noveltoon.mobi Open in urlscan Pro
8.214.4.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://noveltoon.mobi/es/watch/1351248/1449262
Submission: On June 05 via manual (June 5th 2023, 2:14:10 pm UTC) — Scanned from SG

Summary HTTP 118 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 27 domains to perform 118 HTTP transactions. The main IP is 8.214.4.44, located in Singapore and belongs to . The main domain is noveltoon.mobi. The Cisco Umbrella rank of the primary domain is 141800.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on August 4th 2022. Valid for: a year.

This is the only time noveltoon.mobi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	8.214.4.44 8.214.4.44	() ()
1	2404:6800:400... 2404:6800:4003:c11::5f	() ()
1	2404:6800:400... 2404:6800:4003:c04::61	() ()
22	2404:6800:400... 2404:6800:4003:c11::9a	() ()
1	13.227.254.16 13.227.254.16	() ()
1	2404:6800:400... 2404:6800:4003:c03::84	() ()
2 2	2a03:2880:f00... 2a03:2880:f00c:310:face:b00c:0:2	() ()
2	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	() ()
1	2606:4700::68... 2606:4700::6812:40f	() ()
1	2602:ffe4:c45... 2602:ffe4:c45:0:3::3fd	() ()
3	8.219.57.104 8.219.57.104	() ()
1	2404:6800:400... 2404:6800:4003:c11::9c	() ()
1	2404:6800:400... 2404:6800:4003:c05::65	() ()
3	2404:6800:400... 2404:6800:4003:c03::9d	() ()
2	2404:6800:400... 2404:6800:4003:c05::9c	() ()
1	2404:6800:400... 2404:6800:4003:c0f::5f	() ()
11	2404:6800:400... 2404:6800:4003:c06::84	() ()
3	2404:6800:400... 2404:6800:4003:c04::9d	() ()
1	2404:6800:400... 2404:6800:4003:c02::5e	() ()
1	182.161.74.13 182.161.74.13	() ()
3	2406:2600:4::13 2406:2600:4::13	() ()
5	2406:2600:7:1... 2406:2600:7:100::1f	() ()
2	2406:2600:7:1... 2406:2600:7:100::15	() ()
16	2406:2600:7:1... 2406:2600:7:100::1	() ()
2	182.161.73.132 182.161.73.132	() ()
2	2404:6800:400... 2404:6800:4003:c01::67	() ()
5	2406:2600:7:1... 2406:2600:7:100::f	() ()
1 1	34.124.209.251 34.124.209.251	() ()
3 8	142.251.10.155 142.251.10.155	() ()
2 2	35.71.131.137 35.71.131.137	() ()
2 2	35.213.12.39 35.213.12.39	() ()
1 1	185.196.197.130 185.196.197.130	() ()
1	183.79.248.252 183.79.248.252	() ()
2 3	2a02:6b8::90 2a02:6b8::90	() ()
3 3	188.42.105.236 188.42.105.236	() ()
1	2404:6800:400... 2404:6800:4003:c11::95	() ()
1	2606:4700::68... 2606:4700::6811:180e	() ()
2	2404:6800:400... 2404:6800:4003:c01::5e	() ()
118	33

15 8.214.4.44 (Singapore)

ASN- ()

noveltoon.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::5f (Singapore)

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::61 (Singapore)

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2404:6800:4003:c11::9a (Singapore)

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.254.16 (United States)

ASN- ()

cn-e-pic.mangatoon.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c03::84 (Singapore)

ASN- ()

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:310:face:b00c:0:2 (Singapore) 2 redirects

ASN- ()

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN- ()

platform-lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:40f (United States)

ASN- ()

cn.e.pic.mangatoon.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:ffe4:c45:0:3::3fd (United States)

ASN- ()

at.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.219.57.104 (Singapore)

ASN- ()

sg.mangatoon.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::9c (Singapore)

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::65 (Singapore)

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c03::9d (Singapore)

ASN- ()

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c05::9c (Singapore)

ASN- ()

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::5f (Singapore)

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c06::84 (Singapore)

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c04::9d (Singapore)

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::5e (Singapore)

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.13 (Singapore)

ASN- ()

cat.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:2600:4::13 (Japan)

ASN- ()

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2406:2600:7:100::1f (Japan)

ASN- ()

imageproxy.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::15 (Japan)

ASN- ()

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2406:2600:7:100::1 (Japan)

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.132 (Singapore)

ASN- ()

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::67 (Singapore)

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2406:2600:7:100::f (Japan)

ASN- ()

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.124.209.251 (Singapore) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.10.155 (United States) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.196.197.130 (Amsterdam, Netherlands) 1 redirects

ASN- ()

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.79.248.252 (Japan)

ASN- ()

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.236 (Luxembourg) 3 redirects

ASN- ()

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::95 (Singapore)

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::5e (Singapore)

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	criteo.net imageproxy.as.criteo.net — Cisco Umbrella Rank: 13485 static.criteo.net — Cisco Umbrella Rank: 569 csm.as.criteo.net — Cisco Umbrella Rank: 12494	368 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	291 KB
18	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	67 KB
15	noveltoon.mobi noveltoon.mobi — Cisco Umbrella Rank: 141800	139 KB
8	criteo.com cat.jp2.as.criteo.com — Cisco Umbrella Rank: 33630 rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 16776 ads.as.criteo.com — Cisco Umbrella Rank: 12306 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 12330	70 KB
5	mangatoon.mobi cn-e-pic.mangatoon.mobi — Cisco Umbrella Rank: 303262 cn.e.pic.mangatoon.mobi — Cisco Umbrella Rank: 97316 sg.mangatoon.mobi — Cisco Umbrella Rank: 78586	20 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	2 KB
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 24036	1 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 4027	957 B
3	gstatic.com www.gstatic.com fonts.gstatic.com	45 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	160 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 340	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 365	1 KB
2	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 20945	696 B
2	fbsbx.com platform-lookaside.fbsbx.com — Cisco Umbrella Rank: 3997	46 KB
2	facebook.com 2 redirects graph.facebook.com — Cisco Umbrella Rank: 124	712 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 398 fonts.googleapis.com — Cisco Umbrella Rank: 66	32 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	5 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	489 B
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 3699	624 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 8857	293 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 870	716 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1056	607 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	253 B
1	alicdn.com at.alicdn.com — Cisco Umbrella Rank: 11176	63 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 93	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	79 KB
118	27

	Domain	Requested by
16	static.criteo.net	ads.as.criteo.com cdnjs.cloudflare.com static.criteo.net
15	noveltoon.mobi	noveltoon.mobi
13	pagead2.googlesyndication.com	noveltoon.mobi pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net noveltoon.mobi pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net noveltoon.mobi
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
5	csm.as.criteo.net	ads.as.criteo.com
5	imageproxy.as.criteo.net	googleads.g.doubleclick.net ads.as.criteo.com
3	sync.gonet-ads.com	3 redirects
3	an.yandex.ru	2 redirects googleads.g.doubleclick.net
3	rtb.jp2.as.criteo.com	googleads.g.doubleclick.net noveltoon.mobi
3	www.googletagservices.com	googleads.g.doubleclick.net noveltoon.mobi
3	sg.mangatoon.mobi	ajax.googleapis.com
2	fonts.gstatic.com	fonts.googleapis.com
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	cat.sg1.as.criteo.com	ads.as.criteo.com
2	ads.as.criteo.com	noveltoon.mobi googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.com.sg	pagead2.googlesyndication.com
2	platform-lookaside.fbsbx.com	noveltoon.mobi
2	graph.facebook.com	2 redirects
1	cdnjs.cloudflare.com	ads.as.criteo.com
1	s0.2mdn.net
1	cksync.yahoo.co.jp	googleads.g.doubleclick.net
1	s.uuidksinc.net	1 redirects
1	um.simpli.fi	1 redirects
1	cat.jp2.as.criteo.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	at.alicdn.com	noveltoon.mobi
1	cn.e.pic.mangatoon.mobi	noveltoon.mobi
1	lh3.googleusercontent.com	noveltoon.mobi
1	cn-e-pic.mangatoon.mobi	noveltoon.mobi
1	www.googletagmanager.com	noveltoon.mobi
1	ajax.googleapis.com	noveltoon.mobi
118	39

This site contains links to these domains. Also see Links.

Domain
h5.mangatoon.mobi
app.adjust.io
noveltoon.vn
mangatoon.mobi
audiotoon.mobi
www.facebook.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
*.noveltoon.mobi RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-04` - `2023-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.mangatoon.mobi RapidSSL RSA CA 2018	`2022-08-24` - `2023-09-24`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
cn.e.pic.mangatoon.mobi TrustAsia TLS RSA CA	`2022-07-15` - `2023-07-18`	a year	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G2	`2022-07-22` - `2023-08-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.jp2.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-08` - `2023-08-10`	3 months	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-05` - `2023-09-03`	3 months	crt.sh
*.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-02` - `2023-08-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-03` - `2023-08-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-04-12` - `2024-05-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://noveltoon.mobi/es/watch/1351248/1449262
Frame ID: 6722CF2B8A3F3EFE11B97A8D83F93E5A
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Frame ID: 84C6F9DDC4514422B7E1A91FBB3DBFB3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&adk=1812271804&adf=3025194257&lmt=1685974435&plat=1%3A16777216%2C2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x675_l&format=0x0&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974435748&bpp=14&bdt=162&idt=105&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2918624068568&frm=20&pv=2&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=143
Frame ID: C4D4B1FA42710DFE3FD19C4F6CECC234
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=180&slotname=1970634518&adk=777955175&adf=487482768&pi=t.ma~as.1970634518&w=720&fwrn=4&lmt=1685974435&rafmt=11&format=720x180&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974435762&bpp=2&bdt=176&idt=137&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=4045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JZFuOxcNt2&p=https%3A//noveltoon.mobi&dtd=144
Frame ID: 57683DBEF3C570C33085F317CB0B4A76
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=280&adk=968387339&adf=4180891264&pi=t.aa~a.2441892535~i.12~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1685974436&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8058170659&ad_type=text_image&format=720x280&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974436190&bpp=2&bdt=604&idt=-M&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e61b7421d62e9cf-22f213f9d1e1001e%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MZWbvsSqRYCbfVfshWGEhvkI2vuBQ&gpic=UID%3D00000c0fbe2cf991%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MbDJlcR3hA_frP3Nd3EBJ_Xc3CkBw&prev_fmts=0x0%2C720x180&nras=2&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=e5a18VgJbv&p=https%3A//noveltoon.mobi&dtd=35
Frame ID: 7ECA41F7D3DA419376E700E32D438899
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=280&adk=968387339&adf=871540482&pi=t.aa~a.2441892535~i.29~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1685974436&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8058170659&ad_type=text_image&format=720x280&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974436190&bpp=1&bdt=604&idt=0&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e61b7421d62e9cf-22f213f9d1e1001e%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MZWbvsSqRYCbfVfshWGEhvkI2vuBQ&gpic=UID%3D00000c0fbe2cf991%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MbDJlcR3hA_frP3Nd3EBJ_Xc3CkBw&prev_fmts=0x0%2C720x180%2C720x280&nras=3&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=eA9ppF6lfB&p=https%3A//noveltoon.mobi&dtd=40
Frame ID: 34A40A1775C08379369FCA6A5C956EA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Frame ID: E5D0973229723CB522B9D0B45CCB54EB
Requests: 2 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZH3towAN_swKfXaYAAHix_Ut9IWyAZ1yIrBKwA&u=%7CfYl59rkPDo0hhS7mNzZvFqhIhfJBbvoIsZIdfJ%2FskrI%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcx_AYOCxtp-Ml6jxy0XjY2Z9qNXB1jB5uWHfnCr2Ef7X7YS0eFiE1NRe8BcXibHFdAPDs-bDKO2s-6p-EahUmUUABBwaMRvKBs4ImeaEXfp8zmXF01sSp22OZnw4lffmIM6gN-PCWklwPLhL1WWIz3CsQ8su8v_eT0AxH77bAau_ETUy6XUYDrvTfpd4bZpbbcadvnznFjWLKMsska6szFVbidK5AuEo4CPtFNeqEeI2ppEa9zEUephyxFl9KDinO5rh5y4usPi3a_x1uomezCFBv7qMWgq0QPcRfZr3toexZBHR6vUDMsUS4WWTKPFk1njqXZvhaBo3sblD-wRhf224q5tBkuAIcAlLmZbRjUiGiU0F-GzE9k7GUZgYByBPHH9a5Nfz0yHppK_N-lKk4jwyBHrKQeBHXBfEq5uFoPHycBpoGw3f6GtvmcU2q81o69qdfmKmObb15arvMVvNuiW7cB6YhwFD3DqJeq7QzToAKhfhrr1IVv7l94ntZhsBSHaGyrP8SrpZmhOtU4ASGbGxtT3ZB7BlXk25LJ-qgXpi4nZ95hgAaiLBcy4dlToZnw-uFuPfKagYMoV5mpze6AELCkM6lZkqdA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLKP7o-19ZMz9N5jt9QPHxYfoDL3U7rBc8K_Evn3AjbcBEAEgAGAzggEXY2EtcHViLTUzMTI0OTc5OTI2NDM5NDDIAQmoAwGqBOUBT9Ae79S2wmzXlCVh4NIpx7XH8-HuAKCMxB9srLkIJFoD_YRogDjBH7shD4pVms0g5MjVRgZlaxXVLan_MN0MFhGD6d2mUMIrQG4yZ54RhKBJNh835UgOcq6Pc45d9F-HXsLD4GGddg0uyMSTmx3RScDZNq-n338JuC5_L-sd8dOTvqk56hT9DS8PZJf_3HMtYtRWHFY7MpDArgxGZrI1DkWVLDV37aKr6P6CnfUCv9bBThigeJ2eDmo7UEYy-e11i3wBG3txqLgRp7BEMhS1if_MawsEqioAA_gKJpe3ZxwBX502YIAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0qzkaExR7EuAD6meK9aOXmiaq4RA%26client%3Dca-pub-5312497992643940%26adurl%3D
Frame ID: 4806BC00EED0FEC16919F37E747FC3EC
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Frame ID: 0768A818D43443626EE8B57FE039100D
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZH3tpAAD0ZwKKwYQAANdDes4ps3D0PKCeDGnHw&u=%7CfYl59rkPDo1lN%2FL6mt8B6Q0q%2FVI3jfoV4x%2FlCpBIJwY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgtbV9KE84jUtLrlqIVzMjPQwcCgb2k0PayHJU79CtvS55l_hEpgp1S9OiJ3vlHQhUPkr53SIn4zxdqOQbUErUgWAT2Eup8uD5rLNtR6crmpgZNNF7Xus-hRRMRzv20xE9emVjkTHvftpn1p1auDngEzi2dNokis4Ik0PBWIt-phm1FHFNQ3tFkeASsCYcsLPkgtoH5k5HKYesKvo63evy7sv4uzGqKyeZcJHQGqYUHBTeBa5V87kLcAwbr1hNHTwzve9P-Lc8Gog3WKTsFjKkG4QBkag7QBi-U5BPqr5AS_P2eTKKRCejZHJtl2Z3U_QiJ5uX3dQtJqe-IX9sFpp_knFu8jt5Ktlhz5FQyZoFG374hqUvzBb36BGy2HK4Ny9AOMmFkvTBIqj2W2uhRFaMN6MK9Sjnt6wUXZqc8430xqFxGlUFAVUwgfSGCOoTeJEpk7QE_NEDmZf4kvS7Vg4dxvbg8AmjEeYMeoQWeJvuOX22Yg3jcuWGNHnJ30tXd15mofcGiZe78MmzQ7vLcrJkX4G_dL2hl7ayU26JrIEIhRoeMrs_GcE0_m1vneP9z9AqLAwBkvze6fi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjJ0apO19ZJyjD5CMrAGNuo2gAb3U7rBc0PuM6sMBwI23ARABIABgvwWCARdjYS1wdWItNTMxMjQ5Nzk5MjY0Mzk0MMgBCagDAaoE6wFP0F2Z1djeU1YKcCSFZdk-T3KXLfSZcLu9l7YFOwinTRwgTXBGOewufyT74mg0WI_cQo421b5zOzeqVlPFj7g7Xhug9TxqUkFR4-3YJrcJuZadJebhVK9ZgXNoTEyNtDWjQXP3otqtWl0C6PpvifIag6TImgTfuwcybBRXuzEaRcBIZFjAM8JvP2eE7lSMQ6UR25xvzHp6Inlqi4IIrNdKXu6CV6x2FFoTMrSzcBOV8xWYoxNkVLlRcA3wI8VP5rwcuIXmcUOBspII2O7BXlTAPVgmmIt-ia0UnurRYBW2VqePt_JapEd1Q7T3gAbMpNGmtd2g4uQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26bpLsjsi4G-rPCreiv8bHt_YLMw%26client%3Dca-pub-5312497992643940%26adurl%3D
Frame ID: 1BBB52C4F7B419722E3F7E6E7EC94670
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 97C2D191CFB740251FDB1FF9FB274344
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FD6BBB3F6C6A5C4353CA902A5D462B95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D7F5FF8BC1FC9F943D9E15F56C20A7CD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DUEÑO DE MI CUERPO - 144 - NovelToon

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

93 %
HTTPS

68 %
IPv6

27
Domains

39
Subdomains

33
IPs

6
Countries

1392 kB
Transfer

3427 kB
Size

21
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://h5.mangatoon.mobi/pay?_language=es
Title: Comprar monedas

Search URL Search Domain Scan URL

URL: https://app.adjust.io/byn82x7_r20to5q?deep_link=noveltoon%3A%2F%2Fhome&campaign=official-web
Title: Download App

Search URL Search Domain Scan URL

URL: https://noveltoon.vn/
Title: Tiếng Việt

Search URL Search Domain Scan URL

URL: https://app.adjust.io/byn82x7_r20to5q?deep_link=noveltoon%3A%2F%2Fcontents%2Fdetail%2F1351248&campaign=official-web
Title: DESCARGA LA APP AHORA PARA SEGUIR LEYENDO NO NECESITAS MONEDAS NI PUNTOS, ES 100% GRATIS

Search URL Search Domain Scan URL

URL: https://mangatoon.mobi/es
Title: 

Search URL Search Domain Scan URL

URL: https://audiotoon.mobi/
Title: 

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Noveltoon_ES-113257227087262

Search URL Search Domain Scan URL

URL: https://www.instagram.com/noveltoon_ind/
Title: 

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCNGNmJ0TjUXQhTIK96nhBaQ
Title: 

Search URL Search Domain Scan URL

URL: https://app.adjust.io/1dn3qvp_8lsm10y?deep_link=mangatoon%3A%2F%2Fhome&campaign=official-web

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://graph.facebook.com/4311112018980471/picture?width=320&height=320 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=4311112018980471&height=320&width=320&ext=1688566435&hash=AeSGKmYTsbzvmmNcxyw

Request Chain 13

https://graph.facebook.com/3145924265645339/picture?width=320&height=320 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3145924265645339&height=320&width=320&ext=1688566435&hash=AeTT-5saOXAEQU5WccI

Request Chain 80

https://um.simpli.fi/gp_match?google_gid=CAESEOn4XP_iux9qZULrZoDYWQM&google_cver=1&google_push=ATf1kGO63v4YEToRBLwJ8BZgg41Ko5Ms5YewFuyVM63Zi-H44uzfDIBrazR4ulMpLpic1p-MLKa7L7DvPdH97Mx2d7EN5fVdtxkSgi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1E28EEA4B5974B7AB2694F694140E276&google_push=ATf1kGO63v4YEToRBLwJ8BZgg41Ko5Ms5YewFuyVM63Zi-H44uzfDIBrazR4ulMpLpic1p-MLKa7L7DvPdH97Mx2d7EN5fVdtxkSgi4

Request Chain 81

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMfxTgCmaLLhnQrvYUcBngM&google_cver=1&google_push=ATf1kGPGl9bFsdrCYWi3_o9u_Zl-VVR14vRy_fb-UEB0AoxZNR39tF1gbedaC3IZLXALWHRieaif2aOucrLxF7blWjsF75acmLM3h9M HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEMfxTgCmaLLhnQrvYUcBngM&google_cver=1&google_push=ATf1kGPGl9bFsdrCYWi3_o9u_Zl-VVR14vRy_fb-UEB0AoxZNR39tF1gbedaC3IZLXALWHRieaif2aOucrLxF7blWjsF75acmLM3h9M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTA0Mzg2ZTctM2YyNS00MzgzLTk3ZGQtMGYzNjFiNzJjNjk4&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e04386e7-3f25-4383-97dd-0f361b72c698

Request Chain 82

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEK7b8U8QjpOY0QUr9mscBw&google_cver=1&google_push=ATf1kGOovuMuWQ8oapLQ_c9rfbcW22IFrBo_ErnTn_LrtHUoLzlwmUIiCGIyer3R4zexX_7d9aodYt_c2XboUHUKjC2Bm9Vc_fzCxho HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEK7b8U8QjpOY0QUr9mscBw&google_cver=1&google_push=ATf1kGOovuMuWQ8oapLQ_c9rfbcW22IFrBo_ErnTn_LrtHUoLzlwmUIiCGIyer3R4zexX_7d9aodYt_c2XboUHUKjC2Bm9Vc_fzCxho HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOovuMuWQ8oapLQ_c9rfbcW22IFrBo_ErnTn_LrtHUoLzlwmUIiCGIyer3R4zexX_7d9aodYt_c2XboUHUKjC2Bm9Vc_fzCxho&google_hm=TBPyQwNVQ3Wql0E1louVWg==

Request Chain 83

https://s.uuidksinc.net/match/47/?remote_uid=CAESEH0RCquFrm9U2QdnLcvPpSs&c_param1=ATf1kGN8axvMULXYg0NCWUs4QDkLNA4yzrsaUyUyukGU04iySUB4E6Rlb3Go23bzuEK74LqAaNLBMyQo0tarRL3fArL_vb7-UdH5KOs&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGN8axvMULXYg0NCWUs4QDkLNA4yzrsaUyUyukGU04iySUB4E6Rlb3Go23bzuEK74LqAaNLBMyQo0tarRL3fArL_vb7-UdH5KOs

Request Chain 85

https://an.yandex.ru/mapuid/google/CAESED7jvLCZJxtDlgpBspzbh8A?ext-param=ATf1kGMWsJ7xwbbcFsieokvRABd-Uxl_YvKXc2zJif2sCSIMbBhrhWmLZUEeNtGmwDXftVKQ2MD60R_3tIkB7w4O1Z14gUKG3fMsvD2S&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESED7jvLCZJxtDlgpBspzbh8A?redir-setuniq=1&ext-param=ATf1kGMWsJ7xwbbcFsieokvRABd-Uxl_YvKXc2zJif2sCSIMbBhrhWmLZUEeNtGmwDXftVKQ2MD60R_3tIkB7w4O1Z14gUKG3fMsvD2S&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESED7jvLCZJxtDlgpBspzbh8A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 86

https://sync.gonet-ads.com/match/google?google_gid=CAESEFZ4RCA78hEmxYhG8czIi3w&google_cver=1&google_push=ATf1kGN-z9QePgc007CCx9dlNmi6gBSYI3PJGWl2xNJA04mLf4FdxalyzifpUFEcCOkrotC3e47exbnXQhRivFJ5ShLVtIp_gEaTZB2i HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEFZ4RCA78hEmxYhG8czIi3w&google_cver=1&google_push=ATf1kGN-z9QePgc007CCx9dlNmi6gBSYI3PJGWl2xNJA04mLf4FdxalyzifpUFEcCOkrotC3e47exbnXQhRivFJ5ShLVtIp_gEaTZB2i&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDhiYzM1MzRlMjc5NzRmNw&google_push=ATf1kGN-z9QePgc007CCx9dlNmi6gBSYI3PJGWl2xNJA04mLf4FdxalyzifpUFEcCOkrotC3e47exbnXQhRivFJ5ShLVtIp_gEaTZB2i HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDhiYzM1MzRlMjc5NzRmNw&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

118 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1449262 Show response
noveltoon.mobi/es/watch/1351248/ 638 KB
35 KB 247ms
148ms Document
text/html 8.214.4.44

General

Check archive.org

Show headers Download Go to

Full URL

https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

390fb5db800ca910cb3d87984fad8158dea5ddff5d96ba86e0ff58fd766b857a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 05 Jun 2023 14:13:55 GMT
x-frame-options: sameorigin

GET
H2 200 web-watch.css
noveltoon.mobi/css/ntweb/ 14 KB
4 KB 6ms
4ms Stylesheet
text/css 8.214.4.44

General

Check archive.org

Show headers Download Go to

Full URL

https://noveltoon.mobi/css/ntweb/web-watch.css?1683630200

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

a12cc324b19016ca101c3aa2a58ffdafe632b29de063a7ac71fa59911b9df8be

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2023 11:03:20 GMT
etag: W/"645a2878-39ac"
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=7776000
expires: Sun, 03 Sep 2023 14:13:55 GMT

GET
H2 200 new-h5.css
noveltoon.mobi/css/ 14 KB
4 KB 7ms
6ms Stylesheet
text/css 8.214.4.44

General

Check archive.org

Show headers Download Go to

Full URL

https://noveltoon.mobi/css/new-h5.css?1676866382

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

3083841aed22520b22bc064a57b040c2b73585a01f715ef71d796ebb9548252a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 04:13:02 GMT
etag: W/"63f2f34e-38c6"
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=7776000
expires: Sun, 03 Sep 2023 14:13:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 88 KB
31 KB 17ms
6ms Script
text/javascript 2404:6800:4003:c11::5f

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5f , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 20:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31191
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 20:43:54 GMT

GET
H2 200 style.css
noveltoon.mobi/css/ 7 KB
2 KB 6ms
5ms Stylesheet
text/css 8.214.4.44

General

Check archive.org

Show headers Download Go to

Full URL

https://noveltoon.mobi/css/style.css

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

fe116d39762e7bd9b1016b35d136cc1972192b3055a1753cf0258cb03cd6129b

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 13:37:49 GMT
etag: W/"62b0782d-1b49"
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=7776000
expires: Sun, 03 Sep 2023 14:13:55 GMT

GET
H2 200 banner-scroll.js Show response
noveltoon.mobi/js/ 5 KB
2 KB 7ms
6ms Script
application/javascript 8.214.4.44

General

Check archive.org

Show headers Download Go to

Full URL

https://noveltoon.mobi/js/banner-scroll.js?2

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

254411e9736034009d87f293afad28c8be62581b16025f8399b725f66d90b351

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 04:13:02 GMT
etag: W/"63f2f34e-1269"
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=7776000
expires: Sun, 03 Sep 2023 14:13:55 GMT

GET
H2 200 official-web-event-report.js Show response
noveltoon.mobi/js/ 3 KB
1 KB 8ms
7ms Script
application/javascript 8.214.4.44

General

Check archive.org

Show headers Download Go to

Full URL

https://noveltoon.mobi/js/official-web-event-report.js?3

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

aa7df0c5b86ce3cd02f68a14a32f30b8c48cf07a86ea75194fd71d249f5e3fdc

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2023 10:59:57 GMT
etag: W/"641adfad-d71"
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=7776000
expires: Sun, 03 Sep 2023 14:13:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 21ms
5ms Script
application/javascript 2404:6800:4003:c04::61

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F3XVNMMDF5

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::61 , Singapore, ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c701f4b0f0afc2845478cf781d1c38d223892da9fa2e02829ab5f9fda2e6fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80513
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Jun 2023 14:13:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
47 KB 37ms
21ms Script
text/javascript 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5312497992643940

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a54abd47c589f892f5f223ba04ce43c0672674e6662786363ee7975f0f4fee5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noveltoon.mobi/es/watch/1351248/1449262
Origin: https://noveltoon.mobi
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47969
x-xss-protection: 0
server: cafe
etag: 18189601146491162929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 14:13:55 GMT

GET
H2 200 logo.svg
noveltoon.mobi/official/noveltoon/ 3 KB
3 KB 8ms
4ms Image
image/svg+xml 8.214.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noveltoon.mobi/official/noveltoon/logo.svg

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

3ee3fa36e20734a5769616e70ef71f571c1d68402485897956397e1b805a233b

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
last-modified: Tue, 07 Feb 2023 07:16:43 GMT
accept-ranges: bytes
etag: "63e1fadb-d24"
content-length: 3364
x-frame-options: sameorigin
content-type: image/svg+xml

GET
H2 200 icon-128.png
noveltoon.mobi/official/noveltoon/ 13 KB
13 KB 8ms
5ms Image
image/png 8.214.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noveltoon.mobi/official/noveltoon/icon-128.png

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

2e1061d2ad6ee8436c3193560f00eff61a83fde0c9e1bf4eb35e854fb4fc181d

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
last-modified: Mon, 20 Jun 2022 13:37:49 GMT
etag: "62b0782d-330e"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 13070
expires: Sun, 03 Sep 2023 14:13:55 GMT

GET
H2 200 135124847aa.webp
cn-e-pic.mangatoon.mobi/cartoon-posters/ 16 KB
17 KB 59ms
5ms Image
image/webp 13.227.254.16

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cn-e-pic.mangatoon.mobi/cartoon-posters/135124847aa.webp
Requested by: Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.16 , United States, ASN (),
Reverse DNS
Software: openresty /
Resource Hash: d763f47a0e9b1b7cc2a9418ca58a0b58afab56f987fd42ceb1ff19959a7855cf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-log: X-Log
date: Sun, 04 Jun 2023 17:06:34 GMT
via: 1.1 d19f6de4de1eb10d5b27d86de6b4a7d4.cloudfront.net (CloudFront)
x-svr: IO
content-md5: pO4brnma3Rzo4VQqb4Oxrg==
x-reqid: -24AAEGOwzmog2UX
x-amz-cf-pop: SIN52-C3
age: 76041
x-cache: Hit from cloudfront
content-transfer-encoding: binary
content-disposition: inline; filename="135124847aa.webp"; filename*=utf-8''135124847aa.webp
content-length: 16808
last-modified: Fri, 05 May 2023 10:59:21 GMT
server: openresty
etag: "Fk1i4reARct18Lz273pkHnYVZKWE"
access-control-max-age: 2592000
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
x-qiniu-zone: as0
x-amz-cf-id: US-5bsqdqMT13HngY6WD-49DZZze8p8MJGVLkH859HVMkBkCCVxTHg==

GET
H2 200 AEdFTp5lRWhl-xvHMfvIC_q7N88ukFlsmDBX1TyKUeWa0ic=s96-c
lh3.googleusercontent.com/a/ 3 KB
3 KB 814ms
800ms Image
image/jpeg 2404:6800:4003:c03::84

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/AEdFTp5lRWhl-xvHMfvIC_q7N88ukFlsmDBX1TyKUeWa0ic=s96-c

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN (),

Reverse DNS

Software

fife /

Resource Hash

48a5b45b388eb8541608f7e122fab7f48bc0f2f87d2b0ef5f9c7ef9ce5cccd9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
x-content-type-options: nosniff
server: fife
etag: "vf4b0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2877
x-xss-protection: 0
expires: Tue, 06 Jun 2023 14:13:56 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/4311112018980471/picture?width=320&height=320
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=4311112018980471&height=320&width=320&ext=1688566435&hash=AeSGKmYTsbzvmmNcxyw

34 KB
34 KB

839ms
826ms

Image
image/jpeg

2a03:2880:f00c:300:face:b00c:0:3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=4311112018980471&height=320&width=320&ext=1688566435&hash=AeSGKmYTsbzvmmNcxyw
Requested by: Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262
Protocol: H2
Server: 2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN (),
Reverse DNS
Software: /
Resource Hash: 30d56634bc54f041475c7e91331e9f7d968ea607e9dfbba5be5f5d132543bf88

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
x-fb-trip-id: 1679558926
x-fbtype: 30808
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 29 Jan 2023 12:14:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=211736271
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
x-needle-checksum: 517368526
content-disposition: attachment
accept-ranges: bytes
content-length: 34321

Redirect headers

strict-transport-security: max-age=15552000; preload
date: Mon, 05 Jun 2023 14:13:55 GMT
x-fb-rev: 1007616494
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: SMVOIpu/XtOx9FDZjarhMcG3Xrh4rio+om+v4p7WCFZOPugEzV15AnxwuUOl/3/NRd0yCWZ9bQ114R/j1wvsfg==
x-fb-trace-id: HbBecTPSZ6D
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=4311112018980471&height=320&width=320&ext=1688566435&hash=AeSGKmYTsbzvmmNcxyw
access-control-allow-origin: *
x-fb-request-id: AczZwDL6gBpDKJusaSneCvv
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v10.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/3145924265645339/picture?width=320&height=320
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3145924265645339&height=320&width=320&ext=1688566435&hash=AeTT-5saOXAEQU5WccI

12 KB
13 KB

401ms
388ms

Image
image/jpeg

2a03:2880:f00c:300:face:b00c:0:3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3145924265645339&height=320&width=320&ext=1688566435&hash=AeTT-5saOXAEQU5WccI
Requested by: Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262
Protocol: H2
Server: 2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN (),
Reverse DNS
Software: /
Resource Hash: cec758637484509f3954eddb7935822830d00d01b38e0b359eddf099070c1acf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-haystack-needlechecksum: 3289309936
date: Mon, 05 Jun 2023 14:13:56 GMT
x-fb-trip-id: 1679558926
x-fbtype: 6435
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 21 Jan 2021 14:33:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3953426958
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1502713020
content-disposition: attachment
accept-ranges: bytes
content-length: 12547

Redirect headers

strict-transport-security: max-age=15552000; preload
date: Mon, 05 Jun 2023 14:13:55 GMT
x-fb-rev: 1007616494
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: f5rwMeSgGEcBwWyq73AARAA0VYivdMNRELN+jUi3gLQjmGSZrM6pXnia9sixF1EUdkoZNl4ra9pw47fYtRxu8A==
x-fb-trace-id: A+OhV3HPQSN
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3145924265645339&height=320&width=320&ext=1688566435&hash=AeTT-5saOXAEQU5WccI
access-control-allow-origin: *
x-fb-request-id: ACCqH3Im66DvbYy9EGn7pKh
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v10.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 arrow.png
cn.e.pic.mangatoon.mobi/official/ 1 KB
2 KB 77ms
13ms Image
image/png 2606:4700::6812:40f

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cn.e.pic.mangatoon.mobi/official/arrow.png
Requested by: Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40f , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: af7733fd0f3e3a1413df3073e2874ff88a11470b52223c58524a5b0780ce0142

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ser: BC154_dx-lt-yd-jiangsu-taizhou-4-cache-6, BC11_US-Texas-Dallas-1-cache-3
x-log: X-Log
date: Mon, 05 Jun 2023 14:13:55 GMT
cf-cache-status: HIT
x-svr: IO
content-md5: O6qs9xfKTV66Tjd7whFEEg==
x-reqid: Zu8AAABUNvFXDwIX
age: 411645
cf-polished: origSize=1815
x-cache: HIT from BC154_dx-lt-yd-jiangsu-taizhou-4-cache-6(baishan)
content-transfer-encoding: binary
content-disposition: inline; filename="arrow.png"; filename*=utf-8''arrow.png
alt-svc: h3=":443"; ma=86400
content-length: 1047
cf-bgj: imgq:100,h2pri
last-modified: Thu, 06 Feb 2020 13:34:46 GMT
server: cloudflare
etag: "FiZL5N7RcYj5PCPGau9QYQH6jG0R"
access-control-max-age: 2592000
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
x-qiniu-zone: 2
cf-ray: 7d2904df38a94042-SIN
expires: Tue, 04 Jun 2024 14:13:55 GMT

GET
H2 200 bottom_dl.png
noveltoon.mobi/images/icon/ 7 KB
7 KB 8ms
6ms Image
image/png 8.214.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noveltoon.mobi/images/icon/bottom_dl.png

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

115ac196e4821cdfae6df952794c68a779a4f4bfde803c682a5775766caa37a1

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
last-modified: Mon, 20 Jun 2022 13:37:49 GMT
etag: "62b0782d-1ca8"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7336
expires: Sun, 03 Sep 2023 14:13:55 GMT

GET
H2 200 app-store.svg
noveltoon.mobi/official/noveltoon/ 13 KB
13 KB 8ms
6ms Image
image/svg+xml 8.214.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noveltoon.mobi/official/noveltoon/app-store.svg

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

41f5b14edc95cec8e25198d4ff6579ba67865a964aaeffa9dce79d52a7788cbd

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
last-modified: Mon, 20 Jun 2022 13:37:49 GMT
accept-ranges: bytes
etag: "62b0782d-33ef"
content-length: 13295
x-frame-options: sameorigin
content-type: image/svg+xml

GET
H2 200 google-play.svg
noveltoon.mobi/official/noveltoon/ 14 KB
14 KB 10ms
8ms Image
image/svg+xml 8.214.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noveltoon.mobi/official/noveltoon/google-play.svg

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

50917a92dafa18a9fdbd1aeab3dd7284a7b4a515e6fa9d18e81ff4f13ee8eee1

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
last-modified: Mon, 20 Jun 2022 13:37:49 GMT
accept-ranges: bytes
etag: "62b0782d-3883"
content-length: 14467
x-frame-options: sameorigin
content-type: image/svg+xml

GET
H2 200 fackbook-icon.svg
noveltoon.mobi/official/noveltoon/ 2 KB
2 KB 10ms
8ms Image
image/svg+xml 8.214.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noveltoon.mobi/official/noveltoon/fackbook-icon.svg

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

0a851af761da4d5b2920eb522503dde3e017327ab304457fd8181089e3777d7a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
last-modified: Mon, 20 Jun 2022 13:37:49 GMT
accept-ranges: bytes
etag: "62b0782d-910"
content-length: 2320
x-frame-options: sameorigin
content-type: image/svg+xml

GET
H2 200 bottom_dl.png
noveltoon.mobi/official/ 32 KB
32 KB 10ms
9ms Image
image/png 8.214.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noveltoon.mobi/official/bottom_dl.png

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

c39d6346a2bcc010c6e38423f42474d048986f4ceb4d6cff6b89081344072dd3

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
last-modified: Mon, 20 Jun 2022 13:37:49 GMT
etag: "62b0782d-7e78"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 32376
expires: Sun, 03 Sep 2023 14:13:55 GMT

GET
H2 200 new-h5.js Show response
noveltoon.mobi/js/ 7 KB
3 KB 4ms
4ms Script
application/javascript 8.214.4.44

General

Check archive.org

Show headers Download Go to

Full URL

https://noveltoon.mobi/js/new-h5.js?1655732269

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

36d93a6d2bd0a69d97fe5d34c6772f1af6d1b701d131b0de9d7dbc5ceeb657c4

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 13:37:49 GMT
etag: W/"62b0782d-1b67"
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=7776000
expires: Sun, 03 Sep 2023 14:13:55 GMT

GET
H2 200 new-nt.js Show response
noveltoon.mobi/js/ 10 KB
2 KB 4ms
4ms Script
application/javascript 8.214.4.44

General

Check archive.org

Show headers Download Go to

Full URL

https://noveltoon.mobi/js/new-nt.js?1684747602

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.214.4.44 , Singapore, ASN (),

Reverse DNS

Software

Resource Hash

82f3e7624f58aeabaee59129c01d267d085245dcca365b6daf66ae055684dcff

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 09:26:42 GMT
etag: W/"646b3552-2608"
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=7776000
expires: Sun, 03 Sep 2023 14:13:55 GMT

GET
H2 200 font_659557_i88qvkv5xho.woff2
at.alicdn.com/t/ 63 KB
63 KB 906ms
437ms Font
font/woff2 2602:ffe4:c45:0:3::3fd

General

Check archive.org

Show headers Download Go to

Full URL: https://at.alicdn.com/t/font_659557_i88qvkv5xho.woff2
Requested by: Host: noveltoon.mobi
URL: https://noveltoon.mobi/css/new-h5.css?1676866382
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:ffe4:c45:0:3::3fd , United States, ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: c1a09bc539d52255745115e9e0b69131c877c1267e83e6d24b16d3a45970ff4e

Request headers

Referer: https://noveltoon.mobi/
Origin: https://noveltoon.mobi
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 22:48:53 GMT
via: cache12.l2hk3[0,14,200-0,H], cache33.l2hk3[17,0], cache17.jp6[0,0,200-0,H], cache21.jp6[8,0]
x-oss-request-id: 63FFD655E54CE1353688AE86
content-md5: oGTR7W6pRVtswtypVE6wtw==
age: 8263503
x-swift-cachetime: 30742995
x-cache: HIT TCP_MEM_HIT dirn:12:666968120
x-swift-savetime: Mon, 06 Mar 2023 03:05:38 GMT
content-length: 64172
x-oss-object-type: Normal
last-modified: Tue, 09 Nov 2021 03:31:54 GMT
server: Tengine
etag: "A064D1ED6EA9455B6CC2DCA9544EB0B7"
vary: Origin
ali-swift-global-savetime: 1677710933
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=63072000
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 12237784722111223984
eagleid: 80019da916859744362582088e
x-oss-server-time: 127

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 report Show response
sg.mangatoon.mobi/api/v2/new/activity/sensor/ 55 B
350 B 51ms
35ms XHR
application/json 8.219.57.104

General

Check archive.org

Show headers Download Go to

Full URL: https://sg.mangatoon.mobi/api/v2/new/activity/sensor/report?_language=es&_channel=nt_official_web&_platform=web&_udid=1b0cf227-fe8b-4f92-8cf6-9d49f4f21fb4
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.219.57.104 , Singapore, ASN (),
Reverse DNS
Software: /
Resource Hash: fe61667399173afefaf78b70cd374711deb4a839c617354f602290bbac5b4236

Request headers

Accept: */*
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://noveltoon.mobi
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,X-Token
content-length: 74

POST
H2 200 report Show response
sg.mangatoon.mobi/api/v2/new/activity/sensor/ 55 B
349 B 51ms
36ms XHR
application/json 8.219.57.104

General

Check archive.org

Show headers Download Go to

Full URL: https://sg.mangatoon.mobi/api/v2/new/activity/sensor/report?_language=es&_channel=nt_official_web&_platform=web&_udid=1b0cf227-fe8b-4f92-8cf6-9d49f4f21fb4
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.219.57.104 , Singapore, ASN (),
Reverse DNS
Software: /
Resource Hash: fe61667399173afefaf78b70cd374711deb4a839c617354f602290bbac5b4236

Request headers

Accept: */*
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://noveltoon.mobi
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,X-Token
content-length: 74

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 351 KB
118 KB 35ms
27ms Script
text/javascript 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5312497992643940

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

edaaf9a91226b7ef9b4bf210e3b37769f0ba7a7b99b6f9aba6c1805f101dabca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120663
x-xss-protection: 0
server: cafe
etag: 3110229709094554385
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 14:13:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame 84C6 10 KB
5 KB 20ms
4ms Document
text/html 2404:6800:4003:c11::9c

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5312497992643940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noveltoon.mobi/es/watch/1351248/1449262
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 4863
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 12:52:52 GMT
etag: 15057649708203361565
expires: Mon, 19 Jun 2023 12:52:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
253 B 14ms
4ms Ping
text/plain 2404:6800:4003:c05::65

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-F3XVNMMDF5&gtm=45je35v0&_p=719600178&cid=1895210266.1685974436&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685974435&sct=1&seg=0&dl=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&dt=DUE%C3%91O%20DE%20MI%20CUERPO%20-%20144%20-%20NovelToon&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F3XVNMMDF5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::65 , Singapore, ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://noveltoon.mobi
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 19ms
5ms Script
text/javascript 2404:6800:4003:c03::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=noveltoon.mobi&callback=_gfp_s_&client=ca-pub-5312497992643940

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0d6c5f8b760683ceeadbfae6fe06047e9361c0b5e94da4c6a6d554ccc6327823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 19ms
6ms Script
application/javascript 2404:6800:4003:c05::9c

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=noveltoon.mobi

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 17ms
6ms Script
application/javascript 2404:6800:4003:c03::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=noveltoon.mobi

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
49ms Image
image/gif 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=lock&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
49ms Image
image/gif 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=watch-nav&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4D4 84 KB
20 KB 220ms
219ms Document
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&adk=1812271804&adf=3025194257&lmt=1685974435&plat=1%3A16777216%2C2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x675_l&format=0x0&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974435748&bpp=14&bdt=162&idt=105&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2918624068568&frm=20&pv=2&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=143

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9058c3e512c62efef7a4fc3b73d342b0bdf5eaf36670f304897b4e801f454202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noveltoon.mobi/es/watch/1351248/1449262
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20461
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 14:13:56 GMT
expires: Mon, 05 Jun 2023 14:13:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5768 74 KB
23 KB 247ms
246ms Document
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=180&slotname=1970634518&adk=777955175&adf=487482768&pi=t.ma~as.1970634518&w=720&fwrn=4&lmt=1685974435&rafmt=11&format=720x180&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974435762&bpp=2&bdt=176&idt=137&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=4045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JZFuOxcNt2&p=https%3A//noveltoon.mobi&dtd=144

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

062f97a5bb2e98eac7b7d64fbd4b06b99af2564ef5a6d672e4e084a0e1a87cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noveltoon.mobi/es/watch/1351248/1449262
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23449
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 14:13:56 GMT
expires: Mon, 05 Jun 2023 14:13:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 152 KB
52 KB 29ms
29ms Script
text/javascript 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e7f7ec0e2a3e427293537698a64e6fa8ab9d90a9323595d9db4d5f0a0e17e5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52811
x-xss-protection: 0
server: cafe
etag: 2139850545693021273
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 14:13:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
165 B 14ms
11ms Script
application/javascript 2404:6800:4003:c05::9c

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=noveltoon.mobi

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 9ms
8ms Script
application/javascript 2404:6800:4003:c03::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=noveltoon.mobi

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7ECA 31 KB
13 KB 219ms
218ms Document
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=280&adk=968387339&adf=4180891264&pi=t.aa~a.2441892535~i.12~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1685974436&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8058170659&ad_type=text_image&format=720x280&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974436190&bpp=2&bdt=604&idt=-M&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e61b7421d62e9cf-22f213f9d1e1001e%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MZWbvsSqRYCbfVfshWGEhvkI2vuBQ&gpic=UID%3D00000c0fbe2cf991%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MbDJlcR3hA_frP3Nd3EBJ_Xc3CkBw&prev_fmts=0x0%2C720x180&nras=2&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=e5a18VgJbv&p=https%3A//noveltoon.mobi&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a3ce42fa7a9f31e72937bcae432fb75e7e0500b27a1dd49bea6b6eca9e0281dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noveltoon.mobi/es/watch/1351248/1449262
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13337
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 14:13:56 GMT
expires: Mon, 05 Jun 2023 14:13:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34A4 436 B
234 B 201ms
200ms Document
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=280&adk=968387339&adf=871540482&pi=t.aa~a.2441892535~i.29~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1685974436&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8058170659&ad_type=text_image&format=720x280&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974436190&bpp=1&bdt=604&idt=0&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e61b7421d62e9cf-22f213f9d1e1001e%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MZWbvsSqRYCbfVfshWGEhvkI2vuBQ&gpic=UID%3D00000c0fbe2cf991%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MbDJlcR3hA_frP3Nd3EBJ_Xc3CkBw&prev_fmts=0x0%2C720x180%2C720x280&nras=3&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=eA9ppF6lfB&p=https%3A//noveltoon.mobi&dtd=40

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d4967fe424c7bee14029eade627320ce0b8587b1b557f049bcc568d31545a567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noveltoon.mobi/es/watch/1351248/1449262
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 14:13:56 GMT
expires: Mon, 05 Jun 2023 14:13:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 5768 4 KB
1 KB 34ms
9ms Stylesheet
text/css 2404:6800:4003:c0f::5f

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=180&slotname=1970634518&adk=777955175&adf=487482768&pi=t.ma~as.1970634518&w=720&fwrn=4&lmt=1685974435&rafmt=11&format=720x180&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974435762&bpp=2&bdt=176&idt=137&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=4045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JZFuOxcNt2&p=https%3A//noveltoon.mobi&dtd=144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5f , Singapore, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 13:00:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jun 2023 14:13:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 5768 2 KB
945 B 30ms
7ms Script
text/javascript 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:06:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 02:06:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 5768 22 KB
9 KB 21ms
5ms Script
text/javascript 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:06:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 02:06:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 5768 3 KB
1 KB 20ms
4ms Script
text/javascript 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:52:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 5768 19 KB
8 KB 26ms
3ms Script
text/javascript 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:52:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5768 171 KB
54 KB 1875ms
1852ms Script
text/javascript 2404:6800:4003:c04::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 14:13:58 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 5768 32 KB
14 KB 23ms
7ms Script
text/javascript 2404:6800:4003:c02::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Wed, 31 May 2023 00:11:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 22:07:58 GMT

GET
H2 200 lgn.php Show response
cat.jp2.as.criteo.com/delivery/ Frame 5768 43 B
348 B 382ms
122ms Fetch
image/gif 182.161.74.13

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.jp2.as.criteo.com/delivery/lgn.php?cppv=3&cpp=vIwlN2lNbiI3afzILjenOQy_WYgtYH9aJVeNhnxH0rus4jDPE3f66XY8reo57HMzIYj-MKsuRWxwLy8_9YeNPJMAoApQN4I1_STgRjEYXN3yWnZRlZ4qTFSxT5JFaUiujkqWMAj0WrLLGW9nk8ytquYkEDsxQHyMb1YO19thypRuq-LXNqd3nwBalEfDgD3rdgMJE4CWW-vPD2YTzvoxp0rwm7-hd4zsLYaSoKd_d7a7XV5L_GmG83l9QBUwzoRMq7_7-gzg_f9-VPM2gQSa7sOCefTjf7DtlE8aXJBa4INIlE2DxGgH24eSqchqEwtJhhtgMVh7mraTraFUtmIR5QMIDXUEKP6hdUiwiNJ1boH2eEz-35Tkwq_xkXhAdcC28uYJznKtUfMc2XTWB-zEeU17qPiCMvmuWqoyPLy-JLfXWbh6YI_XgKVQaJ8eQwj_NAd4Vg&z=ZH3towAOKhgFS4VnAAzFrLzuZpiL7CCdorTlhw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.13 , Singapore, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1992216
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame 5768 0
0 533ms
174ms Fetch 2406:2600:4::13

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=ktu5FvmzWQAA4LzZXQIAAAC0bgxIL8pSwAwfI3cQo-19ZIqZ37X85j1OBEsAABIDAQoKQVFVQkRRRUJEUQ&wp=ZH3towAOKhgFS4VnAAzFrLzuZpiL7CCdorTlhw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::13 , Japan, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 190838
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5768 0
0 54ms
50ms Fetch
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7P-1o-19ZJjUOOeKrtoPrIuzgAu91O6wXLifxb59wI23ARABIABgvwWCARdjYS1wdWItNTMxMjQ5Nzk5MjY0Mzk0MMgBCagDAaoE6AFP0HyN-ekcl4KNSqpwACkOiYFP6iuuySZUyeOItrL_JdIat4VpOxIbdRjLg_0LWE59DTcN4S8Tn5yB3WL2iQYgFESBYZUpmaoRGi6NMIVqJGG-ZadhKLLkwcwurHSz2igGBiQM8XBocAnKrHUW8Yzkbvq5ogN4fYhWMytGysGy17VgPY3_eDUlPIUKBULXCiSQV8TGGWzuy-rJj3A50Enq6VFp4ZX_hnE1jF_sA1Blu4y0k8R04yv4viV5m1wlBLLlqmMLesmfot-vY6T44afsOwNIBaj-k-Zl4zvJyyDlXvw0U0EknZKLgAbR4of09qLH9MYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTMxMjQ5Nzk5MjY0Mzk0MBgA&sigh=fShlzRAcje4&uach_m=[UACH]&cid=CAQSGwBygQiDUJafDks1ShsOH2yL4TKs69CzWGvnuBgB&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=180&slotname=1970634518&adk=777955175&adf=487482768&pi=t.ma~as.1970634518&w=720&fwrn=4&lmt=1685974435&rafmt=11&format=720x180&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974435762&bpp=2&bdt=176&idt=137&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=4045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JZFuOxcNt2&p=https%3A//noveltoon.mobi&dtd=144
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 14:13:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 14:13:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5768 0
0 68ms
62ms Fetch
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CR0qwo-19ZJjUOOeKrtoPrIuzgAu91O6wXLifxb59wI23ARABIABgvwWCARdjYS1wdWItNTMxMjQ5Nzk5MjY0Mzk0MMgBCagDAcgDAqoE6AFP0HyN-ekcl4KNSqpwACkOiYFP6iuuySZUyeOItrL_JdIat4VpOxIbdRjLg_0LWE59DTcN4S8Tn5yB3WL2iQYgFESBYZUpmaoRGi6NMIVqJGG-ZadhKLLkwcwurHSz2igGBiQM8XBocAnKrHUW8Yzkbvq5ogN4fYhWMytGysGy17VgPY3_eDUlPIUKBULXCiSQV8TGGWzuy-rJj3A50Enq6VFp4ZX_hnE1jF_sA1Blu4y0k8R04yv4viV5m1wlBLLlqmMLesmfot-vY6T44afsOwNIBaj-k-Zl4zvJyyDlXvw0U0EknZKLgAbR4of09qLH9MYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTMxMjQ5Nzk5MjY0Mzk0MBgA&sigh=W1J657RRGM0&uach_m=[UACH]&cid=CAQSGwBygQiDUJafDks1ShsOH2yL4TKs69CzWGvnuBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=180&slotname=1970634518&adk=777955175&adf=487482768&pi=t.ma~as.1970634518&w=720&fwrn=4&lmt=1685974435&rafmt=11&format=720x180&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974435762&bpp=2&bdt=176&idt=137&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=4045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JZFuOxcNt2&p=https%3A//noveltoon.mobi&dtd=144
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 14:13:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 14:13:56 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/ Frame E5D0 10 KB
4 KB 7ms
7ms Document
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noveltoon.mobi/es/watch/1351248/1449262
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 38774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 03:27:42 GMT
etag: 15057649708203361565
expires: Mon, 19 Jun 2023 03:27:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 5768 45 KB
45 KB 19ms
6ms Image
image/png 2406:2600:7:100::1f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2Flenovo-laptop-ideapad-flex-5i-chromebook-gen-7-14-intel-hero.png%3Fcontext%3DbWFzdGVyfHJvb3R8NDIxNjY4fGltYWdlL3BuZ3xoNmEvaDU1LzEzNjU1OTgzMjU5Njc4LnBuZ3xiYzFkNGVlZTViOTAyNGJlZWQ4ZGUxMmU1YTMxNDVmMGNlMGFhNmEwYjFjNjhjZDI0MDFkZGEyNGRjNjBiN2Vk&ups=1&v=3&w=400&s=oZNaecJI_hFMsQP7Un1dD0k5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4fac92bfe609ae4954ada9793b6b798a4e3f75727327a521e532cd15824bb959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=232673
content-length: 46006
expires: Wed, 07 Jun 2023 01:09:25 GMT

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 4806 49 KB
19 KB 40ms
9ms Document
text/html 2406:2600:7:100::15

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=ZH3towAN_swKfXaYAAHix_Ut9IWyAZ1yIrBKwA&u=%7CfYl59rkPDo0hhS7mNzZvFqhIhfJBbvoIsZIdfJ%2FskrI%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcx_AYOCxtp-Ml6jxy0XjY2Z9qNXB1jB5uWHfnCr2Ef7X7YS0eFiE1NRe8BcXibHFdAPDs-bDKO2s-6p-EahUmUUABBwaMRvKBs4ImeaEXfp8zmXF01sSp22OZnw4lffmIM6gN-PCWklwPLhL1WWIz3CsQ8su8v_eT0AxH77bAau_ETUy6XUYDrvTfpd4bZpbbcadvnznFjWLKMsska6szFVbidK5AuEo4CPtFNeqEeI2ppEa9zEUephyxFl9KDinO5rh5y4usPi3a_x1uomezCFBv7qMWgq0QPcRfZr3toexZBHR6vUDMsUS4WWTKPFk1njqXZvhaBo3sblD-wRhf224q5tBkuAIcAlLmZbRjUiGiU0F-GzE9k7GUZgYByBPHH9a5Nfz0yHppK_N-lKk4jwyBHrKQeBHXBfEq5uFoPHycBpoGw3f6GtvmcU2q81o69qdfmKmObb15arvMVvNuiW7cB6YhwFD3DqJeq7QzToAKhfhrr1IVv7l94ntZhsBSHaGyrP8SrpZmhOtU4ASGbGxtT3ZB7BlXk25LJ-qgXpi4nZ95hgAaiLBcy4dlToZnw-uFuPfKagYMoV5mpze6AELCkM6lZkqdA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLKP7o-19ZMz9N5jt9QPHxYfoDL3U7rBc8K_Evn3AjbcBEAEgAGAzggEXY2EtcHViLTUzMTI0OTc5OTI2NDM5NDDIAQmoAwGqBOUBT9Ae79S2wmzXlCVh4NIpx7XH8-HuAKCMxB9srLkIJFoD_YRogDjBH7shD4pVms0g5MjVRgZlaxXVLan_MN0MFhGD6d2mUMIrQG4yZ54RhKBJNh835UgOcq6Pc45d9F-HXsLD4GGddg0uyMSTmx3RScDZNq-n338JuC5_L-sd8dOTvqk56hT9DS8PZJf_3HMtYtRWHFY7MpDArgxGZrI1DkWVLDV37aKr6P6CnfUCv9bBThigeJ2eDmo7UEYy-e11i3wBG3txqLgRp7BEMhS1if_MawsEqioAA_gKJpe3ZxwBX502YIAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0qzkaExR7EuAD6meK9aOXmiaq4RA%26client%3Dca-pub-5312497992643940%26adurl%3D

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

b17ee1fc8978a8c0755c05dca7869bdd0adbb3744dc65445c73dd6f32311dd94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 14:13:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=5b7nDkKXmfHkd09qUBOnspEoQmt1S-lHwsFQyJw6HD9PFAXr-sC06Ey29vtwqBANoI4N4C3Z0R2T0bHuNfZxX7G-Zvdi9QYpHaF8Kskd_3d2lrHKgCggFOSxQ0vIWeCozNLqBMavjdMd-J_vgaV67v60_oIHuWmS6UkB3YsnlSkx7v0AZj1uOvgnPMa4wLZ6ls2KzkNtNdjvkx70bwZplZ2ecAIcvzQ4tMYNtNmDwiiHIajoPPvsk7dlvw7hTmmFENI4ostjwzv7jTAO"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4697810
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 0768 3 KB
1 KB 5ms
3ms Script
text/javascript 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:52:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 0768 19 KB
8 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:52:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0768 171 KB
53 KB 1792ms
1791ms Script
text/javascript 2404:6800:4003:c04::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 14:13:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5D0 0
20 B 50ms
49ms Image
image/gif 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=1-%26adk%3D1812271803%26client%3Dca-pub-5312497992643940%26fa%3D3%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26xpc%3D558tb5AEqY%26p%3Dhttps%3A%2F%2Fnoveltoon.mobi

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5768 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa4472a78633974a1008857136e2f88f0757dd00d6a839808569998049df7d1f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4806 2 KB
1 KB 22ms
9ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZH3towAN_swKfXaYAAHix_Ut9IWyAZ1yIrBKwA&u=%7CfYl59rkPDo0hhS7mNzZvFqhIhfJBbvoIsZIdfJ%2FskrI%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcx_AYOCxtp-Ml6jxy0XjY2Z9qNXB1jB5uWHfnCr2Ef7X7YS0eFiE1NRe8BcXibHFdAPDs-bDKO2s-6p-EahUmUUABBwaMRvKBs4ImeaEXfp8zmXF01sSp22OZnw4lffmIM6gN-PCWklwPLhL1WWIz3CsQ8su8v_eT0AxH77bAau_ETUy6XUYDrvTfpd4bZpbbcadvnznFjWLKMsska6szFVbidK5AuEo4CPtFNeqEeI2ppEa9zEUephyxFl9KDinO5rh5y4usPi3a_x1uomezCFBv7qMWgq0QPcRfZr3toexZBHR6vUDMsUS4WWTKPFk1njqXZvhaBo3sblD-wRhf224q5tBkuAIcAlLmZbRjUiGiU0F-GzE9k7GUZgYByBPHH9a5Nfz0yHppK_N-lKk4jwyBHrKQeBHXBfEq5uFoPHycBpoGw3f6GtvmcU2q81o69qdfmKmObb15arvMVvNuiW7cB6YhwFD3DqJeq7QzToAKhfhrr1IVv7l94ntZhsBSHaGyrP8SrpZmhOtU4ASGbGxtT3ZB7BlXk25LJ-qgXpi4nZ95hgAaiLBcy4dlToZnw-uFuPfKagYMoV5mpze6AELCkM6lZkqdA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLKP7o-19ZMz9N5jt9QPHxYfoDL3U7rBc8K_Evn3AjbcBEAEgAGAzggEXY2EtcHViLTUzMTI0OTc5OTI2NDM5NDDIAQmoAwGqBOUBT9Ae79S2wmzXlCVh4NIpx7XH8-HuAKCMxB9srLkIJFoD_YRogDjBH7shD4pVms0g5MjVRgZlaxXVLan_MN0MFhGD6d2mUMIrQG4yZ54RhKBJNh835UgOcq6Pc45d9F-HXsLD4GGddg0uyMSTmx3RScDZNq-n338JuC5_L-sd8dOTvqk56hT9DS8PZJf_3HMtYtRWHFY7MpDArgxGZrI1DkWVLDV37aKr6P6CnfUCv9bBThigeJ2eDmo7UEYy-e11i3wBG3txqLgRp7BEMhS1if_MawsEqioAA_gKJpe3ZxwBX502YIAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0qzkaExR7EuAD6meK9aOXmiaq4RA%26client%3Dca-pub-5312497992643940%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 4806 2 KB
1 KB 18ms
4ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4806 308 B
636 B 12ms
6ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4806 293 B
621 B 12ms
5ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 4806 43 B
348 B 20ms
6ms Image
image/gif 182.161.73.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=mAU7N6oWCSBCrZlpOQQDa9kgm07KI0h7X6r8h-52xhAy5aSvWEbTVoYqLaLbRnOi5tlB28iajxOyxrCjus0Gyf7VAOTwyKPfnFnqDjhLoysQXmRJuetPGI1m28FeHV8mgtcEywuz1JPSsGkAJ8rebhw00BLzTqK1Nj1UdWXneeIOe40PrUJyJy5pQvdIWM_g81w2ouQ8yny2RafgXf9kc8kv7icKgw8MbUkeWuAzy9rg2FftfDu0dzew_LQFmFmURA6e56qpDt2S_VWkItx0kR9RuRb9qMQWulLQDHbjSBVEbZ_expFZNVpY3F8fa1LeFLj-L4eKSyT7vgHQ7uCHIkm2FA7rUlweHpQGgZQMPjWbecpESnuhDHw4mK2XNy1U8WG_V_hzEIpH4q_4Er2XDQu2I9EH16xZlgeByVo1GMJMVp7juxDBzEjaH_ZccXdRrghNNA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2588615
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 3de6993034ce409f9a4843e5efcddbb5_image_ad_160x600.gif
static.criteo.net/design/dt/81802/230424/ Frame 4806 50 KB
51 KB 16ms
10ms Image
image/gif 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/81802/230424/3de6993034ce409f9a4843e5efcddbb5_image_ad_160x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

efae43f983409ef05568ef4351bcf8b0863d664617cf9d7650e8f99c21b692d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Apr 2023 09:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "644646af-c97c"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 51580
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 7ECA 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=280&adk=968387339&adf=4180891264&pi=t.aa~a.2441892535~i.12~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1685974436&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8058170659&ad_type=text_image&format=720x280&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974436190&bpp=2&bdt=604&idt=-M&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e61b7421d62e9cf-22f213f9d1e1001e%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MZWbvsSqRYCbfVfshWGEhvkI2vuBQ&gpic=UID%3D00000c0fbe2cf991%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MbDJlcR3hA_frP3Nd3EBJ_Xc3CkBw&prev_fmts=0x0%2C720x180&nras=2&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=e5a18VgJbv&p=https%3A//noveltoon.mobi&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:52:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 7ECA 19 KB
8 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:52:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7ECA 0
0 60ms
49ms Image
text/html 2404:6800:4003:c01::67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXet5ooRNNQptKjONzzkbSGMLL8T87qJX0_kySMZKoJ7-Cm-SH60v6nZhpSXvYdgKQHQ3AbMfeyRU5VLbyuq8eReNqFg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=280&adk=968387339&adf=4180891264&pi=t.aa~a.2441892535~i.12~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1685974436&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8058170659&ad_type=text_image&format=720x280&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974436190&bpp=2&bdt=604&idt=-M&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e61b7421d62e9cf-22f213f9d1e1001e%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MZWbvsSqRYCbfVfshWGEhvkI2vuBQ&gpic=UID%3D00000c0fbe2cf991%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MbDJlcR3hA_frP3Nd3EBJ_Xc3CkBw&prev_fmts=0x0%2C720x180&nras=2&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=e5a18VgJbv&p=https%3A//noveltoon.mobi&dtd=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c01::67 , Singapore, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7ECA 171 KB
53 KB 1726ms
1725ms Script
text/javascript 2404:6800:4003:c04::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 14:13:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7ECA 0
0 56ms
55ms Fetch
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpKFDpO19ZJyjD5CMrAGNuo2gAb3U7rBc0PuM6sMBwI23ARABIABgvwWCARdjYS1wdWItNTMxMjQ5Nzk5MjY0Mzk0MMgBCagDAaoE6AFP0F2Z1djeU1YKcCSFZdk-T3KXLfSZcLu9l7YFOwinTRwgTXBGOewufyT74mg0WI_cQo421b5zOzeqVlPFj7g7Xhug9TxqUkFR4-3YJrcJuZadJebhVK9ZgXNoTEyNtDWjQXP3otqtWl0C6PpvifIag6TImgTfuwcybBRXuzEaRcBIZFjAM8JvP2eE7lSMQ6UR25xvzHp6Inlqi4IIrNdKXu6CV6x2FFoTMrSzcBOV8xWYoxNkVLlRcA3wI8VP5rwcuMfkUNEAeT9mIkO874TviKBsj4GLgIMMDk0ZT6BE6bmjr3G0ESmPgAbMpNGmtd2g4uQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTMxMjQ5Nzk5MjY0Mzk0MBgA&sigh=3jjlEtBzSck&uach_m=[UACH]&cid=CAQSOwBygQiDlTQiYjlrLDn9Aup0jlxhRI3Dmek59-hs_b6ZTx6W7lgq6v3C0vg05Z6R7t1SxmZLDbDRaa6VGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312497992643940&output=html&h=280&adk=968387339&adf=4180891264&pi=t.aa~a.2441892535~i.12~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1685974436&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8058170659&ad_type=text_image&format=720x280&url=https%3A%2F%2Fnoveltoon.mobi%2Fes%2Fwatch%2F1351248%2F1449262&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685974436190&bpp=2&bdt=604&idt=-M&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e61b7421d62e9cf-22f213f9d1e1001e%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MZWbvsSqRYCbfVfshWGEhvkI2vuBQ&gpic=UID%3D00000c0fbe2cf991%3AT%3D1685974435%3ART%3D1685974435%3AS%3DALNI_MbDJlcR3hA_frP3Nd3EBJ_Xc3CkBw&prev_fmts=0x0%2C720x180&nras=2&correlator=2918624068568&frm=20&pv=1&ga_vid=1895210266.1685974436&ga_sid=1685974436&ga_hid=719600178&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&oid=2&pvsid=433206157050694&tmod=1332945785&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=e5a18VgJbv&p=https%3A//noveltoon.mobi&dtd=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 14:13:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame 7ECA 0
0 390ms
177ms Fetch 2406:2600:4::13

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=ktu5FvezWdAFmALgvNldAgAAAJ66UlspxEuBDB8jdxCj7X1kB1LFgwgya3b2TgAAEgAACgpBUVVCRFFFQkRR&wp=ZH3tpAAD0ZwKKwYQAANdDes4ps3D0PKCeDGnHw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::13 , Japan, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 317004
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 1BBB 163 KB
50 KB 84ms
84ms Document
text/html 2406:2600:7:100::15

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=ZH3tpAAD0ZwKKwYQAANdDes4ps3D0PKCeDGnHw&u=%7CfYl59rkPDo1lN%2FL6mt8B6Q0q%2FVI3jfoV4x%2FlCpBIJwY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgtbV9KE84jUtLrlqIVzMjPQwcCgb2k0PayHJU79CtvS55l_hEpgp1S9OiJ3vlHQhUPkr53SIn4zxdqOQbUErUgWAT2Eup8uD5rLNtR6crmpgZNNF7Xus-hRRMRzv20xE9emVjkTHvftpn1p1auDngEzi2dNokis4Ik0PBWIt-phm1FHFNQ3tFkeASsCYcsLPkgtoH5k5HKYesKvo63evy7sv4uzGqKyeZcJHQGqYUHBTeBa5V87kLcAwbr1hNHTwzve9P-Lc8Gog3WKTsFjKkG4QBkag7QBi-U5BPqr5AS_P2eTKKRCejZHJtl2Z3U_QiJ5uX3dQtJqe-IX9sFpp_knFu8jt5Ktlhz5FQyZoFG374hqUvzBb36BGy2HK4Ny9AOMmFkvTBIqj2W2uhRFaMN6MK9Sjnt6wUXZqc8430xqFxGlUFAVUwgfSGCOoTeJEpk7QE_NEDmZf4kvS7Vg4dxvbg8AmjEeYMeoQWeJvuOX22Yg3jcuWGNHnJ30tXd15mofcGiZe78MmzQ7vLcrJkX4G_dL2hl7ayU26JrIEIhRoeMrs_GcE0_m1vneP9z9AqLAwBkvze6fi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjJ0apO19ZJyjD5CMrAGNuo2gAb3U7rBc0PuM6sMBwI23ARABIABgvwWCARdjYS1wdWItNTMxMjQ5Nzk5MjY0Mzk0MMgBCagDAaoE6wFP0F2Z1djeU1YKcCSFZdk-T3KXLfSZcLu9l7YFOwinTRwgTXBGOewufyT74mg0WI_cQo421b5zOzeqVlPFj7g7Xhug9TxqUkFR4-3YJrcJuZadJebhVK9ZgXNoTEyNtDWjQXP3otqtWl0C6PpvifIag6TImgTfuwcybBRXuzEaRcBIZFjAM8JvP2eE7lSMQ6UR25xvzHp6Inlqi4IIrNdKXu6CV6x2FFoTMrSzcBOV8xWYoxNkVLlRcA3wI8VP5rwcuIXmcUOBspII2O7BXlTAPVgmmIt-ia0UnurRYBW2VqePt_JapEd1Q7T3gAbMpNGmtd2g4uQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26bpLsjsi4G-rPCreiv8bHt_YLMw%26client%3Dca-pub-5312497992643940%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

00bd391a879e05d2b24f6498d9104c78d0bce70f3e23ad9946ef2f0a9b457fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 14:13:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=_MNuYUKXmfHkd09qgy-8zQJY7uHZ68Whey-fj4SlqTACbARSwvKcseZ8Ta177OQvVH080haWb8j5fCOxSf3kd_4oMPUT9U9pwnrc_DSOiUkrhC1whU_S68PblI_nIOW4GdE-xVcyLdQA1wNdg-UouZUurZHSEEU4e9OOtolMdiFOyY75jOhx9PeGxwK8Tj920MaABMrAIW4gIttGeIwKJOngg0ZVaXDCo43rJryosnJXkCYvQUt5gCB9ag6N2XfpWH7hmg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 76161369
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 all
csm.as.criteo.net/ Frame 4806 0
128 B 127ms
41ms Ping
text/plain 2406:2600:7:100::f

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=5b7nDkKXmfHkd09qUBOnspEoQmt1S-lHwsFQyJw6HD9PFAXr-sC06Ey29vtwqBANoI4N4C3Z0R2T0bHuNfZxX7G-Zvdi9QYpHaF8Kskd_3d2lrHKgCggFOSxQ0vIWeCozNLqBMavjdMd-J_vgaV67v60_oIHuWmS6UkB3YsnlSkx7v0AZj1uOvgnPMa4wLZ6ls2KzkNtNdjvkx70bwZplZ2ecAIcvzQ4tMYNtNmDwiiHIajoPPvsk7dlvw7hTmmFENI4ostjwzv7jTAO&sds=2&rev=86437.3&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4806 2 KB
1 KB 5ms
5ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 97C2 1 KB
643 B 6ms
6ms Document
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 31245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 05:33:11 GMT
etag: 48472445140208031
expires: Tue, 06 Jun 2023 05:33:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7ECA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d67c40cb551ee6d566218a98ffb7d8d2934231f7872cf2a909f5eaecb0dc42db

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 97C2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOn4XP_iux9qZULrZoDYWQM&google_cver=1&google_push=ATf1kGO63v4YEToRBLwJ8BZgg41Ko5Ms5YewFuyVM63Zi-H44uzfDIBrazR4ulMpLpic1p-MLKa7L7DvPdH97Mx2d7EN5fVdtxkSgi4
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1E28EEA4B5974B7AB2694F694140E276&google_push=ATf1kGO63v4YEToRBLwJ8BZgg41Ko5Ms5YewFuyVM63Zi-H44uzfDIBrazR4ulMpLpic1p-MLKa7L7DvPdH97Mx...

170 B
329 B

8ms
8ms

Image
image/png

142.251.10.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1E28EEA4B5974B7AB2694F694140E276&google_push=ATf1kGO63v4YEToRBLwJ8BZgg41Ko5Ms5YewFuyVM63Zi-H44uzfDIBrazR4ulMpLpic1p-MLKa7L7DvPdH97Mx2d7EN5fVdtxkSgi4

Requested by

Protocol

Server

142.251.10.155 , United States, ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1E28EEA4B5974B7AB2694F694140E276&google_push=ATf1kGO63v4YEToRBLwJ8BZgg41Ko5Ms5YewFuyVM63Zi-H44uzfDIBrazR4ulMpLpic1p-MLKa7L7DvPdH97Mx2d7EN5fVdtxkSgi4
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 04 Jun 2023 14:13:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 97C2
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMfxTgCmaLLhnQrvYUcBngM&google_cver=1&google_push=ATf1kGPGl9bFsdrCYWi3_o9u_Zl-VVR14vRy_fb-UEB0AoxZNR39tF1gbedaC3IZLXALWHRieaif2aOucrLxF7blWj...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEMfxTgCmaLLhnQrvYUcBngM&google_cver=1&google_push=ATf1kGPGl9bFsdrCYWi3_o9u_Zl-VVR14vRy_fb-UEB0AoxZNR39tF1gbedaC3IZLXALWHRieaif2aOucrLxF7blWj...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTA0Mzg2ZTctM2YyNS00MzgzLTk3ZGQtMGYzNjFiNzJjNjk4&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e04386e7-3f25-4383-97dd-0f361b72c698

170 B
232 B

8ms
8ms

Image
image/png

142.251.10.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTA0Mzg2ZTctM2YyNS00MzgzLTk3ZGQtMGYzNjFiNzJjNjk4&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e04386e7-3f25-4383-97dd-0f361b72c698

Requested by

Protocol

Server

142.251.10.155 , United States, ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTA0Mzg2ZTctM2YyNS00MzgzLTk3ZGQtMGYzNjFiNzJjNjk4&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e04386e7-3f25-4383-97dd-0f361b72c698
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97C2
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEK7b8U8QjpOY0QUr9mscBw&google_cver=1&google_push=ATf1kGOovuMuWQ8oapLQ_c9rfbcW22IFrBo_ErnTn_LrtHUoLzlwmUIiCGIyer3R4zexX_7d9aodYt_c2XboUHUKjC2B...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEK7b8U8QjpOY0QUr9mscBw&google_cver=1&google_push=ATf1kGOovuMuWQ8oapLQ_c9rfbcW22IFrBo_ErnTn_LrtHUoLzlwmUIiCGIyer3R4zexX_7d9aodYt_c2XboUH...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOovuMuWQ8oapLQ_c9rfbcW22IFrBo_ErnTn_LrtHUoLzlwmUIiCGIyer3R4zexX_7d9aodYt_c2XboUHUKjC2Bm9Vc_fzCxho&google_hm=TBPyQwNVQ3Wql0E1louV...

170 B
188 B

10ms
9ms

Image
image/png

142.251.10.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOovuMuWQ8oapLQ_c9rfbcW22IFrBo_ErnTn_LrtHUoLzlwmUIiCGIyer3R4zexX_7d9aodYt_c2XboUHUKjC2Bm9Vc_fzCxho&google_hm=TBPyQwNVQ3Wql0E1louVWg==

Requested by

Protocol

Server

142.251.10.155 , United States, ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOovuMuWQ8oapLQ_c9rfbcW22IFrBo_ErnTn_LrtHUoLzlwmUIiCGIyer3R4zexX_7d9aodYt_c2XboUHUKjC2Bm9Vc_fzCxho&google_hm=TBPyQwNVQ3Wql0E1louVWg==
Date: Mon, 05 Jun 2023 14:13:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97C2
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEH0RCquFrm9U2QdnLcvPpSs&c_param1=ATf1kGN8axvMULXYg0NCWUs4QDkLNA4yzrsaUyUyukGU04iySUB4E6Rlb3Go23bzuEK74LqAaNLBMyQo0tarRL3fArL_vb7-UdH5KOs&gdpr=%%GDPR...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGN8axvMULXYg0NCWUs4QDkLNA4yzrsaUyUyukGU04iySUB4E6Rlb3Go23bzuEK74LqAaNLBMyQo0tarRL3fArL_vb7-UdH5KOs

170 B
188 B

8ms
7ms

Image
image/png

142.251.10.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGN8axvMULXYg0NCWUs4QDkLNA4yzrsaUyUyukGU04iySUB4E6Rlb3Go23bzuEK74LqAaNLBMyQo0tarRL3fArL_vb7-UdH5KOs

Requested by

Protocol

Server

142.251.10.155 , United States, ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGN8axvMULXYg0NCWUs4QDkLNA4yzrsaUyUyukGU04iySUB4E6Rlb3Go23bzuEK74LqAaNLBMyQo0tarRL3fArL_vb7-UdH5KOs
date: Mon, 05 Jun 2023 14:13:56 GMT
server: nginx/1.23.2
content-length: 0

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 97C2 35 B
624 B 433ms
99ms Image
image/gif 183.79.248.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESELg-JYjKT9QRGdn0pRo5FcY&google_cver=1&google_push=ATf1kGMouIBMQQ4AbUpfC9BPmJoR7XU3ex-0q1s_jmqatqTpVRnIDgB9CpKelciAAUpaH0TnKv9czG6YRUmlC4A38KaMWobq-o8xv34_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.248.252 , Japan, ASN (),

Reverse DNS

Software

ATS /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
x-content-type-options: nosniff
server: ATS
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 97C2
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESED7jvLCZJxtDlgpBspzbh8A?ext-param=ATf1kGMWsJ7xwbbcFsieokvRABd-Uxl_YvKXc2zJif2sCSIMbBhrhWmLZUEeNtGmwDXftVKQ2MD60R_3tIkB7w4O1Z14gUKG3fMsvD2S&partner-tag=yandex_...
https://an.yandex.ru/mapuid/google/CAESED7jvLCZJxtDlgpBspzbh8A?redir-setuniq=1&ext-param=ATf1kGMWsJ7xwbbcFsieokvRABd-Uxl_YvKXc2zJif2sCSIMbBhrhWmLZUEeNtGmwDXftVKQ2MD60R_3tIkB7w4O1Z14gUKG3fMsvD2S&par...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESED7jvLCZJxtDlgpBspzbh8A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

214ms
214ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 14:13:57 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dot.gif
s0.2mdn.net/ Frame 97C2
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEFZ4RCA78hEmxYhG8czIi3w&google_cver=1&google_push=ATf1kGN-z9QePgc007CCx9dlNmi6gBSYI3PJGWl2xNJA04mLf4FdxalyzifpUFEcCOkrotC3e47exbnXQhRivFJ5ShLV...
https://sync.gonet-ads.com/match/google?google_gid=CAESEFZ4RCA78hEmxYhG8czIi3w&google_cver=1&google_push=ATf1kGN-z9QePgc007CCx9dlNmi6gBSYI3PJGWl2xNJA04mLf4FdxalyzifpUFEcCOkrotC3e47exbnXQhRivFJ5ShLV...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDhiYzM1MzRlMjc5NzRmNw&google_push=ATf1kGN-z9QePgc007CCx9dlNmi6gBSYI3PJGWl2xNJA04mLf4FdxalyzifpUFEcCOkrotC3e47exbnXQhRivFJ5ShLVtIp...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDhiYzM1MzRlMjc5NzRmNw&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
489 B

19ms
4ms

Image
image/gif

2404:6800:4003:c11::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Protocol

Server

2404:6800:4003:c11::95 , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:12:30 GMT
x-content-type-options: nosniff
age: 3688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 13:12:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 97C2 0
130 B 21ms
6ms Image
text/html 142.251.10.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRr0Pd21Mcs9bTr8gwib_4CJN3h5jqPRGaT6C2LCDmLXA3f-jOG66gsU6CeRij_srnybLgIJ3L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.155 , United States, ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1BBB 2 KB
1 KB 6ms
6ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZH3tpAAD0ZwKKwYQAANdDes4ps3D0PKCeDGnHw&u=%7CfYl59rkPDo1lN%2FL6mt8B6Q0q%2FVI3jfoV4x%2FlCpBIJwY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgtbV9KE84jUtLrlqIVzMjPQwcCgb2k0PayHJU79CtvS55l_hEpgp1S9OiJ3vlHQhUPkr53SIn4zxdqOQbUErUgWAT2Eup8uD5rLNtR6crmpgZNNF7Xus-hRRMRzv20xE9emVjkTHvftpn1p1auDngEzi2dNokis4Ik0PBWIt-phm1FHFNQ3tFkeASsCYcsLPkgtoH5k5HKYesKvo63evy7sv4uzGqKyeZcJHQGqYUHBTeBa5V87kLcAwbr1hNHTwzve9P-Lc8Gog3WKTsFjKkG4QBkag7QBi-U5BPqr5AS_P2eTKKRCejZHJtl2Z3U_QiJ5uX3dQtJqe-IX9sFpp_knFu8jt5Ktlhz5FQyZoFG374hqUvzBb36BGy2HK4Ny9AOMmFkvTBIqj2W2uhRFaMN6MK9Sjnt6wUXZqc8430xqFxGlUFAVUwgfSGCOoTeJEpk7QE_NEDmZf4kvS7Vg4dxvbg8AmjEeYMeoQWeJvuOX22Yg3jcuWGNHnJ30tXd15mofcGiZe78MmzQ7vLcrJkX4G_dL2hl7ayU26JrIEIhRoeMrs_GcE0_m1vneP9z9AqLAwBkvze6fi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjJ0apO19ZJyjD5CMrAGNuo2gAb3U7rBc0PuM6sMBwI23ARABIABgvwWCARdjYS1wdWItNTMxMjQ5Nzk5MjY0Mzk0MMgBCagDAaoE6wFP0F2Z1djeU1YKcCSFZdk-T3KXLfSZcLu9l7YFOwinTRwgTXBGOewufyT74mg0WI_cQo421b5zOzeqVlPFj7g7Xhug9TxqUkFR4-3YJrcJuZadJebhVK9ZgXNoTEyNtDWjQXP3otqtWl0C6PpvifIag6TImgTfuwcybBRXuzEaRcBIZFjAM8JvP2eE7lSMQ6UR25xvzHp6Inlqi4IIrNdKXu6CV6x2FFoTMrSzcBOV8xWYoxNkVLlRcA3wI8VP5rwcuIXmcUOBspII2O7BXlTAPVgmmIt-ia0UnurRYBW2VqePt_JapEd1Q7T3gAbMpNGmtd2g4uQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26bpLsjsi4G-rPCreiv8bHt_YLMw%26client%3Dca-pub-5312497992643940%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1BBB 2 KB
1 KB 5ms
5ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1BBB 308 B
636 B 8ms
7ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1BBB 293 B
621 B 9ms
8ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 1BBB 43 B
347 B 6ms
5ms Image
image/gif 182.161.73.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=FGhzrhJgvb91rUhnwltejZc_SrDhYu74uFNR-y3LnRcongsp_pYrIzzn1GMBSAwIRHh3BOA6PgTvR3pvfzQmNPipcVeigBcpfH_MKCWSWuJJVNfzMoGUV6Km3Y3ilVkSaVEtkWr3U-xLzHwmahsbt3dNrriq0wi5iFt_1UYAStDSYeYnyYVyUlp8rjGeCpOkT_sccb1vNIcPuVPxKU6O9VT-sUDLuH06qQHRJ2Pgbe_sFJn6vPYWPjxa-MS3EQjxtJd5FvVLUzFECI40fYqETcDL6beFiqLG6Q3QyNGPfgQwqYV2KoK-i7BMwWuX0B8GYNbsWn1AR1d5CJ6zYz4wFuj6uNyDOeHlLBVkKjMd5UzMGjNpP80RG4CM-8jqHhiOqjI0eQGqFUIu832E9BdER8h_mBwHc8bEJK5-AcHXriLV6Uc1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1709615
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1BBB 12 KB
5 KB 21ms
10ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 501504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPx4%2FuuJATRFz5SHUM2CMX9gPhaBYLA6I3AZH3vuZb9T2Buk7tTmMNG7ohdXuBcHwKeZkBLBztx7H0eqwwbOCif5897PtjSoC%2B2b5PVO7CxZvpRCVAC0hZMQPjB4nocnpmaOJI0%2BWCJlR7rGRUxV3qw6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2904e4e82540b4-SIN
expires: Sat, 25 May 2024 14:13:56 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1BBB 12 KB
6 KB 4ms
3ms Script
text/javascript 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1BBB 45 KB
45 KB 14ms
13ms Image
image/png 2406:2600:7:100::1f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?h=556&m=0&partner=26310&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F26310%2F230116%2F634110988e2a4206a93b56109c09ae53_logo_n_vertical.png&v=3&w=368&s=PDIqwzbo8mlLDPiPYBTS0_4U

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

3d7a2a2eb721dd2beb5bbfffab586bb0b49a2df2d50e97d4c6289b5b26e23b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 46078
expires: Wed, 01 May 2024 05:08:18 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1BBB 67 KB
67 KB 6ms
5ms Image
image/png 2406:2600:7:100::1f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2F%3Fcontext%3DbWFzdGVyfHJvb3R8MjM5NDIxfGltYWdlL3BuZ3xoMTcvaGM1LzEzMjAyODg3OTk5NTE4LnBuZ3w1ZDM0M2E3NDZhNWE0YWQ4YTc3ZjE2ZTgxMmFiNjI0NDFkOTQ0NjJiZjAxYmY0NzM0YWE5YzVhMGQwN2NiNmZi&v=3&w=800&s=7n1F_NBpLowoWa20NS_lf6T_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

c431b3a906f819669d002cbdf062cf73f167c09e13919c14943d6cf015af517c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=233309
content-length: 68331
expires: Mon, 05 Jun 2023 17:33:06 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1BBB 45 KB
45 KB 10ms
10ms Image
image/png 2406:2600:7:100::1f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2Flenovo-laptop-ideapad-flex-5i-chromebook-gen-7-14-intel-hero.png%3Fcontext%3DbWFzdGVyfHJvb3R8NDIxNjY4fGltYWdlL3BuZ3xoNmEvaDU1LzEzNjU1OTgzMjU5Njc4LnBuZ3xiYzFkNGVlZTViOTAyNGJlZWQ4ZGUxMmU1YTMxNDVmMGNlMGFhNmEwYjFjNjhjZDI0MDFkZGEyNGRjNjBiN2Vk&v=3&w=800&s=8RF7F_yJPtsS3eUtbb88eiDr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4fac92bfe609ae4954ada9793b6b798a4e3f75727327a521e532cd15824bb959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=232673
content-length: 46006
expires: Wed, 07 Jun 2023 01:09:25 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1BBB 50 KB
50 KB 5ms
5ms Image
image/png 2406:2600:7:100::1f

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2F%3Fcontext%3DbWFzdGVyfHJvb3R8MjAyMjE5fGltYWdlL3BuZ3xoY2YvaDEyLzE0NzMwMTY4MDc0MjcwLnBuZ3w1NzFhNmVlYjQ0ODFmMDgxYzA3NWQ2YWQ5ZDZlOWQ2ODFmOTA5YTYxYTVjZGIyMTRmNzI2ZWI3MGMzOTNlZjE4&v=3&w=800&s=JEZER-yI-dDU9xzjfeNj91t0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

3cb245c72cd3aa4d7861c885433126713211081526db84d84dc07868e24a2f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=233453
content-length: 51320
expires: Wed, 07 Jun 2023 01:07:55 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 1BBB 0
127 B 41ms
41ms Ping
text/plain 2406:2600:7:100::f

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=_MNuYUKXmfHkd09qgy-8zQJY7uHZ68Whey-fj4SlqTACbARSwvKcseZ8Ta177OQvVH080haWb8j5fCOxSf3kd_4oMPUT9U9pwnrc_DSOiUkrhC1whU_S68PblI_nIOW4GdE-xVcyLdQA1wNdg-UouZUurZHSEEU4e9OOtolMdiFOyY75jOhx9PeGxwK8Tj920MaABMrAIW4gIttGeIwKJOngg0ZVaXDCo43rJryosnJXkCYvQUt5gCB9ag6N2XfpWH7hmg&sds=2&rev=86437.3&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1BBB 2 KB
1 KB 5ms
5ms Image
image/svg+xml 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 lato-700.css
static.criteo.net/design/googlefont/lato/ Frame 1BBB 682 B
665 B 5ms
4ms Stylesheet
text/css 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef6-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame 1BBB 682 B
665 B 5ms
5ms Stylesheet
text/css 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 1BBB 23 KB
23 KB 15ms
8ms Font
application/octet-stream 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
H2 200 lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 1BBB 23 KB
23 KB 9ms
4ms Font
application/octet-stream 2406:2600:7:100::1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 May 2024 14:13:56 GMT

GET
DATA 200
OK truncated
/ Frame 0768 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ef2355d33c11ba4bc09e0ad5883cc61ad313bd33db3d36092980f4da36663e2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5768 15 KB
15 KB 23ms
6ms Font
font/woff2 2404:6800:4003:c01::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5e , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:10:15 GMT
x-content-type-options: nosniff
age: 597823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 May 2024 16:10:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5768 16 KB
16 KB 14ms
4ms Font
font/woff2 2404:6800:4003:c01::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5e , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 15:55:04 GMT
x-content-type-options: nosniff
age: 598734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 May 2024 15:55:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0768 0
19 B 61ms
60ms Image
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuqPho-19ZMz9N5jt9QPHxYfoDL3U7rBc8K_Evn3AjbcBEAEgAGAzggEXY2EtcHViLTUzMTI0OTc5OTI2NDM5NDDIAQmoAwGqBOIBT9Ae79S2wmzXlCVh4NIpx7XH8-HuAKCMxB9srLkIJFoD_YRogDjBH7shD4pVms0g5MjVRgZlaxXVLan_MN0MFhGD6d2mUMIrQG4yZ54RhKBJNh835UgOcq6Pc45d9F-HXsLD4GGddg0uyMSTmx3RScDZNq-n338JuC5_L-sd8dOTvqk56hT9DS8PZJf_3HMtYtRWHFY7MpDArgxGZrI1DkWVLDV37aKr6P6CnfUCv9bBThigeJ2eDmo7UEZw-8znCresdYHc1QnBiAW8eAO_fPbic5ujYgW18UcUCo80ialvpYAGop-suvamgpJjoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTMxMjQ5Nzk5MjY0Mzk0MBgA&sigh=B1HNatBKVTc&uach_m=[UACH]&cid=CAQSGwBygQiDeN5016FB9M42QfabBwP0uyvISK5zCBgB&vis=1

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 14:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame 0768 0
125 B 179ms
178ms Image
text/plain 2406:2600:4::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=ksWDFfezWaAB2ATgvNldAgAAAJ66UlspxEuBDB8jdxCj7X1kVG9KCtoDbegvAQAAEgAACgpBUVVCRFFFQkRR&wp=ZH3towAN_swKfXaYAAHix_Ut9IWyAZ1yIrBKwA

Requested by

Host: noveltoon.mobi
URL: https://noveltoon.mobi/es/watch/1351248/1449262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::13 , Japan, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:57 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 172353
server: Kestrel
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 13ms
13ms XHR
application/json 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230531&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9708389e098c9621996b912bae3450501a2f37295056006c2b7981cab897a9b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11147
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 14:13:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FD6B 13 KB
5 KB 7ms
4ms Document
text/html 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noveltoon.mobi/es/watch/1351248/1449262
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 362819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 09:26:59 GMT
expires: Fri, 31 May 2024 09:26:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D7F5 783 B
1001 B 10ms
8ms Document
text/html 2404:6800:4003:c01::67

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::67 , Singapore, ASN (),

Reverse DNS

Software

GSE /

Resource Hash

96fbf4e76ffaabc18d391c0c28862f6a869962648541a5c9d15c1b3182203bd8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UR99pnI4wlVa6R-f8gxLHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noveltoon.mobi/es/watch/1351248/1449262
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-UR99pnI4wlVa6R-f8gxLHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 14:13:58 GMT
expires: Mon, 05 Jun 2023 14:13:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D7F5 0
0 49ms
49ms Image
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230531&jk=433206157050694&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::9a , Singapore, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FD6B 37 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 11:03:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 184230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 11:03:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FD6B 0
10 B 3ms
3ms Image
text/plain 2404:6800:4003:c06::84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?900X0w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::84 , Singapore, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:13:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.as.criteo.net/ Frame 1BBB 0
127 B 42ms
41ms Ping
text/plain 2406:2600:7:100::f

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 05 Jun 2023 14:13:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230531&jk=433206157050694&bg=!QUKlQhbNAAY9J7QfHSc7ADkAdvg8WsgEssP7KJ2Z2bAByqFyJOZsbpuPYyuh7g9DHTB5ArDwnqGUTIO2z7lj6cyVSCMSkxjzdKgCAAAAZ1IAAAAFaAEHCgBexyA-WfeXrkKBmdETIA5EexQwuQKangN4-kwGIHA0CE6R9tKhhdHDjiPDkcsQ5UlVbTYD0JunUjTjO-NtLTmjRuS_mtsL2-4d42lJ-xUu-NObPmfH8D6fpB7WrF4ZrJkCxj6m32boaNnxzza57xD-9W1FxFkXKNmDPPnZ-90fUE1N3UTiav4D1WhaENQRVATzjR-s7XjoXtaybFxhHGG2BxeWlMknmE4O44JoYtTDvGV289Lw8kQVFk2Jbq29nyVFhbr_3pLZ2MwVF548-aaGvwEMMUdROHuSmapgpPi00h9dkCB_9yA8kljL-oAMdFV_UTIzFUIfxju1lpta4PuC4RsnB6QHhlbifkeT9bFBkjBjt5BDXccq6Eq-xBOlbqZ_EBktqeY1zeKkRU1E8MMoLqf7NF8aEo9gKWsYPbJOS43F6XYocUpAc6M1bC6uvckr9VLkTix4cQvYhXDNJaKwOyuf6AgYNPtlS6stjVKhn3tvsWA1uAe2NOUAK7LYcuhDWDWg4QkMY7I-sTol-bR7cEtPHyWC9FNDGqNZx5291pkikaktCOJCRRTKvY6nWsncLfh-iFyOAqgIrTNsWKJ2kIELFu6VfpHqnHMrG_qjCQ3lc1Br2POwEFKkpXI6ZdEtjjIl3lVk29aZfXFDZc6FL-tdICffliDva0vpUVlHxaMmCQggNHYGpujuFS0he_jbvK91lBLvLTTGdfHhZqF2ggQG0Rd-wn91gnjeRSpjx68EG7FVtcp65v2jNIDhPZ4NTbK5IjBMLJ0usNqD-syhQGaN4hVPdHc-W3C8NTvHI0hWah38IwPCZ_GJH_T0-n5V_7nvrnnvuFsxriiOOQqUyMHYBnRAe6TJir6Wn3gtT_VLYQgVsZ8SXWpxaleEKCHN7GZA3Ut5uK-Tzha4X073nOadkT2BglroNvCZ8QvVixMwGqJgEh7Y7Bq97xvew_fcyptIYwiqvqr1Ld1qvfyvA16qjuvf_6_JUbmsMmbShUmeaQICM4xmvM5GMuckVqZwxLvPgltHI9GC0hYuhxvk1RAgRhrb_74CVJFm_sv586vMsF0RHa5n
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::9a , Singapore, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

POST
H2 200 all
csm.as.criteo.net/ Frame 4806 0
127 B 42ms
41ms Ping
text/plain 2406:2600:7:100::f

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 05 Jun 2023 14:13:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0768 42 B
64 B 55ms
54ms Fetch
image/gif 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBp474hVREldJrH-FsExLNufBJ6JKjNOZ_5YvvkBtzQxSmLiV80CqiSL2sdZtN_UsVqrsS9znvjI7DPsI42q-67f4&sig=Cg0ArKJSzENPrW2APYWoEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685974436388&rpt=1892&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
50ms Image
image/gif 2404:6800:4003:c11::9a

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-5312497992643940&su=noveltoon.mobi&eid=44759842%2C44759926%2C44759875%2C31074990%2C42531706%2C44788442%2C44793499&doc=complete&pg_h=9998&pg_w=1600&pg_hs=9998&c=3&aa_c=3&av_h=285.500&av_w=628&av_a=149400&s=3557.078&all_s=433.078&b=784.922&all_b=784.922&d=0.087&all_d=0.171&ard=0.018&all_ard=0.056&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 14:13:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 1BBB 0
127 B 42ms
41ms Ping
text/plain 2406:2600:7:100::f

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 05 Jun 2023 14:14:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 report Show response
sg.mangatoon.mobi/api/v2/new/activity/sensor/ 55 B
349 B 16ms
15ms XHR
application/json 8.219.57.104

General

Check archive.org

Show headers Download Go to

Full URL: https://sg.mangatoon.mobi/api/v2/new/activity/sensor/report?_language=es&_channel=nt_official_web&_platform=web&_udid=1b0cf227-fe8b-4f92-8cf6-9d49f4f21fb4
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.219.57.104 , Singapore, ASN (),
Reverse DNS
Software: /
Resource Hash: 304ef85656061d315cfb7a480873ee9eb10323b0e30eb22178d7e8e7aaf365ef

Request headers

Accept: */*
Referer: https://noveltoon.mobi/es/watch/1351248/1449262
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 05 Jun 2023 14:14:05 GMT
content-encoding: gzip
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://noveltoon.mobi
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,X-Token
content-length: 74

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
noveltoon.mobi/es/watch/1351248	1970-01-20 12:21:00	Name: official_web_first_access Value: 2023-06-05
noveltoon.mobi/	1970-01-20 21:05:10	Name: MANGATOON_LANGUAGE Value: es
.noveltoon.mobi/	1970-01-20 21:55:34	Name: _ga_F3XVNMMDF5 Value: GS1.1.1685974435.1.0.1685974435.0.0.0
.noveltoon.mobi/	1970-01-20 21:55:34	Name: _ga Value: GA1.1.1895210266.1685974436
.noveltoon.mobi/	1970-01-20 21:41:10	Name: __gads Value: ID=1e61b7421d62e9cf-22f213f9d1e1001e:T=1685974435:RT=1685974435:S=ALNI_MZWbvsSqRYCbfVfshWGEhvkI2vuBQ
.noveltoon.mobi/	1970-01-20 21:41:10	Name: __gpi Value: UID=00000c0fbe2cf991:T=1685974435:RT=1685974435:S=ALNI_MbDJlcR3hA_frP3Nd3EBJ_Xc3CkBw
.doubleclick.net/	1970-01-20 21:55:34	Name: IDE Value: AHWqTUnrSzgqyUZDwKojI1SqOwrd1rEJEEsfLWuSdhwdPqQaCkx4UZ1pRhxusPP2LJ4
.simpli.fi/	1970-01-20 21:06:36	Name: suid Value: 1E28EEA4B5974B7AB2694F694140E276
.adsrvr.org/	1970-01-20 21:06:36	Name: TDID Value: e04386e7-3f25-4383-97dd-0f361b72c698
.adsrvr.org/	1970-01-20 21:06:36	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIqq-7nqT28jsQBRgFIAEoAjILCLzjwcu69vI7EAU4AQ..
.bidswitch.net/	1970-01-20 21:05:10	Name: tuuid Value: 4c13f243-0355-4375-aa97-4135968b955a
.bidswitch.net/	1970-01-20 21:05:10	Name: c Value: 1685974436
.bidswitch.net/	1970-01-20 21:05:10	Name: tuuid_lu Value: 1685974436
.bidswitch.net/	1970-01-20 12:19:34	Name: google_push Value: ATf1kGOovuMuWQ8oapLQ_c9rfbcW22IFrBo_ErnTn_LrtHUoLzlwmUIiCGIyer3R4zexX_7d9aodYt_c2XboUHUKjC2Bm9Vc_fzCxho
.yahoo.co.jp/	1970-01-20 21:06:36	Name: XA Value: 74g14jdi7rrd4&sd=A&t=1685974436&u=1685974436&v=1
.yahoo.co.jp/	1970-01-20 21:55:34	Name: XB Value: 4p5f4tpi7rrd4&b=3&s=0k
.uuidksinc.net/	1970-01-20 21:05:10	Name: jcsuuid Value: nITAqFlAN2Xy6k5ySNQv
.yandex.ru/	1970-01-20 21:55:34	Name: yuidss Value: 5898388011685974437
.yandex.ru/	1970-01-20 21:55:34	Name: yandexuid Value: 5898388011685974437
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.gonet-ads.com/	1970-01-20 21:06:36	Name: pid Value: NDhiYzM1MzRlMjc5NzRmNw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESELg-JYjKT9QRGdn0pRo5FcY&google_cver=1&google_push=ATf1kGMouIBMQQ4AbUpfC9BPmJoR7XU3ex-0q1s_jmqatqTpVRnIDgB9CpKelciAAUpaH0TnKv9czG6YRUmlC4A38KaMWobq-o8xv34_ Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.as.criteo.com
adservice.google.com
adservice.google.com.sg
ajax.googleapis.com
an.yandex.ru
at.alicdn.com
cat.jp2.as.criteo.com
cat.sg1.as.criteo.com
cdnjs.cloudflare.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
cn-e-pic.mangatoon.mobi
cn.e.pic.mangatoon.mobi
csm.as.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
imageproxy.as.criteo.net
lh3.googleusercontent.com
match.adsrvr.org
noveltoon.mobi
pagead2.googlesyndication.com
partner.googleadservices.com
platform-lookaside.fbsbx.com
rtb.jp2.as.criteo.com
s.uuidksinc.net
s0.2mdn.net
sg.mangatoon.mobi
static.criteo.net
sync.gonet-ads.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.227.254.16
142.251.10.155
182.161.73.132
182.161.74.13
183.79.248.252
185.196.197.130
188.42.105.236
2404:6800:4003:c01::5e
2404:6800:4003:c01::67
2404:6800:4003:c02::5e
2404:6800:4003:c03::84
2404:6800:4003:c03::9d
2404:6800:4003:c04::61
2404:6800:4003:c04::9d
2404:6800:4003:c05::65
2404:6800:4003:c05::9c
2404:6800:4003:c06::84
2404:6800:4003:c0f::5f
2404:6800:4003:c11::5f
2404:6800:4003:c11::95
2404:6800:4003:c11::9a
2404:6800:4003:c11::9c
2406:2600:4::13
2406:2600:7:100::1
2406:2600:7:100::15
2406:2600:7:100::1f
2406:2600:7:100::f
2602:ffe4:c45:0:3::3fd
2606:4700::6811:180e
2606:4700::6812:40f
2a02:6b8::90
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f00c:310:face:b00c:0:2
34.124.209.251
35.213.12.39
35.71.131.137
8.214.4.44
8.219.57.104
00bd391a879e05d2b24f6498d9104c78d0bce70f3e23ad9946ef2f0a9b457fee
062f97a5bb2e98eac7b7d64fbd4b06b99af2564ef5a6d672e4e084a0e1a87cbc
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a851af761da4d5b2920eb522503dde3e017327ab304457fd8181089e3777d7a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d6c5f8b760683ceeadbfae6fe06047e9361c0b5e94da4c6a6d554ccc6327823
115ac196e4821cdfae6df952794c68a779a4f4bfde803c682a5775766caa37a1
1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34
254411e9736034009d87f293afad28c8be62581b16025f8399b725f66d90b351
2c701f4b0f0afc2845478cf781d1c38d223892da9fa2e02829ab5f9fda2e6fdb
2e1061d2ad6ee8436c3193560f00eff61a83fde0c9e1bf4eb35e854fb4fc181d
304ef85656061d315cfb7a480873ee9eb10323b0e30eb22178d7e8e7aaf365ef
3083841aed22520b22bc064a57b040c2b73585a01f715ef71d796ebb9548252a
30d56634bc54f041475c7e91331e9f7d968ea607e9dfbba5be5f5d132543bf88
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36d93a6d2bd0a69d97fe5d34c6772f1af6d1b701d131b0de9d7dbc5ceeb657c4
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
390fb5db800ca910cb3d87984fad8158dea5ddff5d96ba86e0ff58fd766b857a
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3cb245c72cd3aa4d7861c885433126713211081526db84d84dc07868e24a2f74
3d7a2a2eb721dd2beb5bbfffab586bb0b49a2df2d50e97d4c6289b5b26e23b20
3ee3fa36e20734a5769616e70ef71f571c1d68402485897956397e1b805a233b
41f5b14edc95cec8e25198d4ff6579ba67865a964aaeffa9dce79d52a7788cbd
48a5b45b388eb8541608f7e122fab7f48bc0f2f87d2b0ef5f9c7ef9ce5cccd9e
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fac92bfe609ae4954ada9793b6b798a4e3f75727327a521e532cd15824bb959
50917a92dafa18a9fdbd1aeab3dd7284a7b4a515e6fa9d18e81ff4f13ee8eee1
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
82f3e7624f58aeabaee59129c01d267d085245dcca365b6daf66ae055684dcff
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9058c3e512c62efef7a4fc3b73d342b0bdf5eaf36670f304897b4e801f454202
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
96fbf4e76ffaabc18d391c0c28862f6a869962648541a5c9d15c1b3182203bd8
9708389e098c9621996b912bae3450501a2f37295056006c2b7981cab897a9b2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ef2355d33c11ba4bc09e0ad5883cc61ad313bd33db3d36092980f4da36663e2
a12cc324b19016ca101c3aa2a58ffdafe632b29de063a7ac71fa59911b9df8be
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3ce42fa7a9f31e72937bcae432fb75e7e0500b27a1dd49bea6b6eca9e0281dd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54abd47c589f892f5f223ba04ce43c0672674e6662786363ee7975f0f4fee5d
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa7df0c5b86ce3cd02f68a14a32f30b8c48cf07a86ea75194fd71d249f5e3fdc
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
af7733fd0f3e3a1413df3073e2874ff88a11470b52223c58524a5b0780ce0142
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b17ee1fc8978a8c0755c05dca7869bdd0adbb3744dc65445c73dd6f32311dd94
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c1a09bc539d52255745115e9e0b69131c877c1267e83e6d24b16d3a45970ff4e
c39d6346a2bcc010c6e38423f42474d048986f4ceb4d6cff6b89081344072dd3
c431b3a906f819669d002cbdf062cf73f167c09e13919c14943d6cf015af517c
cec758637484509f3954eddb7935822830d00d01b38e0b359eddf099070c1acf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4967fe424c7bee14029eade627320ce0b8587b1b557f049bcc568d31545a567
d67c40cb551ee6d566218a98ffb7d8d2934231f7872cf2a909f5eaecb0dc42db
d763f47a0e9b1b7cc2a9418ca58a0b58afab56f987fd42ceb1ff19959a7855cf
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f
e7f7ec0e2a3e427293537698a64e6fa8ab9d90a9323595d9db4d5f0a0e17e5d7
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
edaaf9a91226b7ef9b4bf210e3b37769f0ba7a7b99b6f9aba6c1805f101dabca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae43f983409ef05568ef4351bcf8b0863d664617cf9d7650e8f99c21b692d8
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa4472a78633974a1008857136e2f88f0757dd00d6a839808569998049df7d1f
fe116d39762e7bd9b1016b35d136cc1972192b3055a1753cf0258cb03cd6129b
fe61667399173afefaf78b70cd374711deb4a839c617354f602290bbac5b4236

noveltoon.mobi Open in urlscan Pro 8.214.4.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

118 Requests

93 %HTTPS

68 %IPv6

27 Domains

39 Subdomains

33 IPs

6 Countries

1392 kBTransfer

3427 kBSize

21 Cookies

10 Outgoing links

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

noveltoon.mobi Open in urlscan Pro
8.214.4.44 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

93 %
HTTPS

68 %
IPv6

27
Domains

39
Subdomains

33
IPs

6
Countries

1392 kB
Transfer

3427 kB
Size

21
Cookies

118 HTTP transactions
7 data transactions