www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Submission: On December 20 via manual (December 20th 2023, 8:48:16 am UTC) from US — Scanned from CH

Summary HTTP 188 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 24 domains to perform 188 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.95.138 104.20.95.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::ac43:47bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
68	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
5 20	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 2	23.197.126.41 23.197.126.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	20.123.110.224 20.123.110.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:c	27630 (AS-XFERNET) (AS-XFERNET)
1 1	2600:1f18:612... 2600:1f18:612b:4232:a102:620e:4cbd:9b41	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.76.229.46 54.76.229.46	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.241.220 3.126.241.220	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.214.168.80 35.214.168.80	15169 (GOOGLE) (GOOGLE)
188	19

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:47bf (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.181.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.197.126.41 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-126-41.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (Schiphol, Netherlands) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.123.110.224 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:c (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:a102:620e:4cbd:9b41 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

google.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.229.46 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-229-46.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.241.220 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-241-220.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.168.80 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 80.168.214.35.bc.googleusercontent.com

gtrace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	googlesyndication.com 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	1 MB
49	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	177 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	251 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com	404 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	259 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	4 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	386 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1100	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 1765	893 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	650 B
2	owneriq.net 1 redirects px.owneriq.net — Cisco Umbrella Rank: 1523	476 B
1	mediago.io 1 redirects gtrace.mediago.io	511 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6100	666 B
1	tremorhub.com 1 redirects google.partners.tremorhub.com — Cisco Umbrella Rank: 13423	676 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 951	815 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 7973	596 B
1	temu.com 1 redirects www.temu.com — Cisco Umbrella Rank: 8551	642 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1209	684 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327	819 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	760 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	463 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 10182	466 B
188	24

	Domain	Requested by
58	pagead2.googlesyndication.com	3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
28	tpc.googlesyndication.com	3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.xgcartoon.com
20	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
15	securepubads.g.doubleclick.net	cdn.ampproject.org 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	s0.2mdn.net	www.xgcartoon.com googleads.g.doubleclick.net s0.2mdn.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.googletagservices.com	3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com	cdn.ampproject.org
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	googleads4.g.doubleclick.net	www.xgcartoon.com
2	rtb.mfadsrvr.com	2 redirects
2	match.360yield.com	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	px.owneriq.net	1 redirects googleads.g.doubleclick.net
1	gtrace.mediago.io	1 redirects
1	ius.ctnsnet.com	1 redirects
1	google.partners.tremorhub.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	www.temu.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
188	30

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Frame ID: 72D84925E32B022BE2CA9B37AFFFA39F
Requests: 38 HTTP requests in this frame

Frame: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: FC8A47B9047975963D836755C58DA7FA
Requests: 13 HTTP requests in this frame

Frame: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 1B2F37F3B98C75898F1788AF76B2EC5A
Requests: 12 HTTP requests in this frame

Frame: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 2FB2CD074887D220D49DB3C5411DE10E
Requests: 11 HTTP requests in this frame

Frame: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: C08EF59506D1A4061DB754971AAB25E2
Requests: 11 HTTP requests in this frame

Frame: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 937F7E53715A73C1C54D76511386292E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: B0BE161D18F6F67EDB6E71BA6EAB87F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092370&bpp=173&bdt=179&idt=469&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=155936207&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080103%2C95320884&oid=2&pvsid=214877230266804&tmod=901488613&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bjf9xqfn4ifa&fsb=1&dtd=475
Frame ID: 6267185D61D7C970B1F6C18D7EA496D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561
Frame ID: A74C00021E49DDB9A356AC45319F029F
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092499&bpp=91&bdt=308&idt=408&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1319567451&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C95320884&oid=2&pvsid=4292321931000850&tmod=858934186&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iuj0ww2yrblb&fsb=1&dtd=414
Frame ID: 89A3250EC172461FAD6866E210DB4F5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092500&bpp=180&bdt=306&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=154463407&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079965%2C31080103%2C95320885%2C95321252&oid=2&pvsid=3968148918169647&tmod=1503829238&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hj9iv8vaxtqs&fsb=1&dtd=501
Frame ID: AFCFFC68E05C35D08A247E0D9C8838DD
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092500&bpp=190&bdt=309&idt=517&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1319567451&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320868%2C95320884&oid=2&pvsid=2366372167273743&tmod=1102808726&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.gr9ez490cjjk&fsb=1&dtd=519
Frame ID: 8E373C58D2815C73D0799E21A7352351
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNVmY9JL2i4NSPzI3PpnQ5jDr_SKcQ4QgE63IFaF_HzyamF4gE3DH6JpW8-9DUhR5siLyus2x_dJVDxXwliICEkgWTNutg
Frame ID: E65515CB48481D37A729FCA3848A8667
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 44B92A9276C4C05F6865C6027523627B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16DDF40BEB74659216CEA5BCA1BA18BF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9CAE27DB2E866EC7283FFE33F83435DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C9CC638DF5BF1B542E9BB9655CA23942
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNXi-r5c5ECIw4bHOe2WBlPzy4xO56ass9v2g4zfLvhFZDsSs-u_G-Vo1q93WfeC8LViAJvFha5HV1UqggN20qxe7vnfRw
Frame ID: DE650805B90F777F14541F871AC62749
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A81B0E83114525A901104A7D38979526
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19BBAB728F4459DC5637827CF3266147
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF182DA9EEF9BF48CEBACE0728418D30
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 424F660656B826D0853BB9FDFB1EB584
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0BF817C4182F495EC25F76EC45355DDF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1DAE61F9BC0010C4BD2CDB52BA701A00
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250
Frame ID: C5530EF655F8CED12DCFB99275D0ED2E
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250
Frame ID: 84B9BDFADAA6AC15104B5C013943E661
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E022F6C10B170CDF23371F9989CC22E4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0199D1BCA13467C9D51C3EF9DCE6E678
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA5AFCE64E148E66B06D88DCC184F0C4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7AD12B8CE491D04ECD2DD81300347F2B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍚秀逗泰山（Jungle no Ouja Taa-chan）【粵語】免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Page Statistics

188
Requests

91 %
HTTPS

48 %
IPv6

24
Domains

30
Subdomains

19
IPs

6
Countries

2952 kB
Transfer

7707 kB
Size

32
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYKqTS-eOlZTvyfdEYSbPQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYKqTS-eOlZTvyfdEYSbPQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1

Request Chain 139

https://px.owneriq.net/ecmg?google_gid=CAESEFqk2RCGQptq9S4HEDfuNlM&google_cver=1&google_push=AXcoOmRgbrTvBlkAwKseh0EeMLfV0S9aA_dWNa8F06-xbC67vq70whiuFAouOY4qHtUG2a5q9KviTqAqwsYaLD2dTU6DhxNyCQTsceAEIk1CXFCakuQXB8gV1ujtq_3wLy-bvRmJr7gLiYx0xtQRD6aU5xE HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 140

https://um.simpli.fi/gp_match?google_gid=CAESEKLHQOneWZiCqM3mvQhxk6s&google_cver=1&google_push=AXcoOmTdZu_HXW3wgdV3P6YW86WEKnJwTB5wzFDK2w412RpDQepAliRiWROM7-0jssJMNOxFsRtp1ZrwJFiRsoSvwAb4ugY1KNIOTKSK6AIVLYtvoZ-ZEIpg2rn637q3fXpJMcBqRZ_Cispz_LmjvXlztvsv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8002717CD1543F4BA5FA3FFDB28CDD4&google_push=AXcoOmTdZu_HXW3wgdV3P6YW86WEKnJwTB5wzFDK2w412RpDQepAliRiWROM7-0jssJMNOxFsRtp1ZrwJFiRsoSvwAb4ugY1KNIOTKSK6AIVLYtvoZ-ZEIpg2rn637q3fXpJMcBqRZ_Cispz_LmjvXlztvsv

Request Chain 141

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECE9JuAC6Lt_dXvVra234YE&google_cver=1&google_push=AXcoOmQsjUZs1w4vhutnw3DpVTMSt7J7I_0yTNE0149Z5aNFrbKVCoI-2oWaf81xfGedTTzlCL1CJnWwC6CrvJ1C7BJcwolYDnH9c_5yCKwdGHuI8K9Q2IP-ZV75cdqud_oaD80jwyWyuZB80cNVFhnJl8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQsjUZs1w4vhutnw3DpVTMSt7J7I_0yTNE0149Z5aNFrbKVCoI-2oWaf81xfGedTTzlCL1CJnWwC6CrvJ1C7BJcwolYDnH9c_5yCKwdGHuI8K9Q2IP-ZV75cdqud_oaD80jwyWyuZB80cNVFhnJl8w

Request Chain 142

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEIIxOt-AXnld7DmgsMTm2vY&google_cver=1&google_push=AXcoOmShH8k-ku-EQibKku7Rb-MUS0SFzZcLnNNFJOUEzE2Xuy0EWZh61zb-wBXEHIBhnQ41_1hR8vExdAwzJlyFVpBYR9FZaio8kB0ZdyUYE4eYGekioT588nCrf8-_vyK8YoENBb8EPIH8tc6BXjpYP6ZF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=867200920735&us_privacy=1---

Request Chain 143

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMlW7c-9wMzSnb1rVXnSHm4&google_cver=1&google_push=AXcoOmTTyrkm7UBEcjmm7g29Sbul8oicrpnWM2kKZwyJ9F7w7gnRzTJ_3usSzCQhQVPwsr-cMqX6wvdg62E-YvTp5pSX514PzT9icpQ6ZzXvo692QYb12Nay3HxF3ZeXKWvD_BWAzpVKGAQgv5Zff88YECFYBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NTQyYTk5MjItYjFiOC00ZTg4LTkxZTQtNTRlNjhhODNlMzRl&google_push=AXcoOmTTyrkm7UBEcjmm7g29Sbul8oicrpnWM2kKZwyJ9F7w7gnRzTJ_3usSzCQhQVPwsr-cMqX6wvdg62E-YvTp5pSX514PzT9icpQ6ZzXvo692QYb12Nay3HxF3ZeXKWvD_BWAzpVKGAQgv5Zff88YECFYBA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 144

https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEOFmYW_dQC51bsBLB8PSETQ&google_cver=1&google_push=AXcoOmSo_HSUa8FzVr8FN7UX8Yt-nznNMDI11vo8bwuDAO5MxLoEbX4Ug7w7vTK7nhR_jMi9xp9Q2r0wEgsBctFrgKf5e_y1xMtDjtldKbrdBHy2g_aGNmwmtpAwpNGPEE7XSrxfZiU-JABWdsBBffxUpBuxNw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSo_HSUa8FzVr8FN7UX8Yt-nznNMDI11vo8bwuDAO5MxLoEbX4Ug7w7vTK7nhR_jMi9xp9Q2r0wEgsBctFrgKf5e_y1xMtDjtldKbrdBHy2g_aGNmwmtpAwpNGPEE7XSrxfZiU-JABWdsBBffxUpBuxNw

Request Chain 156

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESELhe2cK8kAFvIDFGSbQbFag&google_cver=1&google_push=AXcoOmRGXo62bB6cCOLrtQF8U9ZFdMz3pUuUB8x8bsc60yAPYYEQffYD8pNP1rREdE5jEOqTBUWJucVL8HLdZpIZCQTxH2VABwJSCGjja92KJN9g24ur_bB4mMkiakqx0930EStWQDQdd8zQJb_005kfqZQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTcyMjg0MDY1OTY4Njc3NTY0Mjg&google_push=AXcoOmRGXo62bB6cCOLrtQF8U9ZFdMz3pUuUB8x8bsc60yAPYYEQffYD8pNP1rREdE5jEOqTBUWJucVL8HLdZpIZCQTxH2VABwJSCGjja92KJN9g24ur_bB4mMkiakqx0930EStWQDQdd8zQJb_005kfqZQ8

Request Chain 157

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTYmD4oujofJmdfa06bHmflpTjbJx6Jw6GO4phyu0mf1w9-j9QqdrhxpZA00Ho3ajNPIbrmOW-8f5rPyVfrf8dPSBFXclJkQ1kwAySoMbS5EzB6Hxg3R62mNPf-a8grwyx8Adw_D1zcCkuftkmAgjs1%26google_hm%3D%5BUID%5D&google_gid=CAESEPh00DKwqRHeHuoB_K-8enY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTYmD4oujofJmdfa06bHmflpTjbJx6Jw6GO4phyu0mf1w9-j9QqdrhxpZA00Ho3ajNPIbrmOW-8f5rPyVfrf8dPSBFXclJkQ1kwAySoMbS5EzB6Hxg3R62mNPf-a8grwyx8Adw_D1zcCkuftkmAgjs1&google_hm=dc9dc237-ee17-4508-a270-03438b15f913

Request Chain 158

https://google.partners.tremorhub.com/sync?UIDF=CAESEOD7PuN4DHiUgfQfjvI_5l0&google_cver=1&google_push=AXcoOmQI56r0CLWw0oJSMo-_6Fk9fM49dH--GHkYceaYrkubD3mnRzI89ADcNbuUCoo7GifjRVWZomySuTX_YzXpqQOQ6pn_mBnXAvsAtH3nWdTLzDac-wWl7YphTnYvfaqrzUGQsVDiE5ogE-bv19Dn5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ODUwYjU3YzNmMDY3NDE3MmJiZTVlZGZjNjVmNzdmM2U%3D&UIDF=CAESEOD7PuN4DHiUgfQfjvI_5l0&google_cver=1&google_push=AXcoOmQI56r0CLWw0oJSMo-_6Fk9fM49dH--GHkYceaYrkubD3mnRzI89ADcNbuUCoo7GifjRVWZomySuTX_YzXpqQOQ6pn_mBnXAvsAtH3nWdTLzDac-wWl7YphTnYvfaqrzUGQsVDiE5ogE-bv19Dn5g

Request Chain 159

https://match.360yield.com/match/ebda?google_gid=CAESENLvpeJvX0pILoePaVjafDo&google_cver=1&google_push=AXcoOmTan7C12qMWLTcbPcu40Pgy3bsl01LB_8YoDPR2zA3z4fkAwflM2DxxjmGm_ceU6maI4005Ovud3X4Hio9qQ6BZ26Czj2DjyQ2Tit_2ZI2RsLtZce7F69NDXXdbdIcSubpGBDDctzjdtc_OarAn7uj3 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENLvpeJvX0pILoePaVjafDo&google_cver=1&google_push=AXcoOmTan7C12qMWLTcbPcu40Pgy3bsl01LB_8YoDPR2zA3z4fkAwflM2DxxjmGm_ceU6maI4005Ovud3X4Hio9qQ6BZ26Czj2DjyQ2Tit_2ZI2RsLtZce7F69NDXXdbdIcSubpGBDDctzjdtc_OarAn7uj3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hiugRPkXRoiur-C6jnLVGw&google_push=AXcoOmTan7C12qMWLTcbPcu40Pgy3bsl01LB_8YoDPR2zA3z4fkAwflM2DxxjmGm_ceU6maI4005Ovud3X4Hio9qQ6BZ26Czj2DjyQ2Tit_2ZI2RsLtZce7F69NDXXdbdIcSubpGBDDctzjdtc_OarAn7uj3

Request Chain 160

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEJDhVB8uTjSjCet5eFAgu-M&google_cver=1&google_push=AXcoOmQKLPVMznWvtFZ4kAzxYEptITLmQZsegxKpcnSFieMU1Rr6N3bi8Hf_cz4QUXbn6lnglEFzVBBRMi6SzAzFChQchzLyDohC4xBr0BFLem8192uHPTkJ73Zs4AT38FnTwdyPwovh1r09zh1bnNNVWFDqHw HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEJDhVB8uTjSjCet5eFAgu-M&google_cver=1&google_push=AXcoOmQKLPVMznWvtFZ4kAzxYEptITLmQZsegxKpcnSFieMU1Rr6N3bi8Hf_cz4QUXbn6lnglEFzVBBRMi6SzAzFChQchzLyDohC4xBr0BFLem8192uHPTkJ73Zs4AT38FnTwdyPwovh1r09zh1bnNNVWFDqHw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=FvHU6sjuSLuobZHrPyzAug==&no_redirect=1&google_push=AXcoOmQKLPVMznWvtFZ4kAzxYEptITLmQZsegxKpcnSFieMU1Rr6N3bi8Hf_cz4QUXbn6lnglEFzVBBRMi6SzAzFChQchzLyDohC4xBr0BFLem8192uHPTkJ73Zs4AT38FnTwdyPwovh1r09zh1bnNNVWFDqHw

Request Chain 161

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBnOwqnzdRLoNEx1xHfaLhU&google_cver=1&google_push=AXcoOmRnIYWLPSCMcCJUmBX7AtylpBSelDog_cdR3NKW1nRJWpc88ByeiRtYZVy6dcLUF_riSYlv4d7lIxowLm2FLRqjj_UoBuvrMDb3rHo601FNWznH63gjUWSjeA2FveA6zpFjpDIldEZq-O2femeN7DJD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRnIYWLPSCMcCJUmBX7AtylpBSelDog_cdR3NKW1nRJWpc88ByeiRtYZVy6dcLUF_riSYlv4d7lIxowLm2FLRqjj_UoBuvrMDb3rHo601FNWznH63gjUWSjeA2FveA6zpFjpDIldEZq-O2femeN7DJD&google_hm=tCNWHA8RQ8ez3FAcj0QJYFE

Request Chain 162

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEODaYxLzW6Mv6zMa-vPU5xY&google_cver=1&google_push=AXcoOmSX-iZsU4oI8OTJ2n8mNABt70JvDExhDUPpJotwDoEfS4cy4qEMMLzKlL-rXqsBK70n6Cx7-T06bREm0IJpLrMy2o0Oe9ebWcZv5ef25zDw_meSNq1NlMatUx5PyffwowosrVOTptYiwyljJR_NoEc1Hg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSX-iZsU4oI8OTJ2n8mNABt70JvDExhDUPpJotwDoEfS4cy4qEMMLzKlL-rXqsBK70n6Cx7-T06bREm0IJpLrMy2o0Oe9ebWcZv5ef25zDw_meSNq1NlMatUx5PyffwowosrVOTptYiwyljJR_NoEc1Hg&google_hm=f34e9699379b96062veh3m00lqdj75xr

188 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye Show response
www.xgcartoon.com/detail/ 92 KB
19 KB 1058ms
472ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 280f86e83ea844dbbfe5e316c689b431c050183c9f9e8d4750110fee32cbd725

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 20 Dec 2023 08:48:10 GMT
etag: "1704a-wel4gTlg5Z9hS/pusWLk/pc4NFc"
expires: Wed, 20 Dec 2023 08:49:10 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 132ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 08:48:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73141
x-xss-protection: 0
server: sffe
etag: "20620290c9309704"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Dec 2023 08:48:10 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 100ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 08:48:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23125
x-xss-protection: 0
server: sffe
etag: "03885caa855825de"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Dec 2023 08:48:10 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 102ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 08:48:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9459
x-xss-protection: 0
server: sffe
etag: "8a483731af74fd28"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Dec 2023 08:48:10 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 279ms
227ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 08:48:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14979
x-xss-protection: 0
server: sffe
etag: "5c37322451a9f07d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Dec 2023 08:48:10 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 289ms
237ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 08:48:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15383
x-xss-protection: 0
server: sffe
etag: "10ecb1b2e6eeaabe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Dec 2023 08:48:10 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 110ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 08:48:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4740
x-xss-protection: 0
server: sffe
etag: "e23d2a0d990fab56"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Dec 2023 08:48:10 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 08:48:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10344
x-xss-protection: 0
server: sffe
etag: "710c75735c511774"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Dec 2023 08:48:10 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 214ms
214ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 08:48:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: sffe
etag: "f62e83b3b94bc414"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Dec 2023 08:48:10 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
466 B 199ms
150ms Image
image/gif 104.20.95.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 83869ff24c319295-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 250ms
249ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:10 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Wed, 20 Dec 2023 08:51:10 GMT

GET
H2 200 xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye.jpg
static-a.xgcartoon.com/cover/ 130 KB
130 KB 1186ms
1002ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cf650504545a55a22d26d38ba25af60a1436e5728e7c5d81d457bdca7441eee

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:11 GMT
cf-cache-status: HIT
last-modified: Sun, 03 Dec 2023 02:46:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0E2309D3BDD28E353F5E4CC624E3D573"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSV%2By8aJJwb0thRaDB7W7kxFNdBJ71cnDpiuyYZXdXiX6wtJjYFjBYMHCS4RUgr%2BCuD68H1ooECmW5KRr8RgyNAY2SlaQMYZUGTVQKu1u92nhKQKO7B50Dtk0nrJbgvbKYrnEsQP1uM5ACIAb3ne3lHzFXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 83869ff47a5437fb-FRA
content-length: 132997
expires: Fri, 22 Dec 2023 14:59:46 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 248ms
247ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:10 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Wed, 20 Dec 2023 08:51:10 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 249ms
248ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:10 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Wed, 20 Dec 2023 08:51:10 GMT

GET
H2 200 aerbeisishandeshaonvshaonvhaidipiaolingyanguoyu-yuehannasibili.jpg
static-a.xgcartoon.com/cover/ 60 KB
61 KB 212ms
29ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/aerbeisishandeshaonvshaonvhaidipiaolingyanguoyu-yuehannasibili.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eb41276f8c9a27aed86c57d745ca966fd54559cfce736e7c6a7ffa7f923d5d6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:10 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 06:12:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 56008
etag: "1ECB6475D00ABCC7DE71FE53216CED42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAcSnzy1yhjEMznIOhbHhMlZVIaNkGsC8YrLYdlEJK7pTUDqwxr2a8qs4cLvgV%2BUuvivEREMu4CQgKo8SF4JTsTUYPYYAk9lo7Kqq3Dn4dv%2F%2FZ3l93KIx9mH42Zd%2FOzOQn2324JP02fXh8l%2BuSEg6LK%2FOMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 83869ff47a5137fb-FRA
content-length: 61919
expires: Wed, 20 Dec 2023 21:19:21 GMT

GET
H2 200 jinglingbaokemengjuchangban2005menghuanyubodaodeyongzhe_lukaliouriyu-tiankaozhi.jpg
static-a.xgcartoon.com/cover/ 83 KB
84 KB 444ms
261ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/jinglingbaokemengjuchangban2005menghuanyubodaodeyongzhe_lukaliouriyu-tiankaozhi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a344ec333ff611306143c2882d086dbee1c5a7cdfa56353a66d3a92433b12cfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:11 GMT
cf-cache-status: HIT
last-modified: Sun, 27 Nov 2022 01:17:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "BA2F022A9782583CDB0DD27E176D0776"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8j2%2BSaBfwgJpyBkp9JN5cCcLAM9v1zQZbJKegLOX2sHB6mdEoov1T2bE%2BYSm5exWoA1KBt9%2BB4l4HgJoI5uzP%2F0BWXIl%2BYBEhZalKcIXXUmIvcnqO%2BgzIOtYvkhT0kIBckuZbSOV0m2fFcXg4qvw3TNCx8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 83869ff47a5337fb-FRA
content-length: 85234
expires: Sat, 23 Dec 2023 03:26:55 GMT

GET
H2 200 zuiqiangyinyangshideyishijiezhuanshengjiriyu-seguliangjie.jpg
static-a.xgcartoon.com/cover/ 10 KB
11 KB 953ms
770ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/zuiqiangyinyangshideyishijiezhuanshengjiriyu-seguliangjie.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b133c44d167478c2d73a749214437735f22d91fd96d14f78963c0a00c53b2b7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:11 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 13 Jan 2023 07:18:44 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "503386EFD3CFCB4F2565E4E4036D1ADE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=at1Y405u7EnfXUvODYyZapbSg4XstvI7dQ8UnzZE%2BU%2BCBTKS3yi1IBvEDIIYGncfYx2wMzyx34VFRshPk6cDfqfz9MEBkv9VCSeoxVMUhZAPY%2F6RDlRbyGmEIyNjkDTXbPggAY8ALzynRfdby88PZxNSuoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 83869ff47a5637fb-FRA
content-length: 10367
expires: Sat, 23 Dec 2023 04:44:11 GMT

GET
H2 200 renzheshengui03ban_di2jiyingyu-kaiwen_yisitemanbide_laierde.jpg
static-a.xgcartoon.com/cover/ 83 KB
83 KB 1189ms
1007ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/renzheshengui03ban_di2jiyingyu-kaiwen_yisitemanbide_laierde.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ad0f8b3d99d65bff9c05f3a82451e73ada8a360d9f83c9525c0de9e6183455

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:11 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Sep 2022 03:18:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "25F84DA94454E3394E867F3CF51500BE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHcA0ka5PMBF5whW1J3gKqgeDm%2FjDzqHSf1%2FwpTpB4eiB%2FRV0EnQvb4fbj7Ed5RwWwwVtkbWIrJF1fhZOSQ7kITXzY811vOjO7TmkflU%2BNHwNTT6HTiF3F5c2X3jrE453hm2%2FW7Nio8tl0pBECPo9ai3yr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 83869ff47a5737fb-FRA
content-length: 84618
expires: Thu, 21 Dec 2023 01:43:06 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 8 KB
3 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:22 GMT
age: 55908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "a9f93cfafa19b094"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:22 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 237 KB
62 KB 61ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:22 GMT
age: 55908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63654
x-xss-protection: 0
server: sffe
etag: "7d5e78ba8c7d5e5d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:22 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 12 KB
4 KB 59ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:22 GMT
age: 55908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3942
x-xss-protection: 0
server: sffe
etag: "4694a1430564add5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:22 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 413ms
363ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=6050001420&ga_cid=amp-HY6C0Frs5MVVogYJqh0gRw&ga_hid=1420&dt=1703062090873&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye&bdt=323&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9362dc45cd1f26c6dea5f05f08f3b26d8cc3ee5249a031a5d75de55fa172e1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13699
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CKvm2NfQnYMDFZadgwcdORwPmw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027453313
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 20 Dec 2023 08:48:11 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 1018ms
967ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=6050001420&ga_cid=amp-HY6C0Frs5MVVogYJqh0gRw&ga_hid=1420&dt=1703062090873&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye&bdt=323&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62d5ea40a6b5f35d6e00fc0d319fb30e068b819f2044f04bcad39b78cec2b1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 160x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13680
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CNWS2dfQnYMDFeCNgwcdBGMBhA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663388
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 20 Dec 2023 08:48:11 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 646ms
596ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=6050001420&ga_cid=amp-HY6C0Frs5MVVogYJqh0gRw&ga_hid=1420&dt=1703062090873&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye&bdt=323&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9537a238fae43eae49b9680c59f1cd5d4d326fb6be77e78748a0c54c2b519b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
x-creativesize: 320x100
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13722
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CKP_2NfQnYMDFXWfgwcd95oKfQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027455713
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 20 Dec 2023 08:48:11 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 827ms
777ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=6050001420&ga_cid=amp-HY6C0Frs5MVVogYJqh0gRw&ga_hid=1420&dt=1703062090874&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye&bdt=324&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d6292129cbbdd4c83ae0d2c15bcc28c493695433a77542b78a34c72af6e3c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x50
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13746
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CLaI2dfQnYMDFcybdwodr6sCtQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138353942361
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 20 Dec 2023 08:48:11 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 1224ms
1174ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=1004&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=6050001420&ga_cid=amp-HY6C0Frs5MVVogYJqh0gRw&ga_hid=1420&dt=1703062090874&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye&bdt=324&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6b82301d7d299e91943a7623ec5642cc219c75fc8409db48b63f285d0f12ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 728x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13707
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CLGP2dfQnYMDFYm5dwodKc0KRA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663415
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 container.html
3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 101ms
29ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/ 2 KB
886 B 22ms
21ms Fetch
application/json 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:01 GMT
age: 55930
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "e666ca0e175b1b23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:01 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 250ms
250ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye
AMP-Same-Origin: true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:11 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Wed, 20 Dec 2023 08:51:11 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 95ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=1420&cid=amp-HY6C0Frs5MVVogYJqh0gRw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye&dr=&dt=%F0%9F%8D%9A%E7%A7%80%E9%80%97%E6%B3%B0%E5%B1%B1%EF%BC%88Jungle%20no%20Ouja%20Taa-chan%EF%BC%89%E3%80%90%E7%B2%B5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1703062092&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC8A 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:12 GMT
expires: Thu, 19 Dec 2024 08:48:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B2F 6 KB
3 KB 30ms
29ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:12 GMT
expires: Thu, 19 Dec 2024 08:48:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2FB2 6 KB
3 KB 30ms
29ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:12 GMT
expires: Thu, 19 Dec 2024 08:48:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C08E 6 KB
3 KB 30ms
30ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:12 GMT
expires: Thu, 19 Dec 2024 08:48:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 937F 6 KB
3 KB 31ms
31ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:12 GMT
expires: Thu, 19 Dec 2024 08:48:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FC8A 24 KB
7 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame FC8A 25 KB
10 KB 120ms
65ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ecba293bbe768ad2ed68b2ebf4c8005b461ec9931529b164ecdd24b95c4eb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 15207393576646646684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC8A 203 KB
65 KB 95ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1B2F 24 KB
6 KB 95ms
46ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1B2F 25 KB
10 KB 153ms
103ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0980710eec750d23efdab8ccc9eb5c98fb66bf99e93c30978fc24b0620a52f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 998849249425960447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1B2F 202 KB
61 KB 74ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 09:44:43 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2FB2 24 KB
6 KB 70ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 2FB2 25 KB
10 KB 188ms
142ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ecba293bbe768ad2ed68b2ebf4c8005b461ec9931529b164ecdd24b95c4eb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 15207393576646646684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FB2 203 KB
64 KB 143ms
92ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C08E 24 KB
6 KB 86ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame C08E 25 KB
10 KB 189ms
145ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0980710eec750d23efdab8ccc9eb5c98fb66bf99e93c30978fc24b0620a52f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 998849249425960447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C08E 203 KB
64 KB 124ms
76ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 937F 24 KB
6 KB 69ms
28ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 937F 25 KB
10 KB 186ms
145ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0980710eec750d23efdab8ccc9eb5c98fb66bf99e93c30978fc24b0620a52f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 998849249425960447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 937F 203 KB
64 KB 134ms
88ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame FC8A 0
439 B 58ms
58ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujMQTS9jod9QV3MAEWkFjU9yAG-U_FWrNX1yIGXXVu0fFVHoNzKesI-T1akVCEgRS0mEfkWti6ZQCjOACsUujElrRew4pHT8n_1QSHdY0jyycNapPX1tUjy101FVv1BXmttwobDr7Eib7wUmKePggnjOBdcRXPsV9xhMs4xOccgIkx6HCGJulKliq_uNxkDB_QESlqNa18iczz3kkTX0acDIYrd9PBh607l-6mZOXsMMXtERWsWpysUv5OB6k6WzCAyP7eu1xqx9OX1gS1Dk2f344g00ltjq8KB_1gRfaoOJuNqbSkSEWBz7boCSr_1rs4xl38Q4gW53a-zYHztylFOvlFKLT-jlsErlIkj4TZgsvBz5X6F3rpzv4kgd0wABF9-wxgAY3x7n_E2oQwDQ&sai=AMfl-YSutISe5AMsEHBcKCZ55zunRiJ1P4FcF9TNsBAN-gfuMuV7BMXJLMcZzEWoKsfvbVj1XqzEKMm41OHn7CI&sig=Cg0ArKJSzLFHSwLOaP2NEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2FB2 0
292 B 59ms
59ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyD3BlRYGzZH16GT95rnx1KMzMTf4gTzN0DT06COVsZK4fGuypB4yfXbPjlnVNjSnA-vAvbZzWsIpMPmhDz0Zsk1CqXCJOoU_Kjo2k6u1zCMcR8btMbqYHZk4BP73lu8qipxp1aVcAojBMbWPNQ5N9Z9aCCzneqesjK3djLaVhbK2PITdU18TIPXCo2IVrbKMfb9C0YW23iSslUd5M3dT8xEPlg3CSgDYRRCw8MWvHq1ai46MAzug5KhkTccHrwnXk_fPyNvbKyf3nn7jygfx73EeqAZ2gUhO7gXXfbgR1Eexg3JlvwhA1cFiM8psvKfsCjdfg5X4oI5Py26ir5ePOk2lR2e_jtQ_F_9_ljOk9MPhn1B_CR8H4h7vMdMyZboIMK_Vc8D7I5v3Xeqq0&sai=AMfl-YRZAwdQKeXhViOjQB0afZQDYsP0_frMfE90YQwVNKZUNFtukAnU2_mhhHpETbOFc_BnRWIA1ndi1Md5294&sig=Cg0ArKJSzPO6L0zkt0TaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 937F 0
292 B 59ms
57ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgiwd8gzU3N7o1prmc96ZlTDYVdKs9Yc4q_k9p2j7_0BVv3RVdJnrYpruBGvjaC2fesplLxhu0wa5lzDWQmOQGOxN-GEYpBoATa_qfYJDmz_FwAbIBAklrXeafwJo8lfMcaTmjhWNdoTrcu6LPZNY1yn6lKJpqWMZplCtwbcx76DeN3ibZetNN-eW4Qy4WdyuM9cPjShdvwY86N28cGEAkdcYWi9u3fPc_EAZvuZUm41c5-NWWp-IWc_HaqjKunetpV1zo2vNB3EeFEciDCrMLCFwjHfn5SlSeR7Dejw9ZKl6XM5XGBhaftzxYCYvugUlUK_No8E-0GjFapPKPBjD2beZ4JNrM-d2tmOA7F9G6oDmwybYRvAefwFSZH900cZ2JgJzN3TPFeOxYZQ6L_g&sai=AMfl-YQz7a2EiJAGw5Eodx50UAZ4AvjCfBxIgrikNwDJmiq_lNNvPTQEgj38nnUmbCGHOesyzM2rTkeNyDR5BEA&sig=Cg0ArKJSzGq3kloBPkN9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C08E 0
292 B 58ms
58ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskYpiLgdUKIEkDoyBIxDmePRU_PicOYtT11anShPOeF_REZzOPE6d9_n6sOj3_WMwebG8F2hKOdH6rpoqOGueW7tceNaYu8JzDNAN6gxiX-x1MaPdIbz9Owgj8zcjtAkR3wIFCNkW8vijX-R0B6kCGb9Ww8juH9OL1jbGgmcj9Vr0sghMBwicWv0lsHa4uJjqFWsYc0AaXl468MQYimxvnH1KlZuHl92vHgNGot2J_jG5_qTS7ieToD7Pxzu6PWnzYtZRf5XU7aF5rTCyJ0wdJp1nqtQIoM0XQnd38uNYjuh33rEOUIwsauekk-lZDp-I8zwH10O5hnoUcjup-gIu8mMGQNj7hgVoHcjYP6FmhCTf2FhK18wK9YAeEYUwoRw3xnqkaplya_qtnBZJm&sai=AMfl-YRwJq-iF9KuMsyigrl62nSTsCfYPFy7799QGciSIkPJAEj65eTlfja_4wDiHXT6zSDmOuMuIILuKgMOwOM&sig=Cg0ArKJSzL_o-8_ZhSNqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B2F 0
291 B 59ms
58ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC6chw0Nl65vxNlKzJ3WXx9K-DWoWlWEsHfRoSUaBkafc1hvWtk0rieOiFYvp4W_9Ejdu-Cx-EikeLCkcSUXvNE77bsHAlhUgcIQlD8EqE5haK-N5ogJPl-W0TBB5woeEQi1SeRd6p7s436Wp250WRoo1XETYcKl530_5-_AfTsG3tsMldQvRlpKJQXyhH11TJpV3PQHusXkdGzvo--pQsQ3GK5spN90LM7N6k7ZZjX44hnCNby5llsqjqAkM1ccc3s4C1SylqPn4i3rk5qyZZMc4ExoUi2zKkEcaltfWsR3-fEF2Z13fXOXQhsKkaNbQic92i1oGV3aNJftQEhpqwsT_KvAo5Lw6y9rPnZg4pUXtHxsnezaYpZCVXPBQWcpGwbccFjuExZgEoqxrp2g&sai=AMfl-YR-bZ9HalW25Skfz1STpdSnxWT5c0YdOmXN9sDaMjdC5BJFOBTk5INqyS8aePGHLXdX_Rejv4DD8CIenMA&sig=Cg0ArKJSzOgcCL5ZiJDhEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
URL: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FC8A 145 KB
50 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55008e654cf24202a02fe1e995569131cf9bcb74547744356d229ee2b9453c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51243
x-xss-protection: 0
server: cafe
etag: 4156606316124758017
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1B2F 145 KB
50 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e80169ae5fcf9cb8c3dff6c4f00eb135c688f11614710f1cb4060cf048aa247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51243
x-xss-protection: 0
server: cafe
etag: 15718873604501219500
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
DATA 200
OK truncated
/ Frame FC8A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3a896cfc7bc6654f2d59b53bf42e1902a57449870561fded7c856008bbb0186

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1B2F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33a217db3562157c597d346224fb666a4947ba2d16b96a4f5f612f3695062938

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2FB2 145 KB
50 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7650b6e971bcad082c998b14492aa12905d8f38b1bae482240ad3913b5ca8461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51239
x-xss-protection: 0
server: cafe
etag: 11467852203404852670
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 937F 145 KB
50 KB 157ms
157ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

805d705fb98484a9d3f77eaebf83d7489fd1ddfba6f663f60184cedce7c91d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51242
x-xss-protection: 0
server: cafe
etag: 12795838805568896529
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C08E 145 KB
50 KB 159ms
159ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c206ab4c5bcc0e01acd9845af17416822ff9e33a9c660d310ba4f9aeebc8801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51242
x-xss-protection: 0
server: cafe
etag: 12810010903941230354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
DATA 200
OK truncated
/ Frame 937F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61c76ebda0a5b3aefb5a39cb19efb4478cae42e1b252baf8057cd60e362d1deb

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 1B2F 399 KB
135 KB 139ms
139ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f71cf43d2c7f291d9b1bbf3d41aba7b86834718cefcc173a2407ff7dc7e4b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137927
x-xss-protection: 0
server: cafe
etag: 8975419293502978690
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame B0BE 9 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 68314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame FC8A 399 KB
135 KB 222ms
222ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f71cf43d2c7f291d9b1bbf3d41aba7b86834718cefcc173a2407ff7dc7e4b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137927
x-xss-protection: 0
server: cafe
etag: 8975419293502978690
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 2FB2 399 KB
135 KB 198ms
198ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137924
x-xss-protection: 0
server: cafe
etag: 12092095142277381491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 937F 399 KB
135 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

698bcb134accc02c2a6d8ea90c2bb1eed8ac90ebbd55ddb99441cf9898c99733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137924
x-xss-protection: 0
server: cafe
etag: 11781895738544162849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame C08E 399 KB
135 KB 239ms
238ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f71cf43d2c7f291d9b1bbf3d41aba7b86834718cefcc173a2407ff7dc7e4b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137927
x-xss-protection: 0
server: cafe
etag: 8975419293502978690
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:12 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6267 603 B
65 B 387ms
387ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092370&bpp=173&bdt=179&idt=469&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=155936207&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080103%2C95320884&oid=2&pvsid=214877230266804&tmod=901488613&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bjf9xqfn4ifa&fsb=1&dtd=475

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A74C 25 KB
12 KB 684ms
684ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30b0ad712342f020589f8b282ca1c6211c67e522b2d26874d8993b2c95d966f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12071
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 89A3 603 B
65 B 384ms
384ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092499&bpp=91&bdt=308&idt=408&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1319567451&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C95320884&oid=2&pvsid=4292321931000850&tmod=858934186&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iuj0ww2yrblb&fsb=1&dtd=414

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFCF 25 KB
12 KB 409ms
409ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092500&bpp=180&bdt=306&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=154463407&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079965%2C31080103%2C95320885%2C95321252&oid=2&pvsid=3968148918169647&tmod=1503829238&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hj9iv8vaxtqs&fsb=1&dtd=501

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4686fd58f7a38dd4c62b17e69f74034cefb50698c500487aa3359cc874c50f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12097
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E37 603 B
65 B 387ms
387ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092500&bpp=190&bdt=309&idt=517&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1319567451&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320868%2C95320884&oid=2&pvsid=2366372167273743&tmod=1102808726&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.gr9ez490cjjk&fsb=1&dtd=519

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B2F 0
0 149ms
80ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuB6LFL9_ILBs-tvS4KCQa8qjuO1SRmxG1DE_BNtdhkD2olDFk7D3gRA3iSb_3p0aufAkctb9HlF41KTRNkJRZ-Euqdm34fAxEoEi04Tk-aP7AYhvn9CbFIUZOo4trOihTfT1mfPFcMYPkjgH_jbHdCFE0GXadgNLrFcppQLNXXQ-n2oavsp9e2iQSMJ_CaY7J04JgOAkTpRmy1NyenPLKY9D4U_2w8ntjn3o7x6Tu6J6_EfxYfI8YXCt2tkyuIzjMoKcOE_Save1YAsJtobpAYE1hJXtU3-jZH5trEPCt7RV6RIPmLUwQNZtUmWL7nesWxzmJPHeLTBoSMO96lnaHlHBFAIxk8Kox5S1v_G-f6XXy0aaflxLPZv1NqZvjHDqSpQFlDKIJdZrghrRKlDURV&sai=AMfl-YRi_dgG-XGwE6boCJk0QHP-GrVSD9J22zbusO7ToEmzoM3zBWzLdNFyww_zB09GzLDLo4Xx1oMiiAbZgbo&sig=Cg0ArKJSzN9gmCuNJMKwEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:48:13 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1B2F 16 KB
12 KB 147ms
104ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af9e7afc14e7b8e0c9eddf36c736af5287dafb307b2734709bec7cec2b8d54b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12143
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2FB2 0
0 84ms
80ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMKsExnok2x4nwylmRmsescM0f0q413Q5tjo5uWvi-24_aHnBYJZb9g0PpdePVA5BXXak1jUQGypjJQnQvpmZlPB1zjwwufOw2ZAkw30heQ5RGvJKgBlhUUhIqprYYa5Bx4nwhX5NQBSLgnfL2jslyZynH8CBhYNky7Ul6LZT2Xrj1jZwDvLQRYXKAJrUP_XWLj5omE2u6r7sD0W_XKAEOfuZ4KE3bEtEuB4PdRaAaV5cna69yN4e8pFaW43KW_fNjWMMehgtDmFSMXaXQmkpjlBWBHTKM0fGqtxaI9NuDQkPp6F2Er8g3pPhs6Ov76HxJv4w6A4p0iha1pISPjReBDKkx2d-FQeEK4iIG0ItyyYGHF_MSHIL9XbibosiIzh-pTMxAtspZq5M2m9PbduI&sai=AMfl-YTYGsPrSxdkI9Wz5Mv9O9nHgXifNYXI91MuhrQP7iLDDFsk0wQ5rT1Q3_6cjc2vpUaWjih2ZK4yXzIW4-U&sig=Cg0ArKJSzKG5caQmHDefEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:48:13 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2FB2 16 KB
12 KB 85ms
84ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99189ffdffefa9d1ead94b1b69695413a571594d96dc307d76179932c973d462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12395
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B2F 17 KB
7 KB 75ms
67ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 08:48:13 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2FB2 17 KB
6 KB 137ms
129ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 08:48:13 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C08E 0
0 61ms
58ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxdpnKMfXnvsK4c7jfrcdkeVn5en0xtwRztT88th0KIi5D0QFqnM-hTb_xx-q9v_s-vjcw9s8lnWqjPIZ9KJ-slB4_VwPmkXeI-cP41wW8ko0IafRjkaxjND8j_S39YoRoTNC3RLQLgvsSmGfx8fJttKVGys4HLLeEmtrEBiID80njp_Y-mVbm9S58tncp998FzisOCdpH6FqmHqNFb0Htxh6P9hMi2yxSVTW-MfSsSCV3NIWkNCYILMX_ilk6j7nnDN_IDuDehrN8xGAGr4_0rQwg5LjvvLf91YXiX41Euoqc8a-kteQPEba5mJHKvlYjpVXJZn6iXYUDajSLXbkrjSZNAafDPCJkljyROClzSVu_AN2S5tkql40-Kcfs5s8070bx-X6YYf-v_l7o570&sai=AMfl-YQCXtOUUVC6LRCgCfi5F1vJCdteY3bp36Kf6Y5-t2lUt7uQgvUObmzKkOcHBEN6AEqfAM_cvyRLxdxtzF8&sig=Cg0ArKJSzCsQ0ESxUJFDEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:48:13 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C08E 16 KB
12 KB 72ms
70ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a29e3e3d701d573b26bfeab8aea062f691b80e5dfa14bdb8590d4676e7dde1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12315
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFCF 42 B
63 B 58ms
57ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AjSxUyzYpOd5lsmtde6KYk44zOjR5AejLmFd2I52QoSgrMByEpzu_A39Vbdz71wTy9gD1TFM-saG6iUV0qx9c3tnCnhEzFBxppJb_0XaKxX9G51d8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092500&bpp=180&bdt=306&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=154463407&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079965%2C31080103%2C95320885%2C95321252&oid=2&pvsid=3968148918169647&tmod=1503829238&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hj9iv8vaxtqs&fsb=1&dtd=501

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AFCF 89 KB
31 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AFCF 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:15:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AFCF 20 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AFCF 0
0 87ms
31ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyw5h5rp0Lhgs7RaD0ValUetQQatCTfdu4bkByPdxr2c33bLR44B6rtMA6llmCUrLQCYOG1VA4kT5H-usJrTjbbot0PA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092500&bpp=180&bdt=306&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=154463407&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079965%2C31080103%2C95320885%2C95321252&oid=2&pvsid=3968148918169647&tmod=1503829238&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hj9iv8vaxtqs&fsb=1&dtd=501
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E655 478 B
195 B 63ms
63ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNVmY9JL2i4NSPzI3PpnQ5jDr_SKcQ4QgE63IFaF_HzyamF4gE3DH6JpW8-9DUhR5siLyus2x_dJVDxXwliICEkgWTNutg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092500&bpp=180&bdt=306&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=154463407&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079965%2C31080103%2C95320885%2C95321252&oid=2&pvsid=3968148918169647&tmod=1503829238&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hj9iv8vaxtqs&fsb=1&dtd=501
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFCF 203 KB
64 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 44B9 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 85103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:09:50 GMT
expires: Wed, 18 Dec 2024 09:09:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 16DD 829 B
1 KB 34ms
31ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6f3ce8299111dfb28b94795f659e05cca5a494e08c89b31c332d2ec400483ab1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lfHgXRhEXhortTn5Qcq6Zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lfHgXRhEXhortTn5Qcq6Zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:13 GMT
expires: Wed, 20 Dec 2023 08:48:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E655 170 B
243 B 97ms
37ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNVmY9JL2i4NSPzI3PpnQ5jDr_SKcQ4QgE63IFaF_HzyamF4gE3DH6JpW8-9DUhR5siLyus2x_dJVDxXwliICEkgWTNutg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E655
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1

43 B
335 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNVmY9JL2i4NSPzI3PpnQ5jDr_SKcQ4QgE63IFaF_HzyamF4gE3DH6JpW8-9DUhR5siLyus2x_dJVDxXwliICEkgWTNutg
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vro9B6EiXcDt6%2BektqwvjqaDSUIynrsmXjBaxcJ7WiDGUHcWu7FQlD1vWEAkHb15817eW9ImosleEia2fVSaircZxEU%2BlbHKTM7rSEZZ08FlKBb5iQuG2ALCzvgZvbLPxN%2F0c9ZEsoeMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8386a004fc24bb44-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E655
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYKqTS-eOlZTvyfdEYSbPQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1

43 B
769 B

49ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNVmY9JL2i4NSPzI3PpnQ5jDr_SKcQ4QgE63IFaF_HzyamF4gE3DH6JpW8-9DUhR5siLyus2x_dJVDxXwliICEkgWTNutg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PR6WYnJyukTQqdzhBTHZF3Y%2FjaB%2BGKBlUkGFPy892Z6xcVySDYjjGCHPfk80fj09lbleQgTroObv75RjoPmiHdJNzRMb4dTPaVoYfSEzTRr5NqtvPV2Zh0Iqc2gCLOFKnliR2F6GGQckhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8386a00559262bea-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C08E 17 KB
6 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 08:48:13 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 44B9 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 16DD 0
0 57ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=214877230266804&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9CAE 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 85103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:09:50 GMT
expires: Wed, 18 Dec 2024 09:09:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C9CC 829 B
771 B 33ms
33ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0bf960d4966534c32afe89b32d9cfad4ca0d0bae39461cdde61f54aa6a80c89

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k8x8uIf0d8W2kJzSBQkc7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-k8x8uIf0d8W2kJzSBQkc7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:13 GMT
expires: Wed, 20 Dec 2023 08:48:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFCF 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8112323597348&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFCF 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8112323597348&version=m202309260101&ct=119&x=1&cor=15361216482400518000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AFCF 90 KB
37 KB 200ms
199ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3a8GDWYx2z2F-Dfi0JvQP5U6EnT0-96wpk5pHqGxDG8tsxpEzPml9suAiMCaPvxJEQMpnAwsGCkQ89XwN_8gOWLXd-aQLrluJKYKcmj2QyDvRCq7I67GQwTDloaex6ntNrpWYnwSpZSQtwOGd-dDeKeXiTmbtYqXTUxaDfvyqL7duVH6M0OAfmplSPoBwH2BLMKtR&cry=1&dbm_d=AKAmf-D8f9hDoTHI8Cu7M-yjTywftuU_60UoOOXbv1qAxpZ5h2tbCZDSUFjBz38slvNlZbK9NujHGUljPtUhtHsgmHxCB0hG6pjaqM38zyJ2QUyP854fYYZpr4m-mPEWmoPr06J6fafgZdKP8B_RdUpn6FIgEuhP9XN26AnF5jPGUKlwlUYpGiB926V4SIn30XZx1xanh3uem1fyvCose4R_ZCAUtd6jDSes8FuEEbh7EVpSpzE_7mxOIOQXDJI61GJ2U7ozjur0NoKS5Ft3SizOovdizcfs_k1ECNjDuIajB2cpMTGQ43ZnUYwrczo_1-k2vulRXB3TsAvefRKxuT5mNRA73T2ocsgFOblCMidDmnEEobzuD3vXR9wi4wR8AQ_eO6mm1G9bzFV-r90A4sVX9a2zB2Eb1gnJSfpISFrfliDG4Si42eUPLvDRI2BWD6D3QKwdwMBBOn9TqDYHc2YyKZhegPVZrHeeUUwZoryOGpWb19diQILlQIuZU7Gwr9flk6BeEd-g1M--SGEuKGSmxnckuyBn09BHFF60WKeqwNk7NeJHjOSMWN0AqbM5pUx4BRKkbVwqcnoGWvCRJfK6Nglo3wYSla39ncIAiHW6hPgiAWlmbh8_X1YIhJbsoZkfElOh5LYeMBkD0DrZhnR4kk-TlyyPTjeg5nePVUKnoL--JZJ1lK_ubZNCJ03bzQaWaKo_C7q31xVveUDf6SdTiY67lkfdyUtyp9_hgPGCJtmLuuD1kI1TCrb7Y602871T6hkyW91hZ9xStClLAjHzln44Caly_UknancKUhzjEcFFPDTwqjLEPuY29m7oIUcfppsrnFmU2B20_twItt90IUqjy6zYdW4cENdLI1P3O_7viIqt6s3D0TW8gn9pQBEbV1ShENeEWP6brx2p6ixRPSyCw5f-2h6MGg9PCqnvfx1wCCduR1aCW-VkbtMANOwlXEajalopMc1gZ5nmqDOUP6KHpwhCJow5H3Ql8tDgvq_eJ_H-DYiq-hsiLlpZHZHP6kZZcQc_2v_l7DotanSmlBz2YIzXP7cnURLFbxCNTPHMxpN7FBsAyV3uOYR_Em3N2CQ1RsxkEQSf1Hx5-rTR2cG8qsuR_hdPdzHj0B9hoWFDReyujg9vKb4dPEs_ozHLjbSwFaxUoIoK4pRdKABlh8unMjT4uThLz2dJHB67j_hi0rxkSHyBZwzvaJK-8q9v7VCQ2h6UGHdOx7vgPlGNPIq9DUJKtWcMgEMyOrVZvRL1NM5AQuXSyZ2Tjm23OdbObGhsjC93CiYj3PwienPMTy3DSBWvNdcHkp6ksCyuAHupKyk4SWzYjU_NpBNAUJWyT9LT78avxYaXPaDkP4ug63NhgDKOuSwFBSe9lPUdivxVxgwmoVpjVsVugR_hmnzhq-yKGLcpHQbmTPv_gWtTCXAH_t2s8m8pkYWPXVeqiiGFdb-yjg70RYkjHxtt4DvBuurfPoVabPdIJy-4-9kOq6VQ4FMyYceTQsL_v183MFbcfvqw4z32bO9BKyw_gzYXyn5RJi54WcgohZg1u6wmmfVTh11SX-pIkKV4pBDclXjJpeQQZPyKBHHT76DnK86B93Oj_QCyG_ZxDqK4nyS7QZZKeAfQAwJ_viJNU-Izyl5Qh-imL5YDk9NE_LnODVaWWGkf7zTh600zvSYIB5NFkm8XqC8cRhDBBlwH5uafHclcCCjeTaVTyxim5km8F3cuURdvD_4tXDCxOx0eEBl2BnlYImd5Ztmacr6uojAqgLR8wsaZOqA1ZPXuRVFHrnWzoKGx_CX3SQqMDNB5yWshWjADtzsIcEH432PSQ4-yFZMVHwE48S6gdlcfCCKLyNxpDV-OZotSlaBMEd21NZnVO5VReWOv_xtObEZZgTnA4D_NIZfEStrjJox6FioFABQON1c7Q_lErBXgMRg8i3TBgiDM2qYCOw2vg-EvJW47ujYNCZLJYXUGIbvcrEaV6fj--MG3Syq_B_BNwv70wt-KfPF0Ld39DvQAQQDcWbfnRBc4LAhS3RXzogmtq3DfFlABogS0XFJP80zFWgAsdCZIGgZ54dqJZc2p1P2ttU1e7kMhuUCBmvB8OkSKQUzw_BAY25WI-_ojnuwRM0Gd2jSabV9O0MqpW17zd6EhcjnA6odsa3avdby4oTyGHBuaGB-8fB0cmplVixH9zLSSpXq0hH19i9XFhZxbyS5VtcJ2PutkqzEc0JfhoCphlWJWRM-gWWhhplJyjpwpD_8OuIvsoF1Ur9f6fsQbH1piwMDvkex65fk-h2rqUBHJuyzkeFKF0IjRdo7u6tm1Aafk5XQ1ASMjAbtNdp5L-bMUu5Wt86AjurwSBkau1dXA7FHJWIWlNElC6b3wn92pCivn6KfNiz7_DM5FCe8UqVoSt3t1ShxJSs2LhSA2x3ONonoVTbAnsUmXGs8C_pf0V7GRSlj30FGFCKQ8qr7Oeo0iUMKBK4APXGxjuM_zW6lncRQeGLKqb5VgsMX9y5T2CnQp6U4juQOkrrwUwyIVKrMO5j1MbzRieb_VjJvg82Y_TJ6h4-lNk5Ckjth4QpIknglQ3VvmxAi2TJw9P7bAJJaG7E9RgbYUGEa3zDFfTa4oHisMmQDHZGGQ7yOXnMkZS_r4zxwjyB1aIRXZIqD-YBFWLDmN5lTMXU3epD3DP8qpLC9UOvBPIAkmdGHhaemkCoC6jLc57XOx9Fj4vs1wjgEFwmYP1XI2RlkBlJnFJyVw6TcPOz2al2fkFL_QoKJtK_2wgObxD5RRNO_5wnF2QpDzZHtO-cdbHN0BkVT5qQd5w8EL9n3N42US8gZ_dqDSz72MU9N9rWGGDy1Q7oRTfUqA7IeLNBFAtE4llkr6b2CEMiNkaaVTVLdPaH3vZg6a-ZXvN_F_s0P45O-YEbINJi3sjKau_HP0kC1aUbDnWQ-gsbg77i7KYOlC_40x2cpGDTMWhUqQMyC8mfOsy89h_wWJ-fGgDp88n2DJuOIEeVTtZQyOw1eGyqOKCFUcZHD6FWBBEAoa1K-UJ6VhMBApkH9hQ705KI_K9Ehe9b3rwsV-QS8XJNfcxmMmxwpz-1wSE55CkfTEEArFz_jxxbTXSwAH8pY5-Fe503XDeEBlZ0ld4voUFUgqFGFMI2jb1PNFC-tzesQW35UiB8QmVVjeRiXommvhZ105IU6_FddPUV7MYoONnpMmgfkjMUnCpVcQSGZUR7s8RPHAPjC_HFCy1ASpxj7BUt_pgGwdD-2MYW39VA4kRICVG_ZeChS0Ni54DvTW1-JP2_SFQpsgdUQich_rknxTXXhR_PX_Xz_m_OB9wNrjNT-sAP53t9GRTePtpBsnG8C32MV4WDf2Uz5-ElT7gEvDIsvJROyNi5uYp1TTMvEG5KLc0NGe-CcrmbtGqbnb5kXnEPe9fVR3G6jOvQ84NcEzm9ruYUvemzc25mmv2Xq-w_gEZ0kVgBKCVTauSKhOklG6KYHZOQrHrJW-1XoDf8mbfSq4TVMLUkifOfdPpqE2oW4uvGAYNSgnjHdqRUpmcq1YlJmjaSZHpyQQonI1AeWvnXV5RxECwqGxQRGGsNqUs41hGX_2kehGc2jrv17pbFL8HqMifHO_llbzty7SxikvGoyFIYpHr-MOdo9VO5kaqGciVocj7hVq7aXZR0TPlsZBrlxERZOefLw2Xhqx17PpIOB-7t6ONcMLGazyt1MJgWpIeKhk1kDKILmQSKLuBHYuVPZRQhBmSrVqidhzIhHXKiS2R73an4MJh3ihqvei_IvFvdtwkvRSB-Q9EDwjGflV3a1OYLAAWYTorK_1LAJbaZRz2H6VWBEwj1s8qrFb8x8V6cH6In1d6LetwWIoKDILk83MGFE8xXzfBi7m3bMjBOJlwYC1DfcqlG3MfkomafcT49pUohAGc1zxoXYg6D3mbQCYhjfh9bCFmaycAEfJdAyBS45K60g&cid=CAQSKQAvHhf_P0kiiBmTRL0guBSQ0XMbG1IjIIKC1K1RuzZBOCcLP81XFYRtGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=15361216482400518000&adk=1761367584&idt=132&cac=0&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4944203b6651989334f02e1ba64dedc3b89692b19c39d341eeb07859b37c365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092500&bpp=180&bdt=306&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=154463407&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079965%2C31080103%2C95320885%2C95321252&oid=2&pvsid=3968148918169647&tmod=1503829238&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hj9iv8vaxtqs&fsb=1&dtd=501
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A74C 42 B
63 B 58ms
57ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXSW6d0iW5yfEvtqaMqfl5nP3ac_6kpMKcPniWC_02RnHKiaC2vHgImn-jPWiPXmLY4md7orPp3TUPkqEaVjVmqEg3M1gB9chM71HFZdZYy_pBLz0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A74C 89 KB
31 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A74C 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:15:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A74C 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A74C 0
0 32ms
31ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqgK79Q2hMUGWBWjdDnFhRboGZD3mmExTpdAcWs470sfIKxZwM6UPOziB5q-ssO98SOmrXYD4MR7M6jYQm4vRre7kQiA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A74C 203 KB
64 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:48:13 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DE65 478 B
195 B 64ms
63ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNXi-r5c5ECIw4bHOe2WBlPzy4xO56ass9v2g4zfLvhFZDsSs-u_G-Vo1q93WfeC8LViAJvFha5HV1UqggN20qxe7vnfRw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A81B 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 85103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:09:50 GMT
expires: Wed, 18 Dec 2024 09:09:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 19BB 829 B
559 B 34ms
34ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f20820ed9eac162c0335a48affb7b2e67cded868f83df1335eb18909e323a4da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IicgaW0XWbIpJ4RcB0amdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IicgaW0XWbIpJ4RcB0amdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:13 GMT
expires: Wed, 20 Dec 2023 08:48:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C9CC 0
0 57ms
56ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4292321931000850&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 44B9 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-8O9mg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CAE 39 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 19BB 0
0 57ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2366372167273743&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A81B 39 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame DE65 170 B
188 B 32ms
32ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNXi-r5c5ECIw4bHOe2WBlPzy4xO56ass9v2g4zfLvhFZDsSs-u_G-Vo1q93WfeC8LViAJvFha5HV1UqggN20qxe7vnfRw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DE65
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1

43 B
732 B

38ms
38ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNXi-r5c5ECIw4bHOe2WBlPzy4xO56ass9v2g4zfLvhFZDsSs-u_G-Vo1q93WfeC8LViAJvFha5HV1UqggN20qxe7vnfRw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuFnhdaLTxPW20St%2Fd6fMI5HLUnJEkKpq6uA67NSamthFaSRJC9pVwCJcALkeNpq1OyED%2B1JnwqCh46oFMJsng8wgcMkDobEdGelB0QOz2aHCzqmQN%2BYt0iHq1fZTNPLG6v88dUaQdHyRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8386a005b9d62bea-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DE65
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYKqTS-eOlZTvyfdEYSbPQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1

43 B
734 B

33ms
33ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNXi-r5c5ECIw4bHOe2WBlPzy4xO56ass9v2g4zfLvhFZDsSs-u_G-Vo1q93WfeC8LViAJvFha5HV1UqggN20qxe7vnfRw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePkBZC9CnLPgHuTMMeurt8L1j%2BvgXJXa2TX2qO%2BhTmHVsVDZF8W7tUrDUe7%2BBT2DMQy3siwyJoc%2FNNP2N8rxBHk6f1SJtnTVd3vB0QnjUe6SZedRY36mvRsO9Wb933h5EL6eyoYLeqaOlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8386a005ea292bea-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY9CsSb0JDVeqmh6V_Cq7w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A74C 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1855876140655&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A74C 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1855876140655&version=m202309260101&ct=119&x=1&cor=1837727128893538300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A74C 90 KB
38 KB 195ms
195ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COorsHHrWEpq5zmKyUDXj0cRpWk_ZfH9LCkLGOmGAaNWgQhSg96vTV85CLf-7dWLCYlxV6jdEu15_9QBffIaZMTt_x4D-BignUFfJxoCzZn9mleoZmh2-kX7rXjycRgZtu2EXmQz9bynVCFXGR-P_WHLepnZd_RzTtf-YDoUlfxuUAGSt48TSAzyuFAbrhDyOCH-6q&cry=1&dbm_d=AKAmf-Beziess9qjssz7bRLvu5SFMtw3bCP51dorWTLcK49AqHC9aVXpEJ0V88R5jq2H2Z77QAoORXkulUcpHlWYB0xpyCNNf4MjR-PCE0ro2IBiIhA335HB1Td46BxpFP9eaJBgexoyc7zZMTdj27nLSALmdK1FPFQxQiS_Hv9bco5g8pgLumg49xxAPt3-zmyaoSgfcRMbld9TwNt0KRHjmeMSpbb6lcqIVMNKYi3IP-1wEAQ4RZnBjLmOiWUwto-bkmeWLpPBuvO-lxfA0tJyaDawUx65GAZQZTJKLzaxc7XMtBemQWn7zgvzzfbox7gPleNhyQuQ3W6EGDmiNPY60s30CLHcI3uOBvSsuR8YP4WTesxDAxgjS6-wkQf4nxLEeZIBAQmWiih7i2xMsZ0y04YpwZ7zm1nP01vhKmFO0c3tyDv2oRBp0NWarxtSSnQ2twtYWI_F_QSw2uA_taVOL1s70E6vRjPFfDz-ldFc7EqpbHAx513ADDCCWvYQuLMUeO2peraAcxPH9MLCiqvOiPdujO7A1AnJ9XZShphhgsh2Sl0BeYiX9Cc7p7u6UGJGOFWKc_omG8aird0FAavJhbZR_tBs9LZ7daxgMlkB0AEAszl4x4syyj5Fw07A5bopi50Imf5TuBOjask6VkqackuN2TVrlfDm7PKdfuKX4JsY1R8rV2SxdyNUXY4apFqFyOgwZPGnk_UKB6LIj2RtanA4dH_ZCgZ3FMrZrYEAfUs8_hpEPRQyYG1s9EiN_RdOf6oEzlQMItSVgwBRxV7qN694u9nlUxiA1GnsvFaUpkb2VcdNFpGsDFySiUcFu4gAl8duBzTZ60kHwfKA-FfKTSBxWUO5_KooY8QJhdRMweHWZfGrU2hiWtt6x4lLxTPl8KaRGwc4q5gprzxuD3DSC3QeHONUlQ3uSvkk-7iYScKBB2iVH6l8TSUUBtqZJf_veM8cOtc_BtYAUz6MffZJr0q8fjjV3MHj7zQFCqL3KwiBN3I10Gsrfc5PWcbSp6yYEIa6nG__IPdlHsHslmMn4AYwITAYJFO2pEnhU5_qQtIE4F2qDM5kO-vHfJ1YLJAEyv1zDHd1DXgO8TTzqgb71-bor3tfIY1gyN91blmH1fCiSfHC407HA4SAE1KuadnsAM3kA0iKXIA4RqK49Kpyp7iq1J6WGU66gj44aeIEO5OLsTgWpARelejblSeah67aBlmGUY0pLPXvHgAtiOrTQLT7SPYlGBU5q-EQSCaLUR4UHGRR9rpnKsinyfBGdP20LV16Jmy-9zxuP--twuuPQhqiaQ5D_BZhihuM3W2F0xjWfktHTCCEaf2EKXIT5SAHkL2uWvahpErXZdTeh_x0wRYPePfIFCCj2hOhbpF1EHbwGpy5s6db7vGe88dnpLmNiaiud_XBerKHnlWSaMR3qvb5f3Z7NwgyAcop_1D90Tycl7mskbTTkVwKi3hSKM8JSld7quxYFx1ty7I3GuDkf9AcHFlbnvLCicSNp2p3rEyriyRTOVpeKMRi_-QFkP49tAwsEo5uNkW0Ius0NE8knEY4c0QydoKDjn9qw1XF46DNYGP_A5pjHr9mX1l7vh-lcLw_eWJnDfEQeWaEur_VpCz-6wL_kys13wSvare4Z8KCR753ywL1xgw4MGIx8mYgdQfXaJlPrVM6rLPuf6_gf6usQwtoB6OGmIwgg8T9TgiE3acuaDfl9RK7ztqU3NJRWa5NWZfMOPsrK1kz_Ja1nt38suklTkTg25AkCLF0agxjgVD5ih_vuURe-meMkLyfpFOBFBcZDj81wYb_HA9yUpYjkcqFeadflLYkFrXkVP8wtkAsbiyvPmDsjtMs18Cp_Iorazo5_oj0qba6WnKVFjYga-fJ0Yx00aT9oDDpsfnspZTavP2qeFlIVg2os_W0V-JJin6Y0RVYsFuD0O6Jg_zjlL-WTTBu2y0y-Ik26ZPmOQk3SskvqT_CNvBnVZ0ZRoslhYKEN9HPu29nbvKLsmR-607vuNJ9SZ61yUd3C38djzUQQl2ApwM7OH5RFwxf1kxfpbiUYgy1jXTDUCyELjwmrbzwgiAeRACwu69WdivN7oKoC7ceXZFffyuYbX0ESvsxWkctb3ejfMmHCSGk6dkIpdsWgxq-JC9DJ5eoL9eMVWJ8jopSfQ6tVSQESkXMo5O2yhwrUA4delgmHzTnMByDqBH2_GnNmpyqq_vlaew9lbjKzUuEq5_t3K88twBbXLvZatmMK6mBCvi04O3jJ66mulYFgSbX26vFO_qw8wxxeRY6Podyd830MmkbL-7cZ4nAaZMBWn-XZlPdN9DfjS_JPwzw-ADocWTVb8dMbj9J9nw4gpo0GyRdshAhWFowWNpEQGd7RQhTzgb6-U6eSr6evo_x1Nj9pud5tSLkEXLd-uQOPHKgbHKvpghlPBkt69NpAECNqE7d-kAqW8yK5qLsVw8jxdmuSqaP3Ggi7wpiDO1P7_kBaP1Gq3xuaJL7s-snMJ5MSb3gGCWKCPxbVHX-lhRJLtRr5WMkWJjHfsiddoV7WyStAeaiDH-KEhI1oZaWiMMvtAw9nwEg5F2jAY5snMGpQBP3Wu-B4ezb187TnYAAev1n2bJYHOQzsh9ihZK1UcIJlUhLsXKQTGpiMcUM7SOjX5RnJIgiPi7WK3VOpCSRKW3xTmE2BBCC1MlBfpaa8RLxmituVwzH2r_7B0bfwC7_r-tS9Tn0Cqly1NLCLnymlQfcuYJm2NKUtk0tVeVNMigBJsUZbclMU1DYKWqD097-i0iSixrjOrf0oaM4LP7-ubhtl6Xh9qaKc3_HFYGPxBrqm0M6yCq7A0m6I91UzvWVerCchT7pRMv9rzDqsGpAoNZwT19s3cHmJ9NRtgSnh9vDSLBx_B26jaJ2vXBqRDHuMTKbw1STTuBlf9G1jX-BuCMHly7DMFeXtTnylOyMosvbcMW3YXXYfD_pjidA7RyBMBzdNCekAtJICm6A9iZYRBGG2t9-YW-Qi40I5qGrDi7XZ_S_zxWoV2XlmXyGcdYmRKdnSlD-CrddKiQ84Y7t8VpMXHgEf_5ujtA8o-1EQOGeccZw0jnX5-D9WC_U0fXED2OZCwJaQq7XBOSAKAwZHb698SiIvPYMELvDIbkIUZAcgN2MKewlua5jeG0CaKxN658oZkJyNEbKOUCv7QyUd5DtJc7j3lKFg9qKkv0uhhjivSOaNre4Ky_ZpyVg58vZBJ_CZ4P5vlZK4UubhJR1921iJt2eGcy4AZxMGJDXICzvGnax0AtkAQsBDt2HrKH7-KFPbf1E-pXg1a0mG0Q3hE_GL0IMKj8fiQfFQ_vTP_93whpthmJo8Mxe-T-dxgGPc9z0GNZ67YzIUwVrgz7ZKuc-c_RnI0ttU3W7DS19F0iBkItTNu2l61BbYJoqc0192uwv_uqK577iNIQ6vfDIMhATL-9zEXUiEzoWGCZ4ImMoscxPsBwqn3qI_8Vy3bq_CY57OoAOqDrF3hPXRLiUuBLoqGNokk38jYgnSLv24yzos69XvmDZ_Ub_lK-mUjjjZBgvlFZqqDPNoNr_iVP1mHrWCogCmUqiU9fZS-QEKzgVDNxJ2AE73BjYQHHLo-PlwGUQ_nyP9VpZpJvrknNfIqaJgN1bEtmU1_LEx6_g-zRJeqEVtit_zBxqXLdBH8ycqghSZmdnM1u-uUGQyqY7HyifrI-cWs1xii5arePZMBLe4miu8EQTZ2m3vyjr-TKidF5UnD7b2e5U3oAmchLfhhcKrEQ9cYk3OD4bd5XHZjJ_TOVhopfttBSoWWxfH-7gnruch4JP1T5zVkCaIDVQ9DMxAKTUhfFud51-5TGgNWfR6c7Y2sVpUwiTD_yfRDO6P3oSdnAPDxhLsoMzFM_otzlWsxhD_UD3Vy38kz1Mfu6uYZAZcDh9qXMMJDhVYqjoHQ&cid=CAQSKQAvHhf_Plxfjh0GmaetEYVz0tx-exbHLvk7SvmOlKBI4ThwVoNYZ8K1GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=1837727128893538300&adk=2111686227&idt=95&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

027ce42ba2345bf5661a75797efa5d9aeb2d6cf8e5d850df86c18f0037429ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38423
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9CAE 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?q6Nh1A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A81B 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xfnZZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame AFCF 111 KB
39 KB 91ms
24ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame AFCF 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3a8GDWYx2z2F-Dfi0JvQP5U6EnT0-96wpk5pHqGxDG8tsxpEzPml9suAiMCaPvxJEQMpnAwsGCkQ89XwN_8gOWLXd-aQLrluJKYKcmj2QyDvRCq7I67GQwTDloaex6ntNrpWYnwSpZSQtwOGd-dDeKeXiTmbtYqXTUxaDfvyqL7duVH6M0OAfmplSPoBwH2BLMKtR&cry=1&dbm_d=AKAmf-D8f9hDoTHI8Cu7M-yjTywftuU_60UoOOXbv1qAxpZ5h2tbCZDSUFjBz38slvNlZbK9NujHGUljPtUhtHsgmHxCB0hG6pjaqM38zyJ2QUyP854fYYZpr4m-mPEWmoPr06J6fafgZdKP8B_RdUpn6FIgEuhP9XN26AnF5jPGUKlwlUYpGiB926V4SIn30XZx1xanh3uem1fyvCose4R_ZCAUtd6jDSes8FuEEbh7EVpSpzE_7mxOIOQXDJI61GJ2U7ozjur0NoKS5Ft3SizOovdizcfs_k1ECNjDuIajB2cpMTGQ43ZnUYwrczo_1-k2vulRXB3TsAvefRKxuT5mNRA73T2ocsgFOblCMidDmnEEobzuD3vXR9wi4wR8AQ_eO6mm1G9bzFV-r90A4sVX9a2zB2Eb1gnJSfpISFrfliDG4Si42eUPLvDRI2BWD6D3QKwdwMBBOn9TqDYHc2YyKZhegPVZrHeeUUwZoryOGpWb19diQILlQIuZU7Gwr9flk6BeEd-g1M--SGEuKGSmxnckuyBn09BHFF60WKeqwNk7NeJHjOSMWN0AqbM5pUx4BRKkbVwqcnoGWvCRJfK6Nglo3wYSla39ncIAiHW6hPgiAWlmbh8_X1YIhJbsoZkfElOh5LYeMBkD0DrZhnR4kk-TlyyPTjeg5nePVUKnoL--JZJ1lK_ubZNCJ03bzQaWaKo_C7q31xVveUDf6SdTiY67lkfdyUtyp9_hgPGCJtmLuuD1kI1TCrb7Y602871T6hkyW91hZ9xStClLAjHzln44Caly_UknancKUhzjEcFFPDTwqjLEPuY29m7oIUcfppsrnFmU2B20_twItt90IUqjy6zYdW4cENdLI1P3O_7viIqt6s3D0TW8gn9pQBEbV1ShENeEWP6brx2p6ixRPSyCw5f-2h6MGg9PCqnvfx1wCCduR1aCW-VkbtMANOwlXEajalopMc1gZ5nmqDOUP6KHpwhCJow5H3Ql8tDgvq_eJ_H-DYiq-hsiLlpZHZHP6kZZcQc_2v_l7DotanSmlBz2YIzXP7cnURLFbxCNTPHMxpN7FBsAyV3uOYR_Em3N2CQ1RsxkEQSf1Hx5-rTR2cG8qsuR_hdPdzHj0B9hoWFDReyujg9vKb4dPEs_ozHLjbSwFaxUoIoK4pRdKABlh8unMjT4uThLz2dJHB67j_hi0rxkSHyBZwzvaJK-8q9v7VCQ2h6UGHdOx7vgPlGNPIq9DUJKtWcMgEMyOrVZvRL1NM5AQuXSyZ2Tjm23OdbObGhsjC93CiYj3PwienPMTy3DSBWvNdcHkp6ksCyuAHupKyk4SWzYjU_NpBNAUJWyT9LT78avxYaXPaDkP4ug63NhgDKOuSwFBSe9lPUdivxVxgwmoVpjVsVugR_hmnzhq-yKGLcpHQbmTPv_gWtTCXAH_t2s8m8pkYWPXVeqiiGFdb-yjg70RYkjHxtt4DvBuurfPoVabPdIJy-4-9kOq6VQ4FMyYceTQsL_v183MFbcfvqw4z32bO9BKyw_gzYXyn5RJi54WcgohZg1u6wmmfVTh11SX-pIkKV4pBDclXjJpeQQZPyKBHHT76DnK86B93Oj_QCyG_ZxDqK4nyS7QZZKeAfQAwJ_viJNU-Izyl5Qh-imL5YDk9NE_LnODVaWWGkf7zTh600zvSYIB5NFkm8XqC8cRhDBBlwH5uafHclcCCjeTaVTyxim5km8F3cuURdvD_4tXDCxOx0eEBl2BnlYImd5Ztmacr6uojAqgLR8wsaZOqA1ZPXuRVFHrnWzoKGx_CX3SQqMDNB5yWshWjADtzsIcEH432PSQ4-yFZMVHwE48S6gdlcfCCKLyNxpDV-OZotSlaBMEd21NZnVO5VReWOv_xtObEZZgTnA4D_NIZfEStrjJox6FioFABQON1c7Q_lErBXgMRg8i3TBgiDM2qYCOw2vg-EvJW47ujYNCZLJYXUGIbvcrEaV6fj--MG3Syq_B_BNwv70wt-KfPF0Ld39DvQAQQDcWbfnRBc4LAhS3RXzogmtq3DfFlABogS0XFJP80zFWgAsdCZIGgZ54dqJZc2p1P2ttU1e7kMhuUCBmvB8OkSKQUzw_BAY25WI-_ojnuwRM0Gd2jSabV9O0MqpW17zd6EhcjnA6odsa3avdby4oTyGHBuaGB-8fB0cmplVixH9zLSSpXq0hH19i9XFhZxbyS5VtcJ2PutkqzEc0JfhoCphlWJWRM-gWWhhplJyjpwpD_8OuIvsoF1Ur9f6fsQbH1piwMDvkex65fk-h2rqUBHJuyzkeFKF0IjRdo7u6tm1Aafk5XQ1ASMjAbtNdp5L-bMUu5Wt86AjurwSBkau1dXA7FHJWIWlNElC6b3wn92pCivn6KfNiz7_DM5FCe8UqVoSt3t1ShxJSs2LhSA2x3ONonoVTbAnsUmXGs8C_pf0V7GRSlj30FGFCKQ8qr7Oeo0iUMKBK4APXGxjuM_zW6lncRQeGLKqb5VgsMX9y5T2CnQp6U4juQOkrrwUwyIVKrMO5j1MbzRieb_VjJvg82Y_TJ6h4-lNk5Ckjth4QpIknglQ3VvmxAi2TJw9P7bAJJaG7E9RgbYUGEa3zDFfTa4oHisMmQDHZGGQ7yOXnMkZS_r4zxwjyB1aIRXZIqD-YBFWLDmN5lTMXU3epD3DP8qpLC9UOvBPIAkmdGHhaemkCoC6jLc57XOx9Fj4vs1wjgEFwmYP1XI2RlkBlJnFJyVw6TcPOz2al2fkFL_QoKJtK_2wgObxD5RRNO_5wnF2QpDzZHtO-cdbHN0BkVT5qQd5w8EL9n3N42US8gZ_dqDSz72MU9N9rWGGDy1Q7oRTfUqA7IeLNBFAtE4llkr6b2CEMiNkaaVTVLdPaH3vZg6a-ZXvN_F_s0P45O-YEbINJi3sjKau_HP0kC1aUbDnWQ-gsbg77i7KYOlC_40x2cpGDTMWhUqQMyC8mfOsy89h_wWJ-fGgDp88n2DJuOIEeVTtZQyOw1eGyqOKCFUcZHD6FWBBEAoa1K-UJ6VhMBApkH9hQ705KI_K9Ehe9b3rwsV-QS8XJNfcxmMmxwpz-1wSE55CkfTEEArFz_jxxbTXSwAH8pY5-Fe503XDeEBlZ0ld4voUFUgqFGFMI2jb1PNFC-tzesQW35UiB8QmVVjeRiXommvhZ105IU6_FddPUV7MYoONnpMmgfkjMUnCpVcQSGZUR7s8RPHAPjC_HFCy1ASpxj7BUt_pgGwdD-2MYW39VA4kRICVG_ZeChS0Ni54DvTW1-JP2_SFQpsgdUQich_rknxTXXhR_PX_Xz_m_OB9wNrjNT-sAP53t9GRTePtpBsnG8C32MV4WDf2Uz5-ElT7gEvDIsvJROyNi5uYp1TTMvEG5KLc0NGe-CcrmbtGqbnb5kXnEPe9fVR3G6jOvQ84NcEzm9ruYUvemzc25mmv2Xq-w_gEZ0kVgBKCVTauSKhOklG6KYHZOQrHrJW-1XoDf8mbfSq4TVMLUkifOfdPpqE2oW4uvGAYNSgnjHdqRUpmcq1YlJmjaSZHpyQQonI1AeWvnXV5RxECwqGxQRGGsNqUs41hGX_2kehGc2jrv17pbFL8HqMifHO_llbzty7SxikvGoyFIYpHr-MOdo9VO5kaqGciVocj7hVq7aXZR0TPlsZBrlxERZOefLw2Xhqx17PpIOB-7t6ONcMLGazyt1MJgWpIeKhk1kDKILmQSKLuBHYuVPZRQhBmSrVqidhzIhHXKiS2R73an4MJh3ihqvei_IvFvdtwkvRSB-Q9EDwjGflV3a1OYLAAWYTorK_1LAJbaZRz2H6VWBEwj1s8qrFb8x8V6cH6In1d6LetwWIoKDILk83MGFE8xXzfBi7m3bMjBOJlwYC1DfcqlG3MfkomafcT49pUohAGc1zxoXYg6D3mbQCYhjfh9bCFmaycAEfJdAyBS45K60g&cid=CAQSKQAvHhf_P0kiiBmTRL0guBSQ0XMbG1IjIIKC1K1RuzZBOCcLP81XFYRtGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=15361216482400518000&adk=1761367584&idt=132&cac=0&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:57:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame AFCF 31 KB
12 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AFCF 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:49:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FF18 1 KB
646 B 23ms
23ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 43699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Wed, 20 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AFCF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f2287774fe64b73cc95fec5f8bea6eec5909d15cb607e670b9e7fdf6ba837b2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 424F 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 66454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 14:20:39 GMT
expires: Wed, 18 Dec 2024 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame FF18 35 B
463 B 73ms
25ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL4pjfZh8CNbwstRk3cgNS8&google_cver=1&google_push=AXcoOmSG5JpsiJOoPG1vaAtuOI2ty6zdO01iR1KMw4ShEtfqBEBGaUgAUB8ctWa01SNt0EAMViSsTpMxjuNjuR5AKRGMj8a3Hw4iigBUqWeVKexquuWmR8UXqetJFJcBqNtSobch4NdZlWr4Bce6LiOWmYT8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame FF18
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEFqk2RCGQptq9S4HEDfuNlM&google_cver=1&google_push=AXcoOmRgbrTvBlkAwKseh0EeMLfV0S9aA_dWNa8F06-xbC67vq70whiuFAouOY4qHtUG2a5q9KviTqAqwsYaLD2dTU6DhxNyCQTsceAE...
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

27ms
27ms

Image
image/gif

23.197.126.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092500&bpp=180&bdt=306&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=154463407&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079965%2C31080103%2C95320885%2C95321252&oid=2&pvsid=3968148918169647&tmod=1503829238&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hj9iv8vaxtqs&fsb=1&dtd=501
Protocol: HTTP/1.1
Server: 23.197.126.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-126-41.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Wed, 20 Dec 2023 08:48:13 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Wed, 20 Dec 2023 08:48:13 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF18
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKLHQOneWZiCqM3mvQhxk6s&google_cver=1&google_push=AXcoOmTdZu_HXW3wgdV3P6YW86WEKnJwTB5wzFDK2w412RpDQepAliRiWROM7-0jssJMNOxFsRtp1ZrwJFiRsoSvwAb4ugY1KNIOTK...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8002717CD1543F4BA5FA3FFDB28CDD4&google_push=AXcoOmTdZu_HXW3wgdV3P6YW86WEKnJwTB5wzFDK2w412RpDQepAliRiWROM7-0jssJMNOxFsRtp1ZrwJFiRsoS...

170 B
188 B

34ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8002717CD1543F4BA5FA3FFDB28CDD4&google_push=AXcoOmTdZu_HXW3wgdV3P6YW86WEKnJwTB5wzFDK2w412RpDQepAliRiWROM7-0jssJMNOxFsRtp1ZrwJFiRsoSvwAb4ugY1KNIOTKSK6AIVLYtvoZ-ZEIpg2rn637q3fXpJMcBqRZ_Cispz_LmjvXlztvsv

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 20 Dec 2023 08:48:13 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8002717CD1543F4BA5FA3FFDB28CDD4&google_push=AXcoOmTdZu_HXW3wgdV3P6YW86WEKnJwTB5wzFDK2w412RpDQepAliRiWROM7-0jssJMNOxFsRtp1ZrwJFiRsoSvwAb4ugY1KNIOTKSK6AIVLYtvoZ-ZEIpg2rn637q3fXpJMcBqRZ_Cispz_LmjvXlztvsv
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 19 Dec 2023 08:48:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF18
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECE9JuAC6Lt_dXvVra234YE&google_cver=1&google_push=AXcoOmQsjUZs1w4vhutnw3DpVTMSt7J7I_0yTNE0149Z5aNFrbKVCoI-2oWaf81xfGedTTzlCL1CJ...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQsjUZs1w4vhutnw3DpVTMSt7J7I_0yTNE0149Z5aNFrbKVCoI-2oWaf81xfGedTTzlCL1CJnWwC6CrvJ1C7BJcwolYDnH9c_5yCKwdGHuI8K9Q2IP-ZV75cdqud_...

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQsjUZs1w4vhutnw3DpVTMSt7J7I_0yTNE0149Z5aNFrbKVCoI-2oWaf81xfGedTTzlCL1CJnWwC6CrvJ1C7BJcwolYDnH9c_5yCKwdGHuI8K9Q2IP-ZV75cdqud_oaD80jwyWyuZB80cNVFhnJl8w

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 20 Dec 2023 08:48:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8C9112CE992C4E4F95F271B5EF6C6E35 Ref B: FRAEDGE2019 Ref C: 2023-12-20T08:48:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQsjUZs1w4vhutnw3DpVTMSt7J7I_0yTNE0149Z5aNFrbKVCoI-2oWaf81xfGedTTzlCL1CJnWwC6CrvJ1C7BJcwolYDnH9c_5yCKwdGHuI8K9Q2IP-ZV75cdqud_oaD80jwyWyuZB80cNVFhnJl8w
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYM7Qsje5w8I6ZoYNGk7w==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF18
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEIIxOt-AXnld7DmgsMTm2vY&google_cver=1&google_push=AXcoOmShH8k-ku-EQibKku7Rb-MUS0SFzZcLnNNFJOUEzE2Xuy0EWZh61zb-wBXEHIBhnQ41_1hR8vExdAwzJlyFVpBYR9FZa...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=867200920735&us_privacy=1---

170 B
188 B

37ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=867200920735&us_privacy=1---

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=867200920735&us_privacy=1---
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame FF18
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMlW7c-9wMzS...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NTQyYTk5MjItYjFiOC00ZTg4LTkxZTQtNTRlNjhhODNlMzRl&google_push=AXcoOmTTyrkm7UBEcjmm7g29Sbul8oicrpnWM2kKZwyJ9F7w7gnRzTJ_3usSzCQhQVPws...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

46ms
46ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092500&bpp=180&bdt=306&idt=495&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=154463407&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079965%2C31080103%2C95320885%2C95321252&oid=2&pvsid=3968148918169647&tmod=1503829238&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hj9iv8vaxtqs&fsb=1&dtd=501
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 20 Dec 2023 08:48:14 GMT
pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF18
Redirect Chain

https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEOFmYW_dQC51bsBLB8PSETQ&google_cver=1&google_push=AXcoOmSo_HSUa8FzVr8FN7UX8Yt-nznNMDI11vo8bwuDAO5MxLoEbX4Ug7w7vTK7nhR_jMi9xp9Q2r0wEgsBctFrgKf5e_...
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSo_HSUa8FzVr8FN7UX8Yt-nznNMDI11vo8bwuDAO5MxLoEbX4Ug7w7vTK7nhR_jMi9xp9Q2r0wEgsBctFrgKf5e_y1xMtDjtldKbrdBHy2g_aGNmwmtpAwpNGP...

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSo_HSUa8FzVr8FN7UX8Yt-nznNMDI11vo8bwuDAO5MxLoEbX4Ug7w7vTK7nhR_jMi9xp9Q2r0wEgsBctFrgKf5e_y1xMtDjtldKbrdBHy2g_aGNmwmtpAwpNGPEE7XSrxfZiU-JABWdsBBffxUpBuxNw

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 20 Dec 2023 08:48:14 GMT
strict-transport-security: max-age=2592000
server: nginx
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-language: de-CH
location: https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSo_HSUa8FzVr8FN7UX8Yt-nznNMDI11vo8bwuDAO5MxLoEbX4Ug7w7vTK7nhR_jMi9xp9Q2r0wEgsBctFrgKf5e_y1xMtDjtldKbrdBHy2g_aGNmwmtpAwpNGPEE7XSrxfZiU-JABWdsBBffxUpBuxNw
x-yak-request-id: 1703062093964-d245a640b08d985f7acb292950dddbac
yak-timeinfo: 1703062093964|71
cip: 149.88.27.81
alt-svc: h3=":443"; ma=604800
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FF18 0
12 B 31ms
31ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IejRmTCEJgHK07hSPMAFLCZxI5FqANcIEarG1lZEkOKJQ0zdee2FyFsQKuq6qs076iVBMU3nI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 424F 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A74C 111 KB
39 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame A74C 11 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COorsHHrWEpq5zmKyUDXj0cRpWk_ZfH9LCkLGOmGAaNWgQhSg96vTV85CLf-7dWLCYlxV6jdEu15_9QBffIaZMTt_x4D-BignUFfJxoCzZn9mleoZmh2-kX7rXjycRgZtu2EXmQz9bynVCFXGR-P_WHLepnZd_RzTtf-YDoUlfxuUAGSt48TSAzyuFAbrhDyOCH-6q&cry=1&dbm_d=AKAmf-Beziess9qjssz7bRLvu5SFMtw3bCP51dorWTLcK49AqHC9aVXpEJ0V88R5jq2H2Z77QAoORXkulUcpHlWYB0xpyCNNf4MjR-PCE0ro2IBiIhA335HB1Td46BxpFP9eaJBgexoyc7zZMTdj27nLSALmdK1FPFQxQiS_Hv9bco5g8pgLumg49xxAPt3-zmyaoSgfcRMbld9TwNt0KRHjmeMSpbb6lcqIVMNKYi3IP-1wEAQ4RZnBjLmOiWUwto-bkmeWLpPBuvO-lxfA0tJyaDawUx65GAZQZTJKLzaxc7XMtBemQWn7zgvzzfbox7gPleNhyQuQ3W6EGDmiNPY60s30CLHcI3uOBvSsuR8YP4WTesxDAxgjS6-wkQf4nxLEeZIBAQmWiih7i2xMsZ0y04YpwZ7zm1nP01vhKmFO0c3tyDv2oRBp0NWarxtSSnQ2twtYWI_F_QSw2uA_taVOL1s70E6vRjPFfDz-ldFc7EqpbHAx513ADDCCWvYQuLMUeO2peraAcxPH9MLCiqvOiPdujO7A1AnJ9XZShphhgsh2Sl0BeYiX9Cc7p7u6UGJGOFWKc_omG8aird0FAavJhbZR_tBs9LZ7daxgMlkB0AEAszl4x4syyj5Fw07A5bopi50Imf5TuBOjask6VkqackuN2TVrlfDm7PKdfuKX4JsY1R8rV2SxdyNUXY4apFqFyOgwZPGnk_UKB6LIj2RtanA4dH_ZCgZ3FMrZrYEAfUs8_hpEPRQyYG1s9EiN_RdOf6oEzlQMItSVgwBRxV7qN694u9nlUxiA1GnsvFaUpkb2VcdNFpGsDFySiUcFu4gAl8duBzTZ60kHwfKA-FfKTSBxWUO5_KooY8QJhdRMweHWZfGrU2hiWtt6x4lLxTPl8KaRGwc4q5gprzxuD3DSC3QeHONUlQ3uSvkk-7iYScKBB2iVH6l8TSUUBtqZJf_veM8cOtc_BtYAUz6MffZJr0q8fjjV3MHj7zQFCqL3KwiBN3I10Gsrfc5PWcbSp6yYEIa6nG__IPdlHsHslmMn4AYwITAYJFO2pEnhU5_qQtIE4F2qDM5kO-vHfJ1YLJAEyv1zDHd1DXgO8TTzqgb71-bor3tfIY1gyN91blmH1fCiSfHC407HA4SAE1KuadnsAM3kA0iKXIA4RqK49Kpyp7iq1J6WGU66gj44aeIEO5OLsTgWpARelejblSeah67aBlmGUY0pLPXvHgAtiOrTQLT7SPYlGBU5q-EQSCaLUR4UHGRR9rpnKsinyfBGdP20LV16Jmy-9zxuP--twuuPQhqiaQ5D_BZhihuM3W2F0xjWfktHTCCEaf2EKXIT5SAHkL2uWvahpErXZdTeh_x0wRYPePfIFCCj2hOhbpF1EHbwGpy5s6db7vGe88dnpLmNiaiud_XBerKHnlWSaMR3qvb5f3Z7NwgyAcop_1D90Tycl7mskbTTkVwKi3hSKM8JSld7quxYFx1ty7I3GuDkf9AcHFlbnvLCicSNp2p3rEyriyRTOVpeKMRi_-QFkP49tAwsEo5uNkW0Ius0NE8knEY4c0QydoKDjn9qw1XF46DNYGP_A5pjHr9mX1l7vh-lcLw_eWJnDfEQeWaEur_VpCz-6wL_kys13wSvare4Z8KCR753ywL1xgw4MGIx8mYgdQfXaJlPrVM6rLPuf6_gf6usQwtoB6OGmIwgg8T9TgiE3acuaDfl9RK7ztqU3NJRWa5NWZfMOPsrK1kz_Ja1nt38suklTkTg25AkCLF0agxjgVD5ih_vuURe-meMkLyfpFOBFBcZDj81wYb_HA9yUpYjkcqFeadflLYkFrXkVP8wtkAsbiyvPmDsjtMs18Cp_Iorazo5_oj0qba6WnKVFjYga-fJ0Yx00aT9oDDpsfnspZTavP2qeFlIVg2os_W0V-JJin6Y0RVYsFuD0O6Jg_zjlL-WTTBu2y0y-Ik26ZPmOQk3SskvqT_CNvBnVZ0ZRoslhYKEN9HPu29nbvKLsmR-607vuNJ9SZ61yUd3C38djzUQQl2ApwM7OH5RFwxf1kxfpbiUYgy1jXTDUCyELjwmrbzwgiAeRACwu69WdivN7oKoC7ceXZFffyuYbX0ESvsxWkctb3ejfMmHCSGk6dkIpdsWgxq-JC9DJ5eoL9eMVWJ8jopSfQ6tVSQESkXMo5O2yhwrUA4delgmHzTnMByDqBH2_GnNmpyqq_vlaew9lbjKzUuEq5_t3K88twBbXLvZatmMK6mBCvi04O3jJ66mulYFgSbX26vFO_qw8wxxeRY6Podyd830MmkbL-7cZ4nAaZMBWn-XZlPdN9DfjS_JPwzw-ADocWTVb8dMbj9J9nw4gpo0GyRdshAhWFowWNpEQGd7RQhTzgb6-U6eSr6evo_x1Nj9pud5tSLkEXLd-uQOPHKgbHKvpghlPBkt69NpAECNqE7d-kAqW8yK5qLsVw8jxdmuSqaP3Ggi7wpiDO1P7_kBaP1Gq3xuaJL7s-snMJ5MSb3gGCWKCPxbVHX-lhRJLtRr5WMkWJjHfsiddoV7WyStAeaiDH-KEhI1oZaWiMMvtAw9nwEg5F2jAY5snMGpQBP3Wu-B4ezb187TnYAAev1n2bJYHOQzsh9ihZK1UcIJlUhLsXKQTGpiMcUM7SOjX5RnJIgiPi7WK3VOpCSRKW3xTmE2BBCC1MlBfpaa8RLxmituVwzH2r_7B0bfwC7_r-tS9Tn0Cqly1NLCLnymlQfcuYJm2NKUtk0tVeVNMigBJsUZbclMU1DYKWqD097-i0iSixrjOrf0oaM4LP7-ubhtl6Xh9qaKc3_HFYGPxBrqm0M6yCq7A0m6I91UzvWVerCchT7pRMv9rzDqsGpAoNZwT19s3cHmJ9NRtgSnh9vDSLBx_B26jaJ2vXBqRDHuMTKbw1STTuBlf9G1jX-BuCMHly7DMFeXtTnylOyMosvbcMW3YXXYfD_pjidA7RyBMBzdNCekAtJICm6A9iZYRBGG2t9-YW-Qi40I5qGrDi7XZ_S_zxWoV2XlmXyGcdYmRKdnSlD-CrddKiQ84Y7t8VpMXHgEf_5ujtA8o-1EQOGeccZw0jnX5-D9WC_U0fXED2OZCwJaQq7XBOSAKAwZHb698SiIvPYMELvDIbkIUZAcgN2MKewlua5jeG0CaKxN658oZkJyNEbKOUCv7QyUd5DtJc7j3lKFg9qKkv0uhhjivSOaNre4Ky_ZpyVg58vZBJ_CZ4P5vlZK4UubhJR1921iJt2eGcy4AZxMGJDXICzvGnax0AtkAQsBDt2HrKH7-KFPbf1E-pXg1a0mG0Q3hE_GL0IMKj8fiQfFQ_vTP_93whpthmJo8Mxe-T-dxgGPc9z0GNZ67YzIUwVrgz7ZKuc-c_RnI0ttU3W7DS19F0iBkItTNu2l61BbYJoqc0192uwv_uqK577iNIQ6vfDIMhATL-9zEXUiEzoWGCZ4ImMoscxPsBwqn3qI_8Vy3bq_CY57OoAOqDrF3hPXRLiUuBLoqGNokk38jYgnSLv24yzos69XvmDZ_Ub_lK-mUjjjZBgvlFZqqDPNoNr_iVP1mHrWCogCmUqiU9fZS-QEKzgVDNxJ2AE73BjYQHHLo-PlwGUQ_nyP9VpZpJvrknNfIqaJgN1bEtmU1_LEx6_g-zRJeqEVtit_zBxqXLdBH8ycqghSZmdnM1u-uUGQyqY7HyifrI-cWs1xii5arePZMBLe4miu8EQTZ2m3vyjr-TKidF5UnD7b2e5U3oAmchLfhhcKrEQ9cYk3OD4bd5XHZjJ_TOVhopfttBSoWWxfH-7gnruch4JP1T5zVkCaIDVQ9DMxAKTUhfFud51-5TGgNWfR6c7Y2sVpUwiTD_yfRDO6P3oSdnAPDxhLsoMzFM_otzlWsxhD_UD3Vy38kz1Mfu6uYZAZcDh9qXMMJDhVYqjoHQ&cid=CAQSKQAvHhf_Plxfjh0GmaetEYVz0tx-exbHLvk7SvmOlKBI4ThwVoNYZ8K1GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=1837727128893538300&adk=2111686227&idt=95&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:57:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame A74C 31 KB
12 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A74C 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:49:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0BF8 1 KB
646 B 23ms
23ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 43699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Wed, 20 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A74C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ffe8e08c06406966a513a3814b705f977be63c813a60aa818da539276e2eb6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AFCF 0
0 135ms
68ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7o45Ol6hVx7Ej0RGrSIjoook5z3hDdROhHgLNjNVqWxPiquQDRC0uZBLPSyQYEfqLv0j0n8VmocJ1CZlwSjFaOHhNtZihgkszirBkp89YssBNzpjOtti0XgoVM1X4x_bo1pqCZYqt6q0KoqKpyyzADzActsKL7ar5p1aIt6zjmgsOCju2dWoaSmC9eok6pL2L97WWE99XZn7Bjru7XrbPCiVcc94a-x63o6ycKNo37Z6HhO6GN1ll29Dn9d6zfZap_sGJddKeFe1cZGhXvis4f5A1d7aWHBaOsmJzvAr_aJYs2lVk_i6w_H8CIJ-5clNo6NDYO2Ajg0Np0hhhK-8oJB1CCt-DzKaeN1YkRkOydE99f0o0oKRjrL9MP02XjrrSbG7BgJVsfq6Noiw-85VxA2TJA6WnateRQcIkp1q6JDdc5a9ISmClxqS3eyKD_Cgxk_j8xxpEDNKrHOIUESTr3v8XU_5E_MxBfKl0wRMb-mvSRHiIWhF5skGlyH8VNWBIj107Q6bn5Oh8K9sp5ELNVN30lRk4eITXlBfwLOdvjV9-vxm_MXWpqwmnhQpyJEGsO4__4vXNUf-2P7m3gFNdoB4wdu4SajkNeUwQdym-YVsKKMrrANqTxu424jdtsphUoFFJ7ur_GT7LqqA1uTWBBadUZL4DCeFNIkBfC5vbVDFd1g6nNrn3ha2iikQ0Vv0lNeqp3ABTtKWlT8VjrrutyTThncr2ZHjT4nt4FILFQ2zudsJ96y8_MJnRJArB3XS7vQTl1xEVYhTrnSknUubE2UkjoDZtBjpwcxW7CsQOS94JH-4vB-bvNEO8Trh_zixAm6z7fjyE7jJtEDRq-RbUkZjANcgMRPKQGC6aflEqOpE1RHwB_hpeKA8_6iGn9t9oD4bvXOAC0tfYEAr8Xwb__Lb9YfOe8pvua4TSep6t0PwsRIJK3DNksw-i6Dg-cJDnE9RL_9R_ne5QzZELvdSIQYTZsGxFi63hyZ8gJT79WJff5UDyOzOdgnQLsTaT45586dQzx7Yi2ek1xFemHWVybuP5R_5nrUQeWs6aldGhwMlfBr5SgaRpIbq8GfOktWZl_JMw3uh1Diq8-zPDw6jGuIUxC7nhHzePUD0xpBD4mrZK0lO6BuivXzxyK0hSOIfDPb9uxznicYEDoXRZ8W4KYLmVrfqZBednKDaX4SgEopR_e_nxqo9rxY6-2GZaW6RcLzv0KuWtNNm163asx4cHi4WBeaWIxQ-O88BBedwydR8Ts8ZGtvtGZUyp2_pipp_PM3AumugiQBcMgbALpIPElOpGk1_Nsreo9jTyiMnY22ZG80Fa1b0gX13ZVgBzdX4x63yB5uAKD0QNTAUt-2dHUP8&sai=AMfl-YS2sEzUsjd4JyzlOHYB71nIZR_yWpmXR8COAgO7vYrYvIKCS10fY-sf6APS076Zsr6mCbilJRfIGBddlSj_yvZXwaCYkQTEAM4adgzqx2PTdSvSjKWzUdgbNA5h6_yUL_vWTZD5Rc1S6cibX05AOzu-3B56ij4Tz-O9UK5rjdNS23kIKOMKdnkzJ8y-M3ah-SDfPLzFMwJg&sig=Cg0ArKJSzC1wEPdcHUK-EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=142&cbvp=1&cisv=r20231207.38036&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 08:48:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 12846158605548682008
s0.2mdn.net/simgad/ Frame AFCF 46 KB
46 KB 72ms
24ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12846158605548682008

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0fb85ae75acb3d64c6228059ba66a899a7844a7a04fa9878c4b73415805f612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 01:55:32 GMT
date: Fri, 15 Dec 2023 01:55:32 GMT
x-content-type-options: nosniff
age: 456761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47381
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 12:49:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1DAE 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 66454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 14:20:39 GMT
expires: Wed, 18 Dec 2024 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BF8
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESELhe2cK8kAFvIDFGSbQbFag&google_cver=1&google_push=AXcoOmRGXo62bB6cCOLrtQF8U9ZFdMz3pUuUB8x8bsc60yAPYYEQffYD8pNP1rREdE5jEOqTBUWJucVL8HLdZpIZCQ...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTcyMjg0MDY1OTY4Njc3NTY0Mjg&google_push=AXcoOmRGXo62bB6cCOLrtQF8U9ZFdMz3pUuUB8x8bsc60yAPYYEQffYD8pNP1rREdE5jEOqTBUWJucVL8HLdZpIZCQTx...

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTcyMjg0MDY1OTY4Njc3NTY0Mjg&google_push=AXcoOmRGXo62bB6cCOLrtQF8U9ZFdMz3pUuUB8x8bsc60yAPYYEQffYD8pNP1rREdE5jEOqTBUWJucVL8HLdZpIZCQTxH2VABwJSCGjja92KJN9g24ur_bB4mMkiakqx0930EStWQDQdd8zQJb_005kfqZQ8

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTcyMjg0MDY1OTY4Njc3NTY0Mjg&google_push=AXcoOmRGXo62bB6cCOLrtQF8U9ZFdMz3pUuUB8x8bsc60yAPYYEQffYD8pNP1rREdE5jEOqTBUWJucVL8HLdZpIZCQTxH2VABwJSCGjja92KJN9g24ur_bB4mMkiakqx0930EStWQDQdd8zQJb_005kfqZQ8
Date: Wed, 20 Dec 2023 08:48:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BF8
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTYmD4oujofJmdfa06bHmflpTjbJx6Jw6GO4phyu0mf1w9-j9QqdrhxpZA00Ho3ajNPIbrmOW-8f5...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTYmD4oujofJmdfa06bHmflpTjbJx6Jw6GO4phyu0mf1w9-j9QqdrhxpZA00Ho3ajNPIbrmOW-8f5rPyVfrf8dPSBFXclJkQ1kwAySoMbS5EzB6Hxg3R62mNPf-a8gr...

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTYmD4oujofJmdfa06bHmflpTjbJx6Jw6GO4phyu0mf1w9-j9QqdrhxpZA00Ho3ajNPIbrmOW-8f5rPyVfrf8dPSBFXclJkQ1kwAySoMbS5EzB6Hxg3R62mNPf-a8grwyx8Adw_D1zcCkuftkmAgjs1&google_hm=dc9dc237-ee17-4508-a270-03438b15f913

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-155
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTYmD4oujofJmdfa06bHmflpTjbJx6Jw6GO4phyu0mf1w9-j9QqdrhxpZA00Ho3ajNPIbrmOW-8f5rPyVfrf8dPSBFXclJkQ1kwAySoMbS5EzB6Hxg3R62mNPf-a8grwyx8Adw_D1zcCkuftkmAgjs1&google_hm=dc9dc237-ee17-4508-a270-03438b15f913
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BF8
Redirect Chain

https://google.partners.tremorhub.com/sync?UIDF=CAESEOD7PuN4DHiUgfQfjvI_5l0&google_cver=1&google_push=AXcoOmQI56r0CLWw0oJSMo-_6Fk9fM49dH--GHkYceaYrkubD3mnRzI89ADcNbuUCoo7GifjRVWZomySuTX_YzXpqQOQ6pn...
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ODUwYjU3YzNmMDY3NDE3MmJiZTVlZGZjNjVmNzdmM2U%3D&UIDF=CAESEOD7PuN4DHiUgfQfjvI_5l0&google_cver=1&google_push=AXcoOmQI56r0CLWw0oJSMo-_6Fk9...

170 B
188 B

34ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ODUwYjU3YzNmMDY3NDE3MmJiZTVlZGZjNjVmNzdmM2U%3D&UIDF=CAESEOD7PuN4DHiUgfQfjvI_5l0&google_cver=1&google_push=AXcoOmQI56r0CLWw0oJSMo-_6Fk9fM49dH--GHkYceaYrkubD3mnRzI89ADcNbuUCoo7GifjRVWZomySuTX_YzXpqQOQ6pn_mBnXAvsAtH3nWdTLzDac-wWl7YphTnYvfaqrzUGQsVDiE5ogE-bv19Dn5g

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ODUwYjU3YzNmMDY3NDE3MmJiZTVlZGZjNjVmNzdmM2U%3D&UIDF=CAESEOD7PuN4DHiUgfQfjvI_5l0&google_cver=1&google_push=AXcoOmQI56r0CLWw0oJSMo-_6Fk9fM49dH--GHkYceaYrkubD3mnRzI89ADcNbuUCoo7GifjRVWZomySuTX_YzXpqQOQ6pn_mBnXAvsAtH3nWdTLzDac-wWl7YphTnYvfaqrzUGQsVDiE5ogE-bv19Dn5g
date: Wed, 20 Dec 2023 08:48:14 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BF8
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESENLvpeJvX0pILoePaVjafDo&google_cver=1&google_push=AXcoOmTan7C12qMWLTcbPcu40Pgy3bsl01LB_8YoDPR2zA3z4fkAwflM2DxxjmGm_ceU6maI4005Ovud3X4Hio9qQ6BZ26...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENLvpeJvX0pILoePaVjafDo&google_cver=1&google_push=AXcoOmTan7C12qMWLTcbPcu40Pgy3bsl01LB_8YoDPR2zA3z4fkAwflM2DxxjmGm_ceU6maI4005Ovud3X4Hio9q...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hiugRPkXRoiur-C6jnLVGw&google_push=AXcoOmTan7C12qMWLTcbPcu40Pgy3bsl01LB_8YoDPR2zA3z4fkAwflM2DxxjmGm_ceU6maI4005Ovud3X4Hio9...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hiugRPkXRoiur-C6jnLVGw&google_push=AXcoOmTan7C12qMWLTcbPcu40Pgy3bsl01LB_8YoDPR2zA3z4fkAwflM2DxxjmGm_ceU6maI4005Ovud3X4Hio9qQ6BZ26Czj2DjyQ2Tit_2ZI2RsLtZce7F69NDXXdbdIcSubpGBDDctzjdtc_OarAn7uj3

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hiugRPkXRoiur-C6jnLVGw&google_push=AXcoOmTan7C12qMWLTcbPcu40Pgy3bsl01LB_8YoDPR2zA3z4fkAwflM2DxxjmGm_ceU6maI4005Ovud3X4Hio9qQ6BZ26Czj2DjyQ2Tit_2ZI2RsLtZce7F69NDXXdbdIcSubpGBDDctzjdtc_OarAn7uj3
access-control-allow-origin: *
date: Wed, 20 Dec 2023 08:48:14 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BF8
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEJDhVB8uTjSjCet5eFAgu-M&google_cver=1&google_push=AXcoOmQKLPVMznWvtFZ4kAzxYEptITLmQZsegxKpcnSFieMU1Rr6N3bi8Hf_cz4QUXbn6lnglEFz...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEJDhVB8uTjSjCet5eFAgu-M&google_cver=1&google_push=AXcoOmQKLPVMznWvtFZ4kAzxYEptITLmQZsegxKpcnSFieMU1Rr6N3bi8Hf_cz4QUXbn6l...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=FvHU6sjuSLuobZHrPyzAug==&no_redirect=1&google_push=AXcoOmQKLPVMznWvtFZ4kAzxYEptITLmQZsegxKpcnSFieMU1Rr6N3...

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=FvHU6sjuSLuobZHrPyzAug==&no_redirect=1&google_push=AXcoOmQKLPVMznWvtFZ4kAzxYEptITLmQZsegxKpcnSFieMU1Rr6N3bi8Hf_cz4QUXbn6lnglEFzVBBRMi6SzAzFChQchzLyDohC4xBr0BFLem8192uHPTkJ73Zs4AT38FnTwdyPwovh1r09zh1bnNNVWFDqHw

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=FvHU6sjuSLuobZHrPyzAug==&no_redirect=1&google_push=AXcoOmQKLPVMznWvtFZ4kAzxYEptITLmQZsegxKpcnSFieMU1Rr6N3bi8Hf_cz4QUXbn6lnglEFzVBBRMi6SzAzFChQchzLyDohC4xBr0BFLem8192uHPTkJ73Zs4AT38FnTwdyPwovh1r09zh1bnNNVWFDqHw
Date: Wed, 20 Dec 2023 08:48:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BF8
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBnOwqnzdRLoNEx1xHfaLhU&google_cver=1&google_push=AXcoOmRnIYWLPSCMcCJUmBX7AtylpBSelDog_cdR3NKW1nRJWpc88ByeiRtYZVy6dc...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRnIYWLPSCMcCJUmBX7AtylpBSelDog_cdR3NKW1nRJWpc88ByeiRtYZVy6dcLUF_riSYlv4d7lIxowLm2FLRqjj_UoBuvrMDb3rHo601FNWz...

170 B
188 B

35ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRnIYWLPSCMcCJUmBX7AtylpBSelDog_cdR3NKW1nRJWpc88ByeiRtYZVy6dcLUF_riSYlv4d7lIxowLm2FLRqjj_UoBuvrMDb3rHo601FNWznH63gjUWSjeA2FveA6zpFjpDIldEZq-O2femeN7DJD&google_hm=tCNWHA8RQ8ez3FAcj0QJYFE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRnIYWLPSCMcCJUmBX7AtylpBSelDog_cdR3NKW1nRJWpc88ByeiRtYZVy6dcLUF_riSYlv4d7lIxowLm2FLRqjj_UoBuvrMDb3rHo601FNWznH63gjUWSjeA2FveA6zpFjpDIldEZq-O2femeN7DJD&google_hm=tCNWHA8RQ8ez3FAcj0QJYFE
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BF8
Redirect Chain

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEODaYxLzW6Mv6zMa-vPU5xY&google_cver=1&google_push=AXcoOmSX-iZsU4oI8OTJ2n8mNABt70JvDExhDUPpJotwDoEfS4cy4qEMMLzKlL-rXqsBK70n6Cx7-T06bREm0IJpLrMy2...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSX-iZsU4oI8OTJ2n8mNABt70JvDExhDUPpJotwDoEfS4cy4qEMMLzKlL-rXqsBK70n6Cx7-T06bREm0IJpLrMy2o0Oe9ebWcZv5ef25zDw_meSNq1NlMatU...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSX-iZsU4oI8OTJ2n8mNABt70JvDExhDUPpJotwDoEfS4cy4qEMMLzKlL-rXqsBK70n6Cx7-T06bREm0IJpLrMy2o0Oe9ebWcZv5ef25zDw_meSNq1NlMatUx5PyffwowosrVOTptYiwyljJR_NoEc1Hg&google_hm=f34e9699379b96062veh3m00lqdj75xr

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 20 Dec 2023 08:48:14 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSX-iZsU4oI8OTJ2n8mNABt70JvDExhDUPpJotwDoEfS4cy4qEMMLzKlL-rXqsBK70n6Cx7-T06bREm0IJpLrMy2o0Oe9ebWcZv5ef25zDw_meSNq1NlMatUx5PyffwowosrVOTptYiwyljJR_NoEc1Hg&google_hm=f34e9699379b96062veh3m00lqdj75xr
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0BF8 0
12 B 30ms
30ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JhbCar_JTmXQr_mwgiCboY7Y5MZdjoUTNbZEERBo1LiNqq-ypYXsoD6yfMHFWmyL5rIEicdS-R

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703062092316&bpp=246&bdt=135&idt=558&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1420&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=568212841&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079965%2C44809003%2C95320868%2C95320885&oid=2&pvsid=1991615938030577&tmod=1937894423&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ku2detjy97a&fsb=1&dtd=561

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 12846158605548682008
s0.2mdn.net/simgad/ Frame A74C 46 KB
46 KB 43ms
29ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12846158605548682008

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0fb85ae75acb3d64c6228059ba66a899a7844a7a04fa9878c4b73415805f612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 01:55:32 GMT
date: Fri, 15 Dec 2023 01:55:32 GMT
x-content-type-options: nosniff
age: 456761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47381
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 12:49:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A74C 0
0 100ms
67ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDdXhCVF4KtjhdKp3f4OmB2lTMbR1l1X65lRW2wiNbRV4lIu9L2YuWWFGtAfznPLoVxTupJJiFN7r5R2LgzBs6nlPlUk6-rShk7euvZELX5XI5DSw3rFTmt0tDEGxRRRCdLdaG64C91xGABzcUQDvv1gaXD_rJSZeky0agj32iI-omeqFE6NFteKqwuAq9WnXolOpCjg3DmEcd1RcIfQ8Q4yN_YFtMGljfpZVdWQNakLVTZ_JXvhvye1FRf69OJzFLqk-Q9NHwe62PFaKk12g2d_6mlzVkZVt1CloB1w8nRJMzc0UInqaXpB67hMFBkR465Xd4bq3VkEecxXEYVblF7FY5sN2IGMCVv0zWK62YUIFvbHD28Uu-jd4Tyw2fqA7RCvY6DDDgkJBDnQwfmi-9y5olHfirVYtclmFSBHaUSC_-JdRhQ8bxwRb9nCwH6EZeLWZycozlx21LMkTI7owXHtV3PV3Ave5BjJopBe5YnCpzB_vXFuBVsQUoV7BQWtWMa0YtbHmbJBMNVw4ojNFHPay46w4mupfwTBVEO3PQs87TyiM5E2E3rhBl9fCjsUJGpLXjpHnlfHIVDrA8xCHEBM_kXV1sKpGJ9MsajN_ORvt6eNMUM31JZ8x-jICmfKkatcyICHp-NVunxaf1rsoXakl8ax0iLaijVUDVxYhP-sctFpNaGIBrTVC3pRq0Aftur0bv8YvNtCFRAgzakeyRlvxl4yr5-qLwdMZCKj3Y7-bcl7mFMOU_rKWc94T39PL2OCcvWvvOadUI5VVTNYlGt0cWWkjgSOfWNDzeqmZEgIGlh0MNtCIbTyT20pJhxj6_5g22THi-iJ7YeLEozAZ_GHD_u7sQOrRHErHj9MSur6HlXVxMoIqwcrXMcXzflkvP2yPf7XehLsD-Ley0_L2Cj-cIMBYUKUIqRqryfVgPvwqEsHgxOmrC0IVYm4d4dt5N7oy5yi8JdwXnx2iHKwttKa0PZsglSQGMudPCF06kUmQSUbnbyCmpRqHAobxiGQJhFF5RPcPg5B2bLnHUNwJ9qi7tmwu35eXJHgbLwsR3NeJRPZRbjyvhDaqvG-G4mbNuE4jkx6qgmfUDcZm8HAbmKNRgSszRKjYM_Qq17O7Da0LipSsnCOvCAz7GYQDK7PhBj4UxfgtoehcWCgHA4rr8PXr9iEK7YOijWeEi0JhrcnkZhZvcbPgnLgXSHH9VMnYG1Fv1ccXuuZiPz4vmLuC5gbBlKD-O6oI9dsujjwlrtV4XUs0a137TUyd2DyqH2lTSUTEZXmYtbfmfHxg7NF9MVVHrRmZE8FbOkvg8htigTYXXgYA5-q_xyYqOc_YOccTjWIRQC2g&sai=AMfl-YTGp0x0iEzmRZLRNc0N4l-MyTu6JoWGCBmN2DBtqq5zefGQb_z1-nNIdHVhLSxglgJrQpCP4GDDKQ-FP0DyTIdgCwvORcSkhY61S_VF12npYTp-xDsuBs116jb2FETD98B2AoKvsCXZv72A4KW2uxiaEAkXGNLHk13bxILGulS9R9gw7yKYJE4TsG86_tO6vceGkekhUs8Z&sig=Cg0ArKJSzNx7yO9HpZt4EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=57&cbvp=1&cisv=r20231207.11803&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 08:48:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 424F 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKk_lTaqCZe_iJJ-G1PIPnb6DkAsAAAAAOAHgBAI&bg=!qaqlquXNAAY3kmNgF5I7ADQBe5WfOFZvenDChmw-UBbB2QFMHxhAXcV3hSi638zFFKRwhmhIATyYEBda4xNXQdvrjZSKAgAAAE1SAAAAAmgBB5kDKBG5LdWHcbTpQV3946sJ0cfZU2KfnQL7M-hge6l75eUMy7B6m3q-Z6ZXqVt0bzQiL3ncm5WDdPk1mSw5ClHB6LSN7Sz4yhNliJo1XnID_92h7JL4RRSHGD00Co6RNM9Ifx5HqxNb3khwF8rn6aOftJdAjvIe8KpZVkZHm4HEhod0aJQO4sA0E-3-484BhuKJSyOkmgTlliRbO1QIQpqj2qCXqsZzhBQdncK-VbyMmkulTRaeLD9fT0y6NSByvRw_SrvOwFjjWN1lqXSF9wHk0Farx1oEBl9vFf_kpDwue4YsmTUtU-L2fPsFBrj20HluLZNn7Kh-ccC5wsl2tuMz62HWTvMsIl-SKLNf24hqLGPDEzfbYaZ2K-rZtg8pQeo81UJ2nbadfy-v_HzQfqN4XTKR5q7C_94ewE4g4Kiq5Yio9ocTc-CL5UFZbCekSKczgw2whSkd0hHsaHHe5lnmMB8zbxOWFteIt9ZYuTFE4rLYi9Hsrv0P0AViRWx44e_OJLWQG2XQWd5YVEKIdovnMpEGTSA28DD0dsWCjiVn_7X3qm_MvlA6XVhv8C3g9gmbMKXzvgMqLYLT3w_JUqH_tY94LXqAygdyOkwndHIU2J43IImQ50gUYBetvGtKOhHT8xQmDbjav54vkKJv3gc6JXQ9zh9kfLztUjCTOcozDo2FEhbFW2bhtkE-cxA2FQLdzOKqB8VtfDgB3Z7l5VxABW8A4alBiT-R6ROCo9fXBiygJwFloK09Egmei6KCAjSriqGtwrG-M-rTGhwbOTX-xRrVLfvPMYKE2zFf7sdiM_ZKsSf9lu0N6s95h4OKTylAlepZ05-KcIH19O-P7ZJkOgDlrJva0QUTZPOL0zFlGbaJoc6LQjkCgX5n22md-UJEcozS9SLAGynd7zP9FeQ789NNhKQiv0z7LyvINhQ5lq7G5QmB3quiAN-76ryvz74QRwaJ2C_qRl75WdYmwNIrdIWInOA_-gzJj9DNfji1VXLMRc7-Bu8lZFBa5ut8ckfSEkaYfKv8Cv_dE07zMOPfe_eptLwXEYY3ggT5dzAxNA5EwV1-PxygeEU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DAE 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FC8A 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUvPiybbP6Mofnm4RvLvdloTzARTWgu_RBhrMAYvd8habCcNWRddLk1UsIZ77lzVts6Ud0DQLOx9r_0GeNFg2XZcN-SD5xiYKPcl97D49C7sMgejUUjMiU7aP5R7KyMB-ouoPlqyciFPyAFYNrHDzPWFgehX6U74ke4kk_slkmaeFGZzr6GSTdBA7leJTO65cWccCFfzUZU1wA-_oSTKVr_vSChgT-EABU35RrlyX1rrOFqvNCleHQd-fr4Ob653E_hgrS9z4mh7YvJCBpqNYm9vswtCITKxpv4dqjh3WOXBbNqMLWV_L3DDVJwTUjOZT_pyrW6FA_oAIgNMSeRQdFv-Mvzm5X3VPY0ljoH3n115OjRw2ODgu7cOJMdKMS8MjVMcZ24bO72RGQ3g8HGbVN&sai=AMfl-YTRKJm86a5sUGwMQGYKWKUXR_zRnyfjuVNSRNiCEHFrXe-16pVX2-PKGEUc3-T6lE2Pc_-DxkpEjIHzJ2k&sig=Cg0ArKJSzOCWlIJPbduvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:48:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FC8A 16 KB
12 KB 71ms
71ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb6e815c2e6d5b12040b6075404139e6ee19c510ab369cfe8a35cc293e0c71a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12077
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A74C 0
0 61ms
61ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDdXhCVF4KtjhdKp3f4OmB2lTMbR1l1X65lRW2wiNbRV4lIu9L2YuWWFGtAfznPLoVxTupJJiFN7r5R2LgzBs6nlPlUk6-rShk7euvZELX5XI5DSw3rFTmt0tDEGxRRRCdLdaG64C91xGABzcUQDvv1gaXD_rJSZeky0agj32iI-omeqFE6NFteKqwuAq9WnXolOpCjg3DmEcd1RcIfQ8Q4yN_YFtMGljfpZVdWQNakLVTZ_JXvhvye1FRf69OJzFLqk-Q9NHwe62PFaKk12g2d_6mlzVkZVt1CloB1w8nRJMzc0UInqaXpB67hMFBkR465Xd4bq3VkEecxXEYVblF7FY5sN2IGMCVv0zWK62YUIFvbHD28Uu-jd4Tyw2fqA7RCvY6DDDgkJBDnQwfmi-9y5olHfirVYtclmFSBHaUSC_-JdRhQ8bxwRb9nCwH6EZeLWZycozlx21LMkTI7owXHtV3PV3Ave5BjJopBe5YnCpzB_vXFuBVsQUoV7BQWtWMa0YtbHmbJBMNVw4ojNFHPay46w4mupfwTBVEO3PQs87TyiM5E2E3rhBl9fCjsUJGpLXjpHnlfHIVDrA8xCHEBM_kXV1sKpGJ9MsajN_ORvt6eNMUM31JZ8x-jICmfKkatcyICHp-NVunxaf1rsoXakl8ax0iLaijVUDVxYhP-sctFpNaGIBrTVC3pRq0Aftur0bv8YvNtCFRAgzakeyRlvxl4yr5-qLwdMZCKj3Y7-bcl7mFMOU_rKWc94T39PL2OCcvWvvOadUI5VVTNYlGt0cWWkjgSOfWNDzeqmZEgIGlh0MNtCIbTyT20pJhxj6_5g22THi-iJ7YeLEozAZ_GHD_u7sQOrRHErHj9MSur6HlXVxMoIqwcrXMcXzflkvP2yPf7XehLsD-Ley0_L2Cj-cIMBYUKUIqRqryfVgPvwqEsHgxOmrC0IVYm4d4dt5N7oy5yi8JdwXnx2iHKwttKa0PZsglSQGMudPCF06kUmQSUbnbyCmpRqHAobxiGQJhFF5RPcPg5B2bLnHUNwJ9qi7tmwu35eXJHgbLwsR3NeJRPZRbjyvhDaqvG-G4mbNuE4jkx6qgmfUDcZm8HAbmKNRgSszRKjYM_Qq17O7Da0LipSsnCOvCAz7GYQDK7PhBj4UxfgtoehcWCgHA4rr8PXr9iEK7YOijWeEi0JhrcnkZhZvcbPgnLgXSHH9VMnYG1Fv1ccXuuZiPz4vmLuC5gbBlKD-O6oI9dsujjwlrtV4XUs0a137TUyd2DyqH2lTSUTEZXmYtbfmfHxg7NF9MVVHrRmZE8FbOkvg8htigTYXXgYA5-q_xyYqOc_YOccTjWIRQC2g&sai=AMfl-YTGp0x0iEzmRZLRNc0N4l-MyTu6JoWGCBmN2DBtqq5zefGQb_z1-nNIdHVhLSxglgJrQpCP4GDDKQ-FP0DyTIdgCwvORcSkhY61S_VF12npYTp-xDsuBs116jb2FETD98B2AoKvsCXZv72A4KW2uxiaEAkXGNLHk13bxILGulS9R9gw7yKYJE4TsG86_tO6vceGkekhUs8Z&sig=Cg0ArKJSzNx7yO9HpZt4EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=148&vt=11&dtpt=91&dett=3&cstd=145&cisv=r20231207.11803&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9773374219424694350/ Frame C553 87 KB
23 KB 24ms
24ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a37bc11fdf609de932d79f7d0441cb76c4bd54e1f51b2e36b1d4c890dc610754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 85098
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23552
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:09:56 GMT
expires: Wed, 18 Dec 2024 09:09:56 GMT
last-modified: Fri, 01 Dec 2023 12:49:40 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 937F 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssPyRGlhGVHe7_J9UrmT04SYd-8AUS9cKDMY3HmN0JRzTgsEs2n21lRow64EzxiS_52roLpW5sDLir6Iux6nhXJkMtvFtWPtdKmOflY9VoeAoQSvFOuDT-CemgLxLKUEMGodqgQoBh-rA_BI-YdYOb0XXL_AvVuH1HqOpk-y9xDrIDk6DZQ9NbKLxwIfKlifu5uapIY-gOtr1BcT0wKD0WEteTPjJ103PSkzk3BtChwc6NFe6axBPebuJWdClHdOtC3Xys0AL-fgc-Cu8xRbLOVkomHPirBxh86KR8mTr5I1dZt80W56zw5zlrQ-sNItTgzFCo34n-q4m7Zm6mOkHDMHMc8KKHROLt_QcUghw5-dmqv0qnMGoKV1f9l3nQy_3VFd-CjWICnIbp1cla-CuX&sai=AMfl-YTfTt2OpouF5LXKzcmQSDq31d2dOW96X6AzeQv_jSLoOO7NeHm7gWS6TGFDrntGFS0RULAyhe-yqG7DKwI&sig=Cg0ArKJSzLajp7qaaa_REAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 08:48:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 937F 16 KB
12 KB 71ms
71ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

656c3f9db8e1508452eb926a76cb970c9140049d313d6769a37e225031c3aa15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12189
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AFCF 0
0 61ms
61ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7o45Ol6hVx7Ej0RGrSIjoook5z3hDdROhHgLNjNVqWxPiquQDRC0uZBLPSyQYEfqLv0j0n8VmocJ1CZlwSjFaOHhNtZihgkszirBkp89YssBNzpjOtti0XgoVM1X4x_bo1pqCZYqt6q0KoqKpyyzADzActsKL7ar5p1aIt6zjmgsOCju2dWoaSmC9eok6pL2L97WWE99XZn7Bjru7XrbPCiVcc94a-x63o6ycKNo37Z6HhO6GN1ll29Dn9d6zfZap_sGJddKeFe1cZGhXvis4f5A1d7aWHBaOsmJzvAr_aJYs2lVk_i6w_H8CIJ-5clNo6NDYO2Ajg0Np0hhhK-8oJB1CCt-DzKaeN1YkRkOydE99f0o0oKRjrL9MP02XjrrSbG7BgJVsfq6Noiw-85VxA2TJA6WnateRQcIkp1q6JDdc5a9ISmClxqS3eyKD_Cgxk_j8xxpEDNKrHOIUESTr3v8XU_5E_MxBfKl0wRMb-mvSRHiIWhF5skGlyH8VNWBIj107Q6bn5Oh8K9sp5ELNVN30lRk4eITXlBfwLOdvjV9-vxm_MXWpqwmnhQpyJEGsO4__4vXNUf-2P7m3gFNdoB4wdu4SajkNeUwQdym-YVsKKMrrANqTxu424jdtsphUoFFJ7ur_GT7LqqA1uTWBBadUZL4DCeFNIkBfC5vbVDFd1g6nNrn3ha2iikQ0Vv0lNeqp3ABTtKWlT8VjrrutyTThncr2ZHjT4nt4FILFQ2zudsJ96y8_MJnRJArB3XS7vQTl1xEVYhTrnSknUubE2UkjoDZtBjpwcxW7CsQOS94JH-4vB-bvNEO8Trh_zixAm6z7fjyE7jJtEDRq-RbUkZjANcgMRPKQGC6aflEqOpE1RHwB_hpeKA8_6iGn9t9oD4bvXOAC0tfYEAr8Xwb__Lb9YfOe8pvua4TSep6t0PwsRIJK3DNksw-i6Dg-cJDnE9RL_9R_ne5QzZELvdSIQYTZsGxFi63hyZ8gJT79WJff5UDyOzOdgnQLsTaT45586dQzx7Yi2ek1xFemHWVybuP5R_5nrUQeWs6aldGhwMlfBr5SgaRpIbq8GfOktWZl_JMw3uh1Diq8-zPDw6jGuIUxC7nhHzePUD0xpBD4mrZK0lO6BuivXzxyK0hSOIfDPb9uxznicYEDoXRZ8W4KYLmVrfqZBednKDaX4SgEopR_e_nxqo9rxY6-2GZaW6RcLzv0KuWtNNm163asx4cHi4WBeaWIxQ-O88BBedwydR8Ts8ZGtvtGZUyp2_pipp_PM3AumugiQBcMgbALpIPElOpGk1_Nsreo9jTyiMnY22ZG80Fa1b0gX13ZVgBzdX4x63yB5uAKD0QNTAUt-2dHUP8&sai=AMfl-YS2sEzUsjd4JyzlOHYB71nIZR_yWpmXR8COAgO7vYrYvIKCS10fY-sf6APS076Zsr6mCbilJRfIGBddlSj_yvZXwaCYkQTEAM4adgzqx2PTdSvSjKWzUdgbNA5h6_yUL_vWTZD5Rc1S6cibX05AOzu-3B56ij4Tz-O9UK5rjdNS23kIKOMKdnkzJ8y-M3ah-SDfPLzFMwJg&sig=Cg0ArKJSzC1wEPdcHUK-EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=278&vt=11&dtpt=136&dett=3&cstd=276&cisv=r20231207.38036&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiudoutaishanjungle_no_ouja_taa-chanyueyu-dehongzhengye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9773374219424694350/ Frame 84B9 87 KB
23 KB 23ms
23ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a37bc11fdf609de932d79f7d0441cb76c4bd54e1f51b2e36b1d4c890dc610754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 85098
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23552
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:09:56 GMT
expires: Wed, 18 Dec 2024 09:09:56 GMT
last-modified: Fri, 01 Dec 2023 12:49:40 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 kv.jpg
s0.2mdn.net/sadbundle/9773374219424694350/ Frame C553 21 KB
21 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9773374219424694350/kv.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f67cb877811eb338cec8579133def07c3c9596be6bb25f5bc3b72dbbdc166da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:02:53 GMT
date: Tue, 19 Dec 2023 09:02:53 GMT
x-content-type-options: nosniff
age: 85521
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21561
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 12:49:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 kv.jpg
s0.2mdn.net/sadbundle/9773374219424694350/ Frame 84B9 21 KB
21 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9773374219424694350/kv.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f67cb877811eb338cec8579133def07c3c9596be6bb25f5bc3b72dbbdc166da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:02:53 GMT
date: Tue, 19 Dec 2023 09:02:53 GMT
x-content-type-options: nosniff
age: 85521
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21561
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 12:49:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DAE 0
22 B 60ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BrgVYTaqCZfaYLJChjuwPvtyzqAEAAAAAOAHgBAI&bg=!GRqlGlXNAAY3kmNgF5I7ADQBe5WfOMc9I2zYEwmWBwN1JBu4cdv08IC0oifzRkOC1Z8zHuCYiNtYdMD9AOWR1oUNvlAXAgAAAD9SAAAAAWgBB5kDK0l3RUB5kFtu_4Qt8-IGFirDaVYZ1K798VDXjuvchieLuHdg2DNrlUcsOuEp0a-utjbHUUlYAS_RmHDl_UBNWN4MOvpZa-55-6At7BN3RkPVCFV3-2BkSaDyrpJusXtc9p5hfQV_FE9x6O_wM-VR7e3buXd2_AJrphW8rLHzFyDcgz38wQoCixqqB0KvNsMsU7r3FiASYCJ0G5qhG_kN3oxOcUZpSQIVIAAwBPFNdJRV9A3GSyJiiRFixrnQplkgOJor24bZJuCJBNaXSSBcZWFCCCaC41Mk7iUvhTDNFLti1XWWg6RhSkkEAgN9Ffu2l8ltqMkuMq--jVdLDsE-MC6QRqprdQwKOQG2Qz6nSnWcAtQ9Y_cWA_MFxOJfNTQkK5DqoM9l5jyf9Ci8uf2lhPa6P3sNQYYCe69mWhl29YBXXGyc8LWN9wxegfovS27wmJqoc0pSVATXuZJ_C0NrVm5DpyCXT_0wj9eZe_RIpEyYHlsnYAsZY1aPYLN4boH8U7ZfKnIT0RueZtZL1TewvFH3L7EkBt3D2p-Vsh4TeWLd1bZt2__ZbDp4NWRWwMaQxwmW770yU7RYyetBa65hy7TyeEZs8_rIkZDwe65vs86JvxC24F5YcmnpVus9X2doCDckrjiV0AYc3Fx9W5oWOyolWhs1EGdQZZwawYKNpeTm7XQRqrkWf31RnNgnvvXubLVK7M3VVczorAIVOlMWpoa75z_GJUbCc32SPadqr_X_3no1_tSnIQOErWGdxM8jy93kPE1wzAJoMhFh4ADPGRqxNVGOrMkMgHP4DCbfpsume9SMThLEW7nS6w4PRZmwA_afw4y0JaWsbrJo2qAiDhdjDIGPHEhirUKtgIY2JO5rwaeKStL5qVzNTtrz1mWOARhiFE0FynV9u95EsHXb8HEl4pLyEVDpNGKQwMwIYVuFycV0yNGSrOieYiuKfvYebE8_AaVduFxcIPqkag-gL0YhvrWdgL6oHUIGMckG8WndDdJ5o_otpA2pljkE5nzg0EvVaZLl-2wxv9dC4GdYbwHo0FUf3Q7dkKvsXmI2x44Aa2CTIfVXRLafNDI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FC8A 17 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 08:48:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 937F 17 KB
6 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 08:48:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1B2F 0
0 61ms
60ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=214877230266804&bg=!p6SlpOvNAAY3kmNgF5I7ADQBe5WfOL49sCA208lrnSNXrBOzfDCTetHaYvs0ffThoZUtvxqgW-ioCHmFx9eKto44fEvDAgAAAG9SAAAAAmgBBwoAPelKn-WOR3NKK7j65J4kaXHLd5_3QDP54-2aGKHhGz_TG1pFYXdyLLwfzhM1Pt_1BJVLqCeyDuB1MKee5_uZAxUmly1VrfOQ3PzdRHQNiAgF-K9fDdPt3lNE3_1XvK641qD7uArTl9p3a2ZtCE_Ilp1ePsc-5GZyL_tH0pGQwPL9A7rBOuxcxj5N-VfvUTiP8_EMKVJUJyyTlza83Ka9Hm69AYdF_PWPW8DLbdM9KKfqvffHW-cV5QDyg0AVpqV-K6dapByF1l-ZVa7gaGu1O2VdIxczNPDE7nc2DGFF0BA3cOQmvEyW5Gc7T2Noocts-xvMrb39yHYS7O6nWdAO78NpyK3PWLzeYQ6yhkr1sikTtIUo8sUxdsu8n-Jj7FDZwhTsa3WJU4ELKrJTOt3i1Pd4O9_zYBjlC6fMe-oVadkXZPILqVOM3DRNnGvz3MsvZ0uQ9-BcyIZ7wPkUoJ_nXMM-0ELbeux1STg3qDUzFw9WMwESF322MbXayF4kuMT0LjGax2Ke8aKSXeOl_0Tu8f2Zvd1mnvAcUrmCwL6Oa-USLn8KGwr0A6_D2b4bGCSsOdHtqREtwGIyPHm89HKH4kxZBv4019in-UXWY4St390ylJq8OjngcmwZLVT00qQkubzqCCkAgLzUZnh6_NdaJl8_22cNKHvkD_vONyKApRz9QdrgE88YWFdA1-xfOVvMwpbnQgmzBy13AhJffiFS-xcwr9sfgkIgjCB4I4hk6MWgFB4KBYPilr_UW2RG0aB8N-xVoJaK0FNSb68fDq1tZhbWbSFE55-ciOzwHUjRZd4qADktzoGiWXhM_PmU4xSRyQim6cnLGDKXOzEYTijwCsAlmV0y46tk0kT4i340IrjS75yNtVmGNNml-KFYT4DUudyZIs9txJbgpA2TW0okR49pbLpzLO_z-9XibYI-KIhrLTVJWuFIHHsxJLFDFHFBQ1hWDk1TRL4AipoFtD7pBFJ791jPxX7fp7-YtBhGeSBnfM4JkcopMZJfcmfTnlQJOKH5B3V6hZ902ko7dR3Bm4yEZ8XDCMzp63GQJKJKZBjhBNRUVBCUYFR_Y47ezyzds5gKNQWxXx4dRU23S8narXWV0WVuG-sIASTZVp9PElTrfsI1Dx0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E022 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 85104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:09:50 GMT
expires: Wed, 18 Dec 2024 09:09:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0199 829 B
559 B 32ms
32ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

76f1245f4370f56fb26185f81afd0414b57418b0deae62b07e8b90007ae8117a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gdjC7irWFhyBdBBgtMcyQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gdjC7irWFhyBdBBgtMcyQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:14 GMT
expires: Wed, 20 Dec 2023 08:48:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E022 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0199 0
0 57ms
56ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1991615938030577&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA5A 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 85104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:09:50 GMT
expires: Wed, 18 Dec 2024 09:09:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7AD1 829 B
561 B 33ms
32ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7964fa9fc6a24588f9695ba21d269a0dcfc290d5a43c6b908cbf6f43075520a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sX8qzqlPZa9GQZ_5chgKfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sX8qzqlPZa9GQZ_5chgKfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:48:14 GMT
expires: Wed, 20 Dec 2023 08:48:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2FB2 0
0 61ms
61ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4292321931000850&bg=!PzylPHPNAAY3kmNgF5I7ADQBe5WfOKiFMRdnJA8wP5NTzTHF8Hj54CF_UMU1l_14slrJ6oku0f8paheuPqyo8bYCrTY_AgAAAENSAAAAA2gBB5kDFMUrSAEpRkVIfemZCU5bSVoT7jHcxWC39sI0UfSvfgKQdIP4qaVPZdN3WZ9522ATTZFcDW3NQ2e2R__F3vfe5SJGL3quvUugWhZJInjIGq0A5AJL8T9dhan8BVHkiWRKc9SSStCPgw-he7jIkgS7TAmBEd9pD0C7UjezkgzBXAdPq-ZpPzLkEYPwYR00nt19fal6BTTZZ-ZXfiWcrfhvMziVhKoSF7z6BJ1cxCLKJwIfutUbd9LO2tCZ9RBfwkNe3Yei9JGbAyjAldLEEoXY5C6MRZAFLXHZk8u0EyqgyQCu_DSI5E6kiMgjg4-9_1IHkSvlWQM-D282_nPE-c3XABvxQU70yfTVy3RIvt1NpcGGZsVdtpd_Qa5QNRWTKZZDoAqLxOfRCjMCc2NAXXPAv2LyriGi-uOMx-f3sUIYAWBusyt7XTdZJZyZGQurCzYZ_BNEArIn-JPcWsTW83kuTF7w2X4sH0XWWKULRD_6w6fADD8EU9VIWCWqDu7buIkO4SVcV3cyHjBiKlH320TQp24x4LNcBlh924X6KJpE8Ps7v5kh_sAb75yF04zd6vXZYnd9XPS0O3ZMyJ8HVnZpz6zpPKflMEGPMDCkBaWvxcBgiYAlmwHt7OOMN6xDcx-Al5eF9nd-xowM3VrEm74o16bowybVEq5deYXY4YZubW2NjlxuXASXFL4WFssjoyAFWkiNW2GQ6dBPy6nIwMZW6S0ui2raspHp-X4YY2kzqh0qtNbwL4MQtYx-BQysgOzIPtUL2Hx50ppw5IX6zDgVzEJ3VaxqpYfiKyjXULR7sgaLcopgGsHgHlCeBnwhu7P88qLXUmdIXEjg43zUIL8F5XYrYi1lHup4-8H5CZT7BHc0xitDzsETvScBb8678fJtz0EL7MphNrOefZ0tE1Gbn3kGCoSX0t3NGU-NsZwq_XzPfEmz_Eu7U4hUj8MD04Lg0lwapcsCEVlUhC4dOWYUfQDbobp9ua6cSp9bwyK13Df0Wei34ilAhY4Lpu9XDJvAfMaYIWz7iqzVPB658GQPFO0tYleu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C08E 0
0 59ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2366372167273743&bg=!6uml6abNAAY3kmNgF5I7ADQBe5WfOByczZbMVtQfrbRJBI1umKA4NHJbB0yQDIL8ios9V5LWYPo3vSaC2GTjVYs-Zr94AgAAAD9SAAAAA2gBBwoAUmcRv6Dvo-XZaxBR-Ct7d4OvSaQEwJucAqB4hDb6NA26tvVyaemA2I2DFYnPc0caHeMCmxlAfZizoa9buvbvh9wtUgnLu6HkGPSK4aZ7nsIkpqGZAwNfwMkyc6ZAwntrkpKgMseh7BzkblsFtKdwaO1sUTUEyibHBja0UhQLboQpimstJzbDUBjJ3rX27qArbL9XZsLgredUnWX9_WjKrte69vREt_gos-5veuEqnuUNie1LKY3NGSX3B4wRfuGhCOgNcszf7S2ihTLpS3k8yc9uv-P924YZbjsS2fznCYxgbSs0su0UXJpHXP5Uq09WUfubKv-pi77T9BfI2Za2apLz4Zy7WvQJwX0IZrVrZ2HXu_l7W8D0a78_pdD8KHIEPEGIU9VVqSZmpEvOJm4fjWOtS_ZIwp16w3LrsHowhU9S5NL_KBqLebgqRAOqN6a8EBpflycZbWqFq4mZbg2CMmz4IAnhR1MXyi_7e0yo764_jJZwBbDnBeuVgb6cKbfUYHWAoZO06hcE-ee8qHtEhCmSJsHKnvjEQpN4MEHToQZNtGK7NXyInDxjEEnJh5huJkFBsYywkm70RnANrv9B4Kch2ZA7fuot13gPFqjgOVl1VXltIU70PAk9iH_hi4JoYmabOwBPgd28p6wxCXWyv4o_yQjqSr7Jirh5nnS40gwE_hpu5z1-pxvRpNt0QjcBl7d3kEdioD9y7rgNd-UA29FuJv2akyxe80DqtoY4w3tsgjbVoMO7Vc57J9GY6_UAwiJBbCiYunTDf_bEGgdU8qMJIzIJ6QtFaAswj-Z3sBIDrlPkSEXJfS9MOq-2eHWSdPa_XcEEFku9oNdCBBxZzWMAzFyjPONclC8CIOGVy5TAbdUu9pIle3vpwQmXI4T6QoFdx-GVPpIoLMevQEjUggqNbgLoMBol_yfku9Zw67zIET4YjUJFgqChj0uW0BtVlJ0jPhKDWBGtT-8xFjaAuO4C8cORAYNOzTUbDdiCBVeLy3PFB6MdKyaccYS6kQ-9X72KCzKI_eetZC-syq0rCV3O03CwMsv0FV6KuArUUbLKNgUijnWqQXE1FpQok7WX5GMV8KJUmRkdPI0S1ai3i0W1RYPt5BzGDebMhWcxKZSoTFNXgVB_1I0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E022 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3X5SVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FA5A 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7AD1 0
0 57ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3968148918169647&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FA5A 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sEkxmw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:48:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FC8A 0
0 59ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1991615938030577&bg=!ra6lruHNAAY3kmNgF5I7ADQBe5WfODQh62AhExRmSg9lYDOrLRJBqLGt1FOyumpj28e1cRyKqFtJZ3gc6MzBM81vCF46AgAAAEBSAAAAA2gBB5kDF9-q86mRVeU5UVKbK7aWhIDGfKMMgVcxV5uQeySbAIGluswfkPoiL9dJg2tuO_DBA3WDX47wJWSv6J35TO5gqfus9yhU5I_kYeMETce_UCjgqq0jJvN0vaCnj4TdEDIz1iRB0YR3kR4f9uopJ__bJy3KAZwTBY9pqKPiLwbryYmUmCMacS_dQsT7xTpPFj-gJAlYFWYqgUUMoFasRHmKxTg6Trbe61YXwc44FeGTP22FS56QEwr8feRQlKhRD5ILf0xvFPLlDRhGA0NNj05P5aWe4XlhLKpncjVL2KXmL6Jesv-Jg1IPrTXqfxDyvCoBjMTY33jzcLiEDm7JCPrHLiBnAbmZ_nuuTuPUkpcWfDX9Uavyh8LMoNkfzqDliDX4kHGQve2SgZNU8RHdNk8He0glj4f3qGyPTdiAH1fSEWMCjszdcqDmeCEGADbbbhESHBFbO2j7hDdFuyAy7YAKcSYqyLP0oteT7-5nHVTbFuHLoy1mwEumiW78ZFYSBNpxWI3xX5KfW4MXxL0jj5HnSztiZwTKVL8JCLQg2GBtenoPfIPG80gFcyNgf73-GjdAG_qJTInoP72lC1PY9MuEga16bJDC-24LXksrneqD1V2keoHPH8jxO51j6BY-S7a2q3y2Wea1u6ziPWqif8xXC_y7V5655xryo2g6DAlLgTbeOw-GTxOT2pOw2bt_L-EXPjIsPNWuN2tpLJuXg29dHJnvZ0HBvWsOFAlh_X71Be-yOFQfVk5qQGWXQCAAXO9a-QOO-CpFZINYjY--Wwk_sbSeIe1BesL_NxA8SacT01qoVRDiqWdBv70ORIVY46cA1UP9nte73Pq8V9FUayZEJquxA9GY9eE6LeTikWFVNaGumhf5AypPZ3EK-Ribi3wWdQs9xTHQpA4SUFHlphbmVjCSqG4b3cquxAQ2eNSiYekWKLboB3VGrcjl-FrvpFneOkQglL-DxrvXqlO3lCk-IN1B-l5jgG1aTZ-P0kin6lixJYO6CYk67JjH0ol2Q-Ehx5ZuS62Ez7zLOnxSrMAC37Ya4WWaLPVD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 937F 0
0 59ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3968148918169647&bg=!V1SlVBvNAAY3kmNgF5I7ADQBe5WfOOPIUt1GyA2pKL_wIMo0RWNdZF5hpJE2VLSdfB-cL_Pxqo1EzR28zMF6te5rU0c1AgAAADFSAAAAAmgBB5kDAhMVEq8z02ryHJ2IAzP_dpkFYblMY53hZH6Zucard6OFMuywcmvmZoPQzez5T_28B1ZFpcnu61rkyN1UH8hP7h9NKhqnIwuIgEKrORnMx7swDeh2ALdwM9Y4sbSlbDvcbgNkJmc4T_06ZE4eSjHubwBxsU9ldtSW__KArZcr_9kzdbXRHDiD-PmsS28ItAurCrSbp4iAeI-weefSHRHPz4E0yUCctIOmNxWv-BUATjvf9rmBWjTj0ord_M1h5DgXxxeevIVmOVI4zoxr5teXv55O4YjNYhrhg77WwSqBaWvS2btxoghHJ_I9xveUKlqIrgR28qIF5s7ojVXUqRn9abKPoCYlfju9cbwoX7vBZzniRI7t4ItxeQL4_bwOG4bVAzZb5Ql4wqIp3qiiFQXVqSc2akJk34w6NZree6P6YyyRhW3jt4AjFjT7-pknQTnO_LWcghPMDw_m6a3pHpjlwtDzOGzcLHQJRrehiHptGitOlpsLA3C3cx0hYLbg2HUuGN2gamrc8uE6l4vfdG5qAgLnB93G3_LIPgxtaqe2HafgZMYNCBAPb5H2Whgo_DTx-408nAdYyz1UPUtKRwsRf5kpshF1oXQQ1Y92caeiNfMmMwGFsmCKHrNyH5i6mfSr_bkxOZ6DDT0CJvLHHjhu4sVopOc0BUIzqima3GdPbarKBqT6UmL7u0zemQJwdc1dWQofZze6ju5Z749p1uDka4Luh4KmXTxL--R7Vesx5ScAUA830iQc-KiGzZOhJUwNQTnFIkVK4oMtY6MY5DAoXc0ysARiXE7DIofzS5e5YJptGbHNLkqrHQ_phtp5Fhgw_kUiPWthU2lzoqpz0SBZLxfMmX-iRER9PEhEze2IDWoF_utBa0Zvu8Sgn7PYwCCjk73y-uYd1D4bXCIBPElqQf1HkGEYP2Oxg_RinEiM-V5_iYuxm2Mc0hz8VbkNoefvgqYZege_CMg7BNRyzDDuy_1fI7yTaMrL1SLbmbQhdeDJahp-_ChEY6HUnO0BNXNuwStB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A74C 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNuBYa4z3Hw58Y9pZTtpTHz7kEr2Y3n6gmIkAeihPzFxUwmsxUBh86uOQ2vqs07_jNj8yDxKUxgPs_Hj7gkCxWoOxygp3Vl92ljSVvCpN-lIxhVpIZipxR7yXhBQgbdqW5SEaiK4rcvGY&sai=AMfl-YQDnljIvyusqM45kd29z_gDEWkBR4nP7wZuCGiMRKtzcwePjjkyFY-1s9ZuGK_k2bBcpQlv30FFfxoGKxhxqHg50oAfA_g7QlE&sig=Cg0ArKJSzNG4j3mq-DHlEAE&cid=CAQSKQAvHhf_Plxfjh0GmaetEYVz0tx-exbHLvk7SvmOlKBI4ThwVoNYZ8K1GAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703062092877&rpt=1041&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A74C 0
22 B 57ms
57ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1855876140655&version=m202309260101&ct=119&x=1&cor=1837727128893538300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC8A 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY7Kpz34iEQNzu7Rt9tq4dubOWd9H7fqYzh5s6mISLcliRy2ofmqWmul2M2PO0qnZ7KmPp9mnq7UZ2IORej_RB39Xp5hHO9gvv4xs9WlyDLycnHyVThuHs5wIgmTLb-9e4xCbEZ8jT4BJn6C5umK6I6g-r&sig=Cg0ArKJSzN6_0IXTvDwqEAE&id=lidar2&mcvt=1004&p=0,0,90,728&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703062092149&rpt=1897&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFCF 0
22 B 57ms
57ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8112323597348&version=m202309260101&ct=119&x=1&cor=15361216482400518000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 08:48:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 02:40:22	Name: is_unique Value: sc12916097.1703062090.0
.statcounter.com/	1970-01-21 02:40:22	Name: is_visitor_unique Value: 1703062090139379193
.xgcartoon.com/	1970-01-21 01:49:58	Name: _ga Value: amp-HY6C0Frs5MVVogYJqh0gRw
.doubleclick.net/	1970-01-21 02:40:22	Name: IDE Value: AHWqTUk-ehd32BcnAu9dgM5Y0ffCU7PzapXqDe4giibMBl9PxoPgen5FTt14KIDyG_w
.casalemedia.com/	1970-01-21 01:49:58	Name: CMID Value: ZYKqTS-eOlZTvyfdEYSbPQAA
.casalemedia.com/	1970-01-20 19:13:58	Name: CMPS Value: 1139
.casalemedia.com/	1970-01-20 19:13:58	Name: CMPRO Value: 1139
.quantserve.com/	1970-01-20 19:13:58	Name: d Value: EGgBCQHaKoEA
.quantserve.com/	1970-01-21 02:34:36	Name: mc Value: 6582aa4d-d706a-a08ba-6f40e
.acuityplatform.com/	1970-01-21 01:49:58	Name: auid Value: 867200920735
.acuityplatform.com/	1970-01-21 01:49:58	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRiFNFAKomGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYhTRQCqI90aGlyZFBhcnR5VXNlcklkWkNBRVNFSUl4T3QtQVhubGQ3RG1nc01UbTJ2Wfv7hnZlcnNpb27C+w=="
.simpli.fi/	1970-01-21 01:51:24	Name: suid Value: A8002717CD1543F4BA5FA3FFDB28CDD4
.teads.tv/	1970-01-21 01:48:31	Name: tt_viewer Value: 542a9922-b1b8-4e88-91e4-54e68a83e34e
.linkedin.com/	1970-01-21 01:49:58	Name: bcookie Value: "v=2&f62ef071-4c98-4c38-8730-358a780ff188"
.linkedin.com/	1970-01-20 21:23:34	Name: li_gc Value: MTswOzE3MDMwNjIwOTM7MjswMjGcXzPyEYFxrXX+Fhbom1zWiRZ5bGlNshLLWIfeBrl1uQ==
.linkedin.com/	1970-01-20 17:05:48	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2764:u=1:x=1:i=1703062093:t=1703148493:v=2:sig=AQH7jgFJ81lDhw3Sw7_FHKtYuy6cbb_a"
.ctnsnet.com/	1970-01-21 01:49:58	Name: cid_b423561c0f1143c7b3dc501c8f440960 Value: 1
.ctnsnet.com/	1970-01-21 01:49:58	Name: gid_CAESEBnOwqnzdRLoNEx1xHfaLhU Value: 1
.mediago.io/	1970-01-21 01:49:58	Name: __mguid_ Value: f34e9699379b96062veh3m00lqdj75xr
.360yield.com/	1970-01-20 19:13:58	Name: tuuid Value: 862ba044-f917-4688-aeaf-e0ba8e72d51b
.360yield.com/	1970-01-20 19:13:58	Name: tuuid_lu Value: 1703062094
.mfadsrvr.com/	1970-01-21 02:40:22	Name: tuuid Value: 16f1d4ea-c8ee-48bb-a86d-91eb3f2cc0ba
.mfadsrvr.com/	1970-01-21 02:40:22	Name: c Value: 1703062094
.mfadsrvr.com/	1970-01-21 02:40:22	Name: tuuid_lu Value: 1703062094
.mfadsrvr.com/	1970-01-21 02:40:22	Name: ssh Value: !google,1703062094
.adkernel.com/	1970-01-20 17:24:31	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 17:47:34	Name: ADKUID Value: A7228406596867756428
.go.sonobi.com/	1970-01-20 17:47:34	Name: __uis Value: dc9dc237-ee17-4508-a270-03438b15f913
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85155\|ZYKqU
.tremorhub.com/	1970-01-21 01:50:18	Name: tvid Value: 850b57c3f0674172bbe5edfc65f77f3e
.tremorhub.com/	1970-01-21 02:40:22	Name: tv_UIDF Value: CAESEOD7PuN4DHiUgfQfjvI_5l0
.tremorhub.com/	1970-01-20 17:11:34	Name: tvssa Value: 1703062094301

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3acab1b90db860f34661a3779d4ffcde.safeframe.googlesyndication.com
c.statcounter.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
dsp.adkernel.com
dsum-sec.casalemedia.com
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gtrace.mediago.io
ius.ctnsnet.com
match.360yield.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px.owneriq.net
region1.google-analytics.com
rtb.mfadsrvr.com
s0.2mdn.net
securepubads.g.doubleclick.net
static-a.xgcartoon.com
sync.go.sonobi.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
www.google.com
www.googletagservices.com
www.temu.com
www.xgcartoon.com
104.20.95.138
142.250.181.226
142.250.184.226
154.59.122.79
169.150.222.217
172.64.151.101
174.137.133.49
2.16.97.41
20.123.110.224
2001:4860:4802:34::36
23.197.126.41
2600:1f18:612b:4232:a102:620e:4cbd:9b41
2606:4700:20::ac43:47bf
2607:f350:3:2569:0:10:0:c
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
3.126.241.220
34.91.62.186
35.186.193.173
35.214.168.80
54.76.229.46
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
027ce42ba2345bf5661a75797efa5d9aeb2d6cf8e5d850df86c18f0037429ba3
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0980710eec750d23efdab8ccc9eb5c98fb66bf99e93c30978fc24b0620a52f28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf650504545a55a22d26d38ba25af60a1436e5728e7c5d81d457bdca7441eee
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f2287774fe64b73cc95fec5f8bea6eec5909d15cb607e670b9e7fdf6ba837b2
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
280f86e83ea844dbbfe5e316c689b431c050183c9f9e8d4750110fee32cbd725
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2d6292129cbbdd4c83ae0d2c15bcc28c493695433a77542b78a34c72af6e3c57
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2e80169ae5fcf9cb8c3dff6c4f00eb135c688f11614710f1cb4060cf048aa247
2eb41276f8c9a27aed86c57d745ca966fd54559cfce736e7c6a7ffa7f923d5d6
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30b0ad712342f020589f8b282ca1c6211c67e522b2d26874d8993b2c95d966f3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a217db3562157c597d346224fb666a4947ba2d16b96a4f5f612f3695062938
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
44ad0f8b3d99d65bff9c05f3a82451e73ada8a360d9f83c9525c0de9e6183455
4686fd58f7a38dd4c62b17e69f74034cefb50698c500487aa3359cc874c50f24
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4944203b6651989334f02e1ba64dedc3b89692b19c39d341eeb07859b37c365e
4f67cb877811eb338cec8579133def07c3c9596be6bb25f5bc3b72dbbdc166da
55008e654cf24202a02fe1e995569131cf9bcb74547744356d229ee2b9453c30
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5f71cf43d2c7f291d9b1bbf3d41aba7b86834718cefcc173a2407ff7dc7e4b37
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c76ebda0a5b3aefb5a39cb19efb4478cae42e1b252baf8057cd60e362d1deb
62d5ea40a6b5f35d6e00fc0d319fb30e068b819f2044f04bcad39b78cec2b1b4
656c3f9db8e1508452eb926a76cb970c9140049d313d6769a37e225031c3aa15
67ffe8e08c06406966a513a3814b705f977be63c813a60aa818da539276e2eb6
698bcb134accc02c2a6d8ea90c2bb1eed8ac90ebbd55ddb99441cf9898c99733
6b133c44d167478c2d73a749214437735f22d91fd96d14f78963c0a00c53b2b7
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6f3ce8299111dfb28b94795f659e05cca5a494e08c89b31c332d2ec400483ab1
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7650b6e971bcad082c998b14492aa12905d8f38b1bae482240ad3913b5ca8461
76f1245f4370f56fb26185f81afd0414b57418b0deae62b07e8b90007ae8117a
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
805d705fb98484a9d3f77eaebf83d7489fd1ddfba6f663f60184cedce7c91d58
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8a29e3e3d701d573b26bfeab8aea062f691b80e5dfa14bdb8590d4676e7dde1f
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
9362dc45cd1f26c6dea5f05f08f3b26d8cc3ee5249a031a5d75de55fa172e1f3
9537a238fae43eae49b9680c59f1cd5d4d326fb6be77e78748a0c54c2b519b7b
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
99189ffdffefa9d1ead94b1b69695413a571594d96dc307d76179932c973d462
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c206ab4c5bcc0e01acd9845af17416822ff9e33a9c660d310ba4f9aeebc8801
9ecba293bbe768ad2ed68b2ebf4c8005b461ec9931529b164ecdd24b95c4eb1c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a344ec333ff611306143c2882d086dbee1c5a7cdfa56353a66d3a92433b12cfd
a37bc11fdf609de932d79f7d0441cb76c4bd54e1f51b2e36b1d4c890dc610754
a3a896cfc7bc6654f2d59b53bf42e1902a57449870561fded7c856008bbb0186
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
af9e7afc14e7b8e0c9eddf36c736af5287dafb307b2734709bec7cec2b8d54b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
d7964fa9fc6a24588f9695ba21d269a0dcfc290d5a43c6b908cbf6f43075520a
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e0bf960d4966534c32afe89b32d9cfad4ca0d0bae39461cdde61f54aa6a80c89
e0fb85ae75acb3d64c6228059ba66a899a7844a7a04fa9878c4b73415805f612
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20820ed9eac162c0335a48affb7b2e67cded868f83df1335eb18909e323a4da
f6b82301d7d299e91943a7623ec5642cc219c75fc8409db48b63f285d0f12ebc
fb6e815c2e6d5b12040b6075404139e6ee19c510ab369cfe8a35cc293e0c71a7

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

188 Requests

91 %HTTPS

48 %IPv6

24 Domains

30 Subdomains

19 IPs

6 Countries

2952 kBTransfer

7707 kBSize

32 Cookies

1 Outgoing links

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

91 %
HTTPS

48 %
IPv6

24
Domains

30
Subdomains

19
IPs

6
Countries

2952 kB
Transfer

7707 kB
Size

32
Cookies

188 HTTP transactions
13 data transactions