri4e89PrMhZTc-PHIyALVY60VckeSYVfI35o8NR1YILbxvyfiMTPlyTFxN0Hmsnw8S4-s02cq1gOob4WOTl88oEkK0nO7u--K6r48AjE4DM-jpCSlTqnyIVd7-SSB22BcxnoY4wARB2wFSMKlKbthnHZwF7v-rdF78cjyqoWfQuggxeV7L7_mxki0YxdLwZb02n_QKu3a65uq9sKSWnMiHWCG7E8un4wYrloMSuq0-a9kDro3yH4LoRyfVqlbWOfi0vZS_Il9t1dDtfkP-E91weOTJMcKgtsPnmtMeaFtyHd8h3N7jImAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
noop
px.owneriq.net/ Frame 20DA
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESELLAhiJKMw8Wcpdb605I6Nk&google_cver=1&google_push=AXcoOmTV08gE7zgGCeRuTsNZGM66gu6Z8S6KiWtySLynShQqKbSUy-9iG6nJp8L75XW0W2F6LTBLBmNAz37RhYG3iuYSbxF7u2ONK19v...
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Protocol
HTTP/1.1
Server
23.212.215.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-215-156.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date
Tue, 19 Dec 2023 08:32:11 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 19 Dec 2023 08:32:11 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 20DA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKkT5CN7j9vP54jrZYY9JVI&google_cver=1&google_push=AXcoOmQ8FlvyR-_MUVaDeI-Jb7GrV-eyX__8VWjMjNY70vHn5US6kJoddkbpNJnosyHzFkK9cKgaV6A1xZjBQN1PqG63...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKkT5CN7j9vP54jrZYY9JVI&google_cver=1&google_push=AXcoOmQ8FlvyR-_MUVaDeI-Jb7GrV-eyX__8VWjMjNY70vHn5US6kJoddkbpNJnosyHzFkK9cKgaV6A1xZjBQN...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ8FlvyR-_MUVaDeI-Jb7GrV-eyX__8VWjMjNY70vHn5US6kJoddkbpNJnosyHzFkK9cKgaV6A1xZjBQN1PqG63TavYtA5v0CikW7MBAUMRKoQfCj-8WV4jaAyIsrtdKt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ8FlvyR-_MUVaDeI-Jb7GrV-eyX__8VWjMjNY70vHn5US6kJoddkbpNJnosyHzFkK9cKgaV6A1xZjBQN1PqG63TavYtA5v0CikW7MBAUMRKoQfCj-8WV4jaAyIsrtdKtQNounOkDg3D5kEeK-8lO2r&google_hm=fDIXrN20Qey-cKOoLVzT4A==
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ8FlvyR-_MUVaDeI-Jb7GrV-eyX__8VWjMjNY70vHn5US6kJoddkbpNJnosyHzFkK9cKgaV6A1xZjBQN1PqG63TavYtA5v0CikW7MBAUMRKoQfCj-8WV4jaAyIsrtdKtQNounOkDg3D5kEeK-8lO2r&google_hm=fDIXrN20Qey-cKOoLVzT4A==
date
Tue, 19 Dec 2023 08:32:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 20DA
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEDYKtbJ-VHFiOmlFxmmC_mM&c_param1=AXcoOmR5YG3IBXt_ytFCGA27a4JnwOPVXzW8-Fyj0tFcUNbfUVC92DO3YsQY-1GBq88paoCmChwhE1A0JG21yDMgHpkJgBeN9CvZ9wkPeerD79ryv6R...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmR5YG3IBXt_ytFCGA27a4JnwOPVXzW8-Fyj0tFcUNbfUVC92DO3YsQY-1GBq88paoCmChwhE1A0JG21yDMgHpkJgBeN9CvZ9wkPeerD79ryv6RTFPfnbJF1ZwnVcNQEh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmR5YG3IBXt_ytFCGA27a4JnwOPVXzW8-Fyj0tFcUNbfUVC92DO3YsQY-1GBq88paoCmChwhE1A0JG21yDMgHpkJgBeN9CvZ9wkPeerD79ryv6RTFPfnbJF1ZwnVcNQEh52eN5Bppxmw6x-sQvSuoWvX
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmR5YG3IBXt_ytFCGA27a4JnwOPVXzW8-Fyj0tFcUNbfUVC92DO3YsQY-1GBq88paoCmChwhE1A0JG21yDMgHpkJgBeN9CvZ9wkPeerD79ryv6RTFPfnbJF1ZwnVcNQEh52eN5Bppxmw6x-sQvSuoWvX
date
Tue, 19 Dec 2023 08:32:11 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 20DA
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEJvKW94cOvTcejV1C6xIkE8&google_cver=1&google_push=AXcoOmSHYBwv-kmgnGtNLqU2jgZ2AJbQqNTb85o1Kdlpf7xUkmJcckSfM5mAtxqaay-UNPm4uUHLG07aWik_C8hJ2PKUD6q...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MGQ0OTA3MDVmZWU0NGExNWFiZmUwN2E0NTM3M2Q3ZWQ%3D&UIDF=CAESEJvKW94cOvTcejV1C6xIkE8&google_cver=1&google_push=AXcoOmSHYBwv-kmgnGtNLqU2jgZ2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MGQ0OTA3MDVmZWU0NGExNWFiZmUwN2E0NTM3M2Q3ZWQ%3D&UIDF=CAESEJvKW94cOvTcejV1C6xIkE8&google_cver=1&google_push=AXcoOmSHYBwv-kmgnGtNLqU2jgZ2AJbQqNTb85o1Kdlpf7xUkmJcckSfM5mAtxqaay-UNPm4uUHLG07aWik_C8hJ2PKUD6qJo76GQPg5-L_2J5bxQn9tCn10sTJX7K9jJE0gXDX23GDdUjIHlDCXNb7TxA7K
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MGQ0OTA3MDVmZWU0NGExNWFiZmUwN2E0NTM3M2Q3ZWQ%3D&UIDF=CAESEJvKW94cOvTcejV1C6xIkE8&google_cver=1&google_push=AXcoOmSHYBwv-kmgnGtNLqU2jgZ2AJbQqNTb85o1Kdlpf7xUkmJcckSfM5mAtxqaay-UNPm4uUHLG07aWik_C8hJ2PKUD6qJo76GQPg5-L_2J5bxQn9tCn10sTJX7K9jJE0gXDX23GDdUjIHlDCXNb7TxA7K
date
Tue, 19 Dec 2023 08:32:11 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame 20DA
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKkit6XTcnXv9BpCF2zn7ts&google_cver=1&google_push=AXcoOmRnSMIo0q4J_ZTuL49HwnJKq8DLC1IE42rtWn2Euz1E2LwDk-EzUzgOnC-rR2z4T48VEFSrHMDcWd3UlKTuhQv5aDd9rK...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRnSMIo0q4J_ZTuL49HwnJKq8DLC1IE42rtWn2Euz1E2LwDk-EzUzgOnC-rR2z4T48VEFSrHMDcWd3UlKTuhQv5aDd9rKD...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTQ5MDcwOTU5NTAyMzkzMzIyNDI0&google_push=AXcoOmRnSMIo0q4J_ZTuL49HwnJKq8DLC1IE42rtWn2Euz1E2LwDk-EzUzgOnC-r...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTQ5MDcwOTU5NTAyMzkzMzIyNDI0&google_push=AXcoOmRnSMIo0q4J_ZTuL49HwnJKq8DLC1IE42rtWn2Euz1E2LwDk-EzUzgOnC-rR2z4T48VEFSrHMDcWd3UlKTuhQv5aDd9rKDZv7v1jDuLobOIkE0fze_bLCSskzOo-YxC-iU2h5Df3m4ma4zMso-Pq4ZU
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTQ5MDcwOTU5NTAyMzkzMzIyNDI0&google_push=AXcoOmRnSMIo0q4J_ZTuL49HwnJKq8DLC1IE42rtWn2Euz1E2LwDk-EzUzgOnC-rR2z4T48VEFSrHMDcWd3UlKTuhQv5aDd9rKDZv7v1jDuLobOIkE0fze_bLCSskzOo-YxC-iU2h5Df3m4ma4zMso-Pq4ZU
date
Tue, 19 Dec 2023 08:32:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 20DA
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEB_2zsn1qRC9Og8pme-s1bU&google_cver=1&google_push=AXcoOmQLZUnS-pMm7zARlHxsDzeEWk7wiM4UkyJuOVh35FnBvKoccOhNnw7RlLlSrOUSFcMILqR4_M6W4LoKYHgBm4F-Tz1B0...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1OTc2MzMxNzI1Mzc5MTAwMFYxMA%3d%3d&mn_hm=MzQ1OTc2MzMxNzI1Mzc5MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQLZUnS-pMm7zARlHxsDzeEWk7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1OTc2MzMxNzI1Mzc5MTAwMFYxMA%3d%3d&mn_hm=MzQ1OTc2MzMxNzI1Mzc5MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQLZUnS-pMm7zARlHxsDzeEWk7wiM4UkyJuOVh35FnBvKoccOhNnw7RlLlSrOUSFcMILqR4_M6W4LoKYHgBm4F-Tz1B0-_0_4zEJc77qGJmSab2WDNMOum8TEJj_q6g1O4MmhCv0mwttF1gOBLcahty&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 08:32:11 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1OTc2MzMxNzI1Mzc5MTAwMFYxMA%3d%3d&mn_hm=MzQ1OTc2MzMxNzI1Mzc5MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQLZUnS-pMm7zARlHxsDzeEWk7wiM4UkyJuOVh35FnBvKoccOhNnw7RlLlSrOUSFcMILqR4_M6W4LoKYHgBm4F-Tz1B0-_0_4zEJc77qGJmSab2WDNMOum8TEJj_q6g1O4MmhCv0mwttF1gOBLcahty&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Tue, 19 Dec 2023 08:32:11 GMT
pixel
cm.g.doubleclick.net/ Frame 20DA
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=04466c0e-3921-46f1-b655-7900e995e7fa&google_cver=1&google_gid=CAESEEFcyvnz1TkbFG_2ektNuIY&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=04466c0e-3921-46f1-b655-7900e995e7fa&google_cver=1&google_gid=CAESEEFcyvnz1TkbFG_2ektNuIY&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSXC-QGhA0FGjj2G-7U74dMiBj5LhbNnwgCYYxJHNCJNC2osTctHM1f3g8sKo_kmhPrEdS40gszwvO6nCvCvT2EbppbU2J9OGyqd-S4UBjR8injf-61Vz4BkZExVcUvXFf5grBg_JrW4hqJ3zGv-8IKGQ&gdpr=${GDPR}
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=04466c0e-3921-46f1-b655-7900e995e7fa&google_cver=1&google_gid=CAESEEFcyvnz1TkbFG_2ektNuIY&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSXC-QGhA0FGjj2G-7U74dMiBj5LhbNnwgCYYxJHNCJNC2osTctHM1f3g8sKo_kmhPrEdS40gszwvO6nCvCvT2EbppbU2J9OGyqd-S4UBjR8injf-61Vz4BkZExVcUvXFf5grBg_JrW4hqJ3zGv-8IKGQ&gdpr=${GDPR}
date
Tue, 19 Dec 2023 08:32:11 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 20DA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGZVLSPwW2aDaJuIt0IYC81s1kZlXOVbxlic_VKen_6DVLbk4T6Qd8WrNa0UJhsjzdK-WAlw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702974729317&bpp=197&bdt=251&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1956&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3616368145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C44798934%2C95320885&oid=2&pvsid=3669750563884136&tmod=1475370974&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.sckugxgpgxjb&fsb=1&dtd=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 569C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 22:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
37109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 22:13:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 610C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNZiKuJINiwiq8w618H6SYQiDQ4nbO4dppKmD9emLCpYrDbvzDxsmMP6RPGPQRoZBBIgoYbvrfpxG_a67doqLRN5HIDvgc0k20UBIy_lasua_UI7k_9ADtItw94FrC3uPzvDhAeECiGDu4Odpd6tqsTtnF83-l3IHPVg_NSmi_X5jnO0v1ZFdRGkiEpVn1UWdVl91f5VxzkdISV4-3dUviV8pNSrphMhk_L7IH3XHo9PQnSZC647uquEzlk-djC9F3Dk8hcIN7A4x3GWotx9NJ28kzcusNiVSNKiPJjsf7-cLE3xw2NRyDjedruFbq5kRBXlouePW76vxKwOzFXbpq85TEi2bdB3WPOhfttB_lnhMPWHApkoT7wZphpk4i3CRJZdXucPjiTW3_IT_1kVb_qEJvucm3NSD9GjkPpOtGS267RSa5cYCjRqgsdQ4AFb2KhAi8Vg83mH8vgDX2mNJucuzJRicNMCkxv9VGrzSBl0oRL-gXwiLrbtNLJU77dVefqlMkw8KtbA0DmqpAIl7dNo6Z90GDLtnRAGjFQC5hywz84aPfkDAps7mBjqn_XfOG2g4IPo09vNYBawFfiOKz3hhcHjGAdq9_NyMWaVklXSzQMAb_GMgAkf6EKUtAwLwfFe8_kpLUsZgMmmqjaVYQrgTeBeCSoUQG8EoKxny3lQPiGZE8wH120izX89Wd1VLKEeoK__tXKdUIvDlQgYDmmQqdTmm6aC42NHk2G_p6vJKSS18TCzoPL-i4IRwYGlUIVXKOJgjH8SbnOB5WcO1DlXgPzwvESLyKLHRKtS2w21kJ9jbKj3Xtf4BAGEDsCn2oRjfbldLz1-nxcYR0DSQWIdePdn_ER9NEOkP03zONOXqxXjE1hYR9O-53MHTH8xl28yeOCJUK4U-h_yBgm3Hu7uvH_DdUibVBsTA8L837LSdrz24QbB3QXEbOaVVi3wQXhIX8zCW1R1OWw_V87xxFuvGHFyNwbEKXjdEXMwLs0yXmA0Ms-DE_ypDp_xKx58AKsJYXM5DVPD6ZXTPaMSD53izmlKhFxe5VGkYp84aXrbBtsGOtbCgZqEK37_CvDlzcaLIVRExJMVkx2N4lW37eSBaxcrak_sfLqj5pJZjh7RLncj4vt3y5aRnUzm8QudYBwy1YYLduy9mOwIWyMDCw8UZVF3SbKX36n15tuJC1kqGMYWqpsGAGR7D2zO_TlRyr7ayTvS9vKVeYToLXTyOGES-Qy_Rx_6m6kjtsdbMXL2af1krMpCHW0vWb6YE5JMlYGzLTvmla0FtaOAU6DXPwJw_-5n5-BLrHAAtgk7VVrWJJroby6bCOYr_nk2hyVubX&sai=AMfl-YSLiy6-WBlFfavPQHB4uyv0Zd2n09Vqu9fcaVjRHJrfbBUXSEf1Jr8oYd7QvW8YJTs8Q4KXbWkIamjtx5haAB92gskWbY3egdpGDllnoxwsN_ujpZPh7jHUGmdkE_b4m9eyFdgWaaoTVBhWSv-sqwLlg2DxRJ7gzjcc8-2NORS_c1z8TeTA-JwaQXCdMIcflyYrjfnocZ3O&sig=Cg0ArKJSzDZwRI0p27zXEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=150&vt=11&dtpt=148&dett=2&cstd=0&cisv=r20231207.19763&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTbLpptIGjZOXBPsHcDcwuDPiIfB5MOHvR5I5Po9IougBNW-4j5KONlGIJeyHasV9OlOB-belXdjwHKqlfyABj2OIE2JbVOmbFC21miBQ61nxLw-RHbNsDx7u_x0fGxDXpXGDHAYgwFX8RZc8YBdxP4DptiOWjJVS2Mb3T81H5BNUqFUg&cry=1&dbm_d=AKAmf-CBsvZzOloPE9AWcpsJ4kUGw4RVgn7nG8aAG6Htnitst1OMqm_m0FJ5G9YBkk_8OjsY5QqQozOpIY8SG1xkcDV_buq5DCslpDLztgEjsRMcdc5Ds3jvI-iVZmFNxSlBXOOEOerDv_QvbpjLN5CqfKlWmUqHia3I8xofi7KUUhcvYyMCFFuI4w90QFVtxC5eNWj6bURl1gW0sVRDczrrK8r0yodagpYXf6wbiTB8_MwFalvYSnOOCPtEbiRU-iiqrVkwE9Mn7vhbBVSMEL7tz9dlhqh0exeDr7kiRoRnsNMr6bE7DfkC2fS_1cEDYkZAhxjlDbjhJ0-Sa-qxLP7VukWSFh0cG5566Bj9abMzLdsdKgF82Ih4oMVC3_67YAxp6SoypT6GYKhAPTxN2Trk83YT_Q71ivsY2kNh-86whBLOLkRAtP3aABdNj0qWXs2MUycZ0FZj4sVwhFvucM1GYCUMqxPSG3mGRwwYoZFR1_nef5Q1XbvGHK3YTJ6Xa_bSntMphb81PdnqfgXURos-D-wAZ_yLnx1zfH5yo6D2SdG6JC7LJ1BVfMIC0XqmpXOff8A_W8BrnOOQOjm5ZJy22M6TCGgBdhJv2RCF1wJjKGO67Kqo1-iOm8cAS1ziYUuc9FHcuI-5niso2IlQDC18x83dKMGe3ybwLXwrN5I11qlKvNy0Htbrh7tg755uYRLQ6wGRfgCrK10iIngVM6XVAPaXPIHzrVRrFps5xj0mhdAuTdpkrRGVcf1AcNVs-E6lj2Xpbe6AXSrPY0-e7zNpswLLGXM9PBHwWvYX2zbJktBh47xMD4Aj11ENgTxF6oLoLz2p6ajqVsMuK3PovuxuNBK_1641IWJT5XMrTu-sVuKU9VIdBnNqgWoRwHEJUr6GwZ7DvUxcbVCbF5B9z_kZxdXh4yRKz1DKr8WAwcf9We-6G30Ugq_wpp7_oCVjiJ7ckZyJLEZijSu5w55U3xv3rG_kEKoEScp0qZOjBBZFtzYKTZt1XSRZGPUKv6OuCxg8CTH3X8wI9_wRKVkv0NVTPGA7ZlARJHGc9AL0C15wB9904jr3xRepW0RLadFQWXOjF1EzJ1hifyK4UC_QmnJrVe7ce_jD3cybNwQEppnKC9J1k2f-LCp_ipzpo_nn0cdfK2Ns9eQ_h7eriBYSiRBb_sDFJG9eR8_7yjaLlBuqsyoNCfYaIfnlMf3VjpIw6NkahHj-d338Vl0-rnXeGf31MuQqHQbR71EyWKbo6870z2pY9evVFUdngnZgJPKQPQ4UMR8uHQBElbP4wKIDLhd3Og6B7kSCr8XTrtONhHOsLGGjndYG5sTjSAUkMLbygemalQB66I8AZbaO14IYhdwQ6Q1daPfN1vhHCA8vzUrPPYG7QwQ3fR3pJMD_xTyMkzlF7oTUWr2_-ognzn43CU97g_hRYn_NWn747VX9GBi7TQRhdLftFm8LudNKlt789yDmQ9J7X61dmWs1hJDhZvXhtrojBgbfXmDTWTPrdTuDhbwBdUO--RJrYoKWZUAbimq7hdnR8wAqYYhYQKMxeZYMVSu6bYlVZ6VRYuKzKKpNgW4TrYdRmiwWnRuzX5lyBqZqJTiD1KQg6r0Vr4XDlVk6NOGa5oKTrv7v1wZm4oGZtivY-K_iSrxaLOTdSuhjQaT0nnSCwUdkZyxSH1zHGwtzI_bZPEgvdG35_A-HtMYHVi8a4ULdkF6uZNXQWKAyzglqIWYlIyl1Aj6SseNbd1_SoglcQcI7t_kWcZ32s_4G7pbuEYbkRQb5v8cb2QcbjcX9bt6UGMr8vHdc_hQ5OxgwMEcRjJ0nu1wRBp65g67aeTB-pJ9Ggoh7WvnZsW9Q17yHrsXuIfPfB0Xb9D_Jk7b5xgS5FFIWV9f4iptK39ihEC4VUOb79wxDutqwLJAiKnC7t69O_fKGnDkR4Q21ivTFuLaQf_lMefq0fFgeGyrcewlwEtfKi0lsf1n7432mCvnSbWA_0716n5evgomf4M-4WlWVnHqBsL-oaQHRyhm0Euj0QChvR9CY8Rwbp3kM4hJr9uvj9_YnFo70lu5ecrcmFcL53VQC5kX2Kzbf_KdxV6FC0ITt0YxV2Jn2jmCvnxm7pvGHHkjE5Yc-_2--oG2ilCSTRk48Ym0GTNLR3X9W6i8icai6RZitS2Hn8Km-Gh_g20SwJVCQYO30IZqJKbb6yn9uSBNOemwcPo5h6myyi-Z-BcSZ9bYFTu76CITUQWAuYxeNaOZWSSFcze42DdHivmEP0vO-pMm0lEVxMR1MB8Bifs-nMedbpy3m5_IFvXY6r7c7R81HsG1UrFQAEd30wtXQ_V8DlHTkOBdqbmsqOUtYgvwneulcCqZI4g4flPcM6IJOcrPZPa6DGcdQ0YPJhyyamLFbdpg02GXsI18oVhGHwZaTApxgr6DneA0ryhqbR8Cr-Dx2SCLourtWPeTwjZP8Xuqvi48S5ZZKvf6aTWOQsRKi-34-jzHTjH_iu3pbGAjEaC8_iikxHn2ndEhEozVeNdHexgpOh7FXb4Ckv6AnnZPS0hknUeCKOBPaB2F3td8dnzCxP4BBZy2ataQuJrOQxde9n6PgDhYlUYiH6LjjXCjkRezNE4g2uD-rcLru8DDgjBhYQp-PuU9O3pMQM1qWw_0zDp6oE6Fy42bGyA_YvxshnophUZsvv1mlsWwTVybQiAxn_qrlmcDg9Wk734kHJzz1Xohiz7STBqxKVoTBKV8YVT_sWxbU4rft3xNgiFT2g0PLZm-rh9aJYQJd51fdv5pNL0akh2Yze9K9ohUe-w19ZDkPzNeSuKJhNfNKmIo1OxoUbqefOi9CLmA0UJJSlYW6GN-Hl0Pk7r12ijxdPW1MIFqx1IrTaDpetqoovIDpGrmde27IEXjfuZ1poKIlg7qvoWz-Vm_2LpMEeE8sEOd1gvWqtnkepinI8LIDVHuH6m59tZVyewiDHkqbMJ5yzwOvFFE-v6whzmUjlMekmpjiMn08tC8gkVKj-vkQK5FnLDSiZ5IodBOC8SMHikXjY0iGX4_CnoAtGHtBAZASW9f-o7eDPjvcm57eeBXeD2DhIoSKarppn8IkC5hJHYNfRTKneGkcaBuLrK6jWwjpLIs2C1iO79nEqxXjMlt4G3-ZVl-vMzZZVW1VhF--PP9u7_coloFW0e12qu2gShAEoMC5DnPtBeTvzhHWzvd8AoljeAULJo2DI-wCrKUhlxHlKo2o7SsOCECMCiPl6a-dDeUl0KsJhFk90mUxkRn592ExanJwaLpuAIjo0n7J0teMjgvrv_GJa8YgUcZx_toPzWo_qRNrm1u6y1kI0t0ZyaYSUemgBeySkyD8GH7EcbcW3p7I1HpNRHWYxV3BDFfT7cW-MmdBPAeIwdNxTFfi-v5n2143RPxUaIWG8dYCo29hDOn843xpHMhubzTyW6cDbi3j1oxvdyrV-zjsGmrY9hs6g9JjKgKf77y5-LRfOcuLqnT2m-fI7B-Z7wcBaXXUA7_N1F16OgF-D2OADEvkUFwIKk7NsedcMJcOwM6OekIpHw8zeYhZ-FeU0GJkKJD08sjdEj85z_26yoy3BgJL-vx3JEyRl7xVlzRDrWBNWm9lzSKKNnzCL9bEDsq23m225B4nRM750Aw2zPn4VkG3p_BsEg2_&cid=CAQSKQAvHhf_grb4kmcs6Z2l3qQ6C5MgwaafWDCWmsgzHXrW9wjJTAXOQLFGGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=6751888511326657000&adk=497053792&idt=122&cac=0&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 232E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBH95sPCLKwXSOdTFTPPOQ_p6L47cHjp2N_6lN_kxEPaFwb6SOp1qb7lAuck9gWbaunRiM0Yi5W7lWAd2CcE1CFyqPugxr9s2Kx7dMZ6AWn23Ofujrw5anMueE_yOo8a1onvIccbaCgEmFbzXj0PJUg_AZnjPbHJO7jdvGn1po8NJCek0CGS_uRUlIdp9H-m2bGw5NLY6ZjnihY0CPtSCAcoZgWj4Z5Zw8xzdL0xKi31lGrXqhQd1OdGmdATWMxBqwJilSBFQi4isURFRKnPRAioFrnKyF53eHdwolcqwpdAgnAXpAIdiqJygpnKLGb_pPTzVmwZazFGq6inTIhJDeKRlFHDq3WISMKSAXcb-byefRxxaJkURhx8NEzS01lVd46D-OLcSv0KDuBMHblnYo&sai=AMfl-YREV9rqR4x7FdQQIxceOGC3Kiw53WFA16OGtcqJ9dBSg-jEZJHuDhxFJrqT0umY1l6_2yyfX2ij2iTJw_g&sig=Cg0ArKJSzFm-Y5iEOpmGEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 19 Dec 2023 08:32:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 232E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36dcb2de9dd823a3911505b3e2eedcbb43fbb8c7755c9576811582d89ef26971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12231
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 232E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 08:32:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 569C 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSSMVClWBZfSSKai89u8Ppf-WyAYAAAAAOAHgBAI&bg=!WVqlWhXNAAY3kmNgF5I7ADQBe5WfOCDOBkHHpvcCi1jOAgXd3212xar7hpD4H0L_ijNyGAETEzXnVYsE0WHivc1oJSh8AgAAAIJSAAAAAmgBB5kDN6dha4WK-8WSOgE0FdhZyuNTKnQ-TZ5bMMZ8m_jIZKDtt6LzXxv3LbaYiTcNlpYS7-02nRAtrWeIX9e01d0LR5oPxN_1OZvnK8QFEU05Ndoh2jKMnkHxkiErzN7F-YojbylhsAL1r6tP1kp1jdg9NNNuhG6aekc9aPncuh6Kp2Z5AF8L0-ifWYDD_gZk4_ikkaBMeZENGYfZj-UfVHJRkkfotpVbzXbgfaovDKZSfhuX0spqU9y7rl3RywTAu-Za9FfCC-vdj_Yyq5GUIKeXQHRIiYezB4i3byZI5SRGun99DwULytTupKGAxX_zj6O6EAD4mJDWKys3M0g5yRVtuvo0ScNMFSuCgBduYT9o1-xjqDYGYTLiSPH8S868UjtL6Kpd5olZ5y6As4e9-gJ6Kh6zFteL0umoUt6PSlMkJj23hqlRzG-8XK5uzW_tnrfZX8ZXLqHjkSloLKnuWfEv-u-V7T6CAUMwuLpqusFo7sxRJpJKD5kSWlMSM6urepZqBCcDDoWpVVM4ftt2GnZOT2qaHHsxMmoOtuFqyzcB3X__InjBBF0983lHD98wl-nuXoeiwHoptAnUryG-ck08_KV7Z-_7T9WIe-xXG0LlnUutBiumcXw6SEG5aieSobhafBz1YhoVniB6BpettSy0ZtNnFfsM_m9XLjxt5kF-SNsGhsXgt0hp8uWu3c0i-KiWios2qjVY_UiLRVRupVeo-q7sk8TKhcUpc8w8NsrH8Q6CRfk0nhSDDCYKTwPHp_b8W7BQv2c2T1mICfw8xT6mUZGMGBeHXiZXilt-v0QyiCvxenKa5wELNwYQfgW3gjmwrIlLF2ACPu7T9mFy_oHMEaWXFIJer_pVbMZmst-nj2Q42iGQgYZF5ee7HG0d56Bkoe2AXjTx7Y-1GLs8c_QoCjbudhSqR7jQ6Azv7xUgu03PBXv_AbolD4cUCQYxl-_P8ANwEQeM7Lu2z4p3onNHywiOG2XxonijtiX2pcWE6rxaaJ8GkgkV8wz24Kc7gWsdg538yBNvjZFaRY-rhQ3cRtqPR-NEPQp0i4lNEPn_3rbUmxtrSHp0VshMUyLtBz6VwDhlrj8iVK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 91FB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
37111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 22:13:40 GMT
expires
Tue, 17 Dec 2024 22:13:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 90B0 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
51bb0dee4cbd925d2b29622c3c30efd0b116d2451a195e0cbba1ee397433c69f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BHhDWQgk8xe2WJk-SHM_nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BHhDWQgk8xe2WJk-SHM_nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 08:32:11 GMT
expires
Tue, 19 Dec 2023 08:32:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 91FB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 22:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
37110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 22:13:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 90B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3669750563884136&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 91FB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?e-ekMA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:32:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 232E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3669750563884136&bg=!lpWlldrNAAY3kmNgF5I7ADQBe5WfOCYpfHBEOFv4imFY3wO-8vVfwUyaUJ6j1sk4mGKMfBqfNqdGbyBzzwdCS-DRiKMbAgAAAIhSAAAAA2gBB5kDAeOqU-_I8SDV5edpPxOg30NlZkdz0iMWK4H59n3JIn83l1TSY5NKjF_m_WQSlu_4KNRy3tc9Bm8WTsDGJ-qCmBru7fww_F_v67bu_Bj_chb5oUzWQHhJ9fS4G1_ENoxP9pG9xm2yAg2_xRVD-imMWaCSTVKfYwThXZcIGu6yESegBE06t2apFn3kGu3G6jvmJoXO7tD5ExIrYpQOHeN-rTjejquCXIBpAgH6WqbBzLvjj1b9meiVr9ni1lbaEit9IisGr3RNVkQrW4SWp6ToFAhhDu66Ufs57jU6f4wWEJvnh9pDCpUqZx_4bYNYJ_0za_zjMzuceOMom7JVrPQC0RtYMqtn8_7mZdeYMlmkwq7qPqbsapkfc19Js_GwNqLwFNPvki7i8C0fao1VTLt5zb7dgtNaDHEkgE4tbbFAus2O2ZAQBLDVCImVipMtKVX6XjYVDShv3GUX3H4tR01SO-Apt5whzaxpLPkLsaoC-akusf82m1642Yxi_42cUb4Y5vXn_hQR4PF84pHRN0g0l2EwC7QtTqJrAU2JH9wRMS7MZ86IYofByAnqHMT01rE0lZclZo_TRiwLW0mkRgPqaseOz1TV0n0T9CMWQEpVgtDyGzuTtFytD7LgYwRMA37C2J0ogrlDBaiCp2dmceMktyAuW3LD8slZ3Hclc6_qkretBTnk1EozFtbGkWe3IuD334574-gLds0fkWrMpOaKWlLih3yqpdEWcvK-aUKEQdK1Kc84JbaHUVAVRk7rUEovkEec7qEeO9oc5Ab8s4k3-NV39HHdQHO2gMOfOio5c3YWQyPAZKLEs5hs_FF6FlKyfu1TDS5vrSzS7qcuZ3_DuC85NU19nw8L95pW1OG7vJ1-RBu1_gS1PxU-akJ1m9WJr25pKkd9FOVeR7gDgXyAxiFTC-vbdM0t1L3B-nGRWp0e2wPcVsLUDb-EKDiddoIEr9kzt_dwFJgfjV7rTEK4JXlYXA3KoB3zvmFIQLawU5wHvSJxedrUKZuccnD3nWSPQyE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 610C 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2236307195481&version=m202309260101&ct=2&x=1&cor=6751888511326657000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 08:32:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter function| FormProxy object| __AMP_EXPERIMENT_BRANCHES number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

19 Cookies

Domain/Path Name / Value
.statcounter.com/ Name: is_unique
Value: sc12916097.1702974727.0
.statcounter.com/ Name: is_visitor_unique
Value: 1702974727246780772
.xgcartoon.com/ Name: _ga
Value: amp-eIAX1nvWPJuOkXNcR72KfA
.doubleclick.net/ Name: IDE
Value: AHWqTUkfhL7fDJ3RsH_a9Jh6cmlI2-7qOUPgvw5wKFV_n6ZE8tKHYHfiDTF5fBQ7EVo
.googleadservices.com/ Name: ar_debug
Value: 1
.casalemedia.com/ Name: CMPS
Value: 5290
.casalemedia.com/ Name: CMID
Value: ZYFVCmhIgXGiuViHIFCL6AAA
.casalemedia.com/ Name: CMPRO
Value: 5290
.3lift.com/ Name: tluid
Value: 549070959502393322424
.csync.loopme.me/ Name: viewer_token
Value: 04466c0e-3921-46f1-b655-7900e995e7fa
.uuidksinc.net/ Name: jcsuuid
Value: BtD9HIWH6nh7j7yWh5PY
.bidswitch.net/ Name: tuuid
Value: 7c3217ac-ddb4-41ec-be70-a3a82d5cd3e0
.bidswitch.net/ Name: c
Value: 1702974731
.bidswitch.net/ Name: tuuid_lu
Value: 1702974731
.media.net/ Name: visitor-id
Value: 3459763317253791000V10
.bidswitch.net/ Name: google_push
Value: AXcoOmQ8FlvyR-_MUVaDeI-Jb7GrV-eyX__8VWjMjNY70vHn5US6kJoddkbpNJnosyHzFkK9cKgaV6A1xZjBQN1PqG63TavYtA5v0CikW7MBAUMRKoQfCj-8WV4jaAyIsrtdKtQNounOkDg3D5kEeK-8lO2r
.tremorhub.com/ Name: tvid
Value: 0d490705fee44a15abfe07a45373d7ed
.tremorhub.com/ Name: tv_UIDF
Value: CAESEJvKW94cOvTcejV1C6xIkE8
.tremorhub.com/ Name: tvssa
Value: 1702974731244

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

62123202f22bf4a793d82ef7f14eda1e.safeframe.googlesyndication.com
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
c.statcounter.com
cdn.ampproject.org
cm.g.doubleclick.net
cs.media.net
csync.loopme.me
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
px.owneriq.net
region1.google-analytics.com
s.uuidksinc.net
s0.2mdn.net
securepubads.g.doubleclick.net
static-a.xgcartoon.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.xgcartoon.com
x.bidswitch.net
zem.outbrainimg.com
104.18.36.155
104.20.94.138
13.248.245.213
142.250.185.226
142.250.185.66
142.250.186.34
146.75.118.132
169.150.222.217
185.196.197.130
2.18.160.23
2001:4860:4802:34::36
213.227.153.220
213.227.153.222
23.212.215.156
23.35.237.86
2600:1f18:612b:4200:b356:89b7:4cae:66dd
2606:4700:20::681a:3f3
2a00:1450:4001:802::2004
2a00:1450:4001:80b::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
3.69.92.105
35.214.242.163
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0980710eec750d23efdab8ccc9eb5c98fb66bf99e93c30978fc24b0620a52f28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cbce237f220a3cd2094e1692fcec22889209595a5caab7d47c7df5bccbe8914
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
22179d4bbc973a8a199b1b367d47bd30a25c8890e46d11f949fca034810ff59d
24d18bcf8211d5ae00302987ae9d022aa37207d9adf7209fea35a98b52612c4d
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36dcb2de9dd823a3911505b3e2eedcbb43fbb8c7755c9576811582d89ef26971
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3ae13bd0417de7d7102ec2080124ed40f8ccf9277c70c3f00cb03823f1223fcf
3ae56bf7ed6a1b512a9e91eb3a9bde38a640f12e9cb2305fa22c27c672eee48e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45f3df2234154bbd9bde190b827b37241c0bad859a95ca180bca739155ae11ca
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47cd9c974d258b031c74041b2bf4e1afe4335ae88ba1650d15d99a0f57376570
4a4c670ddddb18227cc91775dfddba77e8c22eff2ea920bc51a9d1563bfc3a19
4f7620698fa7b2437e7a8110863ec62b871deeb08175fa0271aa19418ed4258a
51bb0dee4cbd925d2b29622c3c30efd0b116d2451a195e0cbba1ee397433c69f
52934f9b81f2cb1996e70672a971456375ee720adc34167942dab2a2dd16da72
5387650a25157591603cfb8911451ff912ef2c6f9d584247131ae8db7fad3718
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
59c30fd287c710b8df7d0976849eb628c7097cd2d0c517bce730392b70e79343
5a846dccef04cf7bf765ae31400de6f62d95f9f8328e9ff8ed24f5a40dce6af6
5f71cf43d2c7f291d9b1bbf3d41aba7b86834718cefcc173a2407ff7dc7e4b37
60f2f5b378fde4736be88dca1fcfec3f921c327d7daa00e9c260e0042757377c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c8b3c43ed081543104b404ce5877b1c794e01a6a9e2c06303fb3b591b2d05a
6a85f0021ebd5d5ddc7861ff8d2f5c8324b1881ad19d6fc5b759b0e0054b703a
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7872b217d2bedf22a5adb47ddd8c1f3fb25e30c42b3a764e7f5b520d9f588fd3
7953467a2baf93d63b71b947f3b06ebb59e845889b0a9093fb93d6038b459f00
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8a2d0681432da63d18ab3a7a27c0c1144514d83d86dd8bf79256281c6d21061c
8b1ea4bb0857ce1e8b80a4a0412436dd65d01480ce61ed02c685a1528b454d40
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8e41a88abd791194546dc153850b2d45750ea6adfb8d8b4a6158f93db6b899a3
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a2f35465b050e2c915064e68f48a230ecf17ccb614d1dcf9d8961250012e3bc0
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a54b4a311113804e5faf2f5ce18cba7386309775479d468c59f9b1087768f160
a65b149dbc152f0357b23971dce7a05cef1d1fdb53434b1dc3b51e6588a1f74b
a96be44e64fcde173dd1f4a09044898489e11f46040a158dd4c4ff04c628b742
a9b4ab467cb9a01f083b4fd37b808ea5797f28acfaa15516286e1701ecd1656a
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adc68f5e7262c801ba96bf28010d98881c702e823c8a0ee9e9d6a377cc16ad1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b375eca35c7defed13c09a3ccf5a4f3a5ac601c35a3739c3efafb3ed23747971
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
bed92c411b6f552856ed234d50c3a11afb4dd43319f04b9a78d4191c8578a85d
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c03e943822fa68d66807880022fc1e101a71e3d61cbba046564f184311d28f33
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
d57aa233be32941dd179520a51c4fe97189091df34ec1863bc0e77bb7372d8bc
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
ddb696bd97259d6221915957148c4c5f80b5a67853a12637d35ac74d2bd8bc04
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e5044aba406bbc6b05789d47db4ade8cf9ef316adba5cca3ce73c38edfba4c87
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe28ae3191e5cc66bcd37107aed067de16ce0b3906dc71393d24af8670fed5a5