www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Submission: On September 06 via manual (September 6th 2023, 2:56:54 pm UTC) from US — Scanned from CH

Summary HTTP 104 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 9 countries across 18 domains to perform 104 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
14	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.218.77 104.20.218.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::6816:2f93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1 1	103.3.63.48 103.3.63.48	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	18.194.47.135 18.194.47.135	16509 (AMAZON-02) (AMAZON-02)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	69.166.1.67 69.166.1.67	27630 (AS-XFERNET) (AS-XFERNET)
1	54.95.87.33 54.95.87.33	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.156.196 35.214.156.196	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
104	20

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:2f93 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.3.63.48 (Singapore) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li819-48.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.47.135 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-47-135.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.67 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.95.87.33 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-87-33.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.156.196 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 196.156.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115	302 KB
23	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 cm.g.doubleclick.net — Cisco Umbrella Rank: 259	329 KB
14	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 399	260 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com — Cisco Umbrella Rank: 998639	483 KB
9	criteo.net static.criteo.net — Cisco Umbrella Rank: 653 csm.eu.criteo.net — Cisco Umbrella Rank: 8658	62 KB
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	227 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8559 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9381 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15092	20 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 156
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 369	1 KB
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1063	413 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 7806	44 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1120	755 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 14071	597 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1977	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 10633	467 B
0	chocolateplatform.com Failed cs.chocolateplatform.com Failed
104	18

	Domain	Requested by
20	tpc.googlesyndication.com	f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
14	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
13	securepubads.g.doubleclick.net	1 redirects cdn.ampproject.org www.xgcartoon.com f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8	pagead2.googlesyndication.com	f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com www.googletagservices.com
7	static.criteo.net	ads.eu.criteo.com
6	cm.g.doubleclick.net	dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	www.google.com	2 redirects tpc.googlesyndication.com dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
4	googleads.g.doubleclick.net	f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
4	www.googletagservices.com	f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
4	f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com	cdn.ampproject.org
2	www.googleadservices.com
2	ssum-sec.casalemedia.com	2 redirects
2	x.bidswitch.net	2 redirects
2	dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
1	csync.loopme.me	1 redirects
1	cc.adingo.jp	dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
1	sync.go.sonobi.com	1 redirects
1	a.c.appier.net	1 redirects
1	rtb.fr3.eu.criteo.com	f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
0	cs.chocolateplatform.com Failed	dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
104	27

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G2	`2022-09-14` - `2023-10-16`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-07-21` - `2023-10-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Frame ID: F8AC217C041BC05735E8CE9922228EAF
Requests: 40 HTTP requests in this frame

Frame: data://truncated
Frame ID: F0BD26C68709411311BC72D43E888FCA
Requests: 1 HTTP requests in this frame

Frame: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 51D0D532681EEACA6D5A7259645DB1B9
Requests: 9 HTTP requests in this frame

Frame: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 267959CC56AC8B7A5B32C84BE23D04D1
Requests: 10 HTTP requests in this frame

Frame: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 130859C0EAF5C086323B4B2AC38AE87B
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPiTMAAE0xoH_YSjAA37b3gYu73r45gYxFNJhw&u=%7C5WQEiFZqeNFUNa9o%2FdamtaYkHTAgaN9yxyI%2FB51xOqA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgkomLnrnn8qkSCFAawZDNKsDpS5F79akQqBUSJUAJUGpFIXqwyK8osImCLOwYz3KBqETHHwAf70LrI_TFIHIv9u32e5AYoZ-pJoN-eswZGcft5WPWfucW0Wp14YZrYgm9YvqK_1EGJif7EtjTuwkJJQj6RSz3qYswH_BASGpBVr4WRaqrUh4EyPsa4oEQrvvQAaDfYnDo-ztgKcM6o3awHFwqbqtBRry7AY8jUq7e1NCsomFTfpiFL9lwkVSMUOTbYA-YX6J6OmIOz3M5ku6bwvKPs6hUrND8_5fyzcSvAIsQZV4YHNQH-nuv3kJOPWJFJJRISFJ7_NhSOovpl6VY9EUCmpB2YaSbzxDwe4R70S5aDRjIPvdWJSsd9KEwsIU1yY--a5BQFga_SS54hhfMVsLj-v4lFfseSdpJiRVWpYKTRPkEPVtkAfhEdE1JGziUT3FntUXIZjhzUXZSHN_cdDMb6PCqManUMYA8ERzEFZUk-YDJrIHvKXMpxEUkvIuuohBJEuB2HLqmx6rHKJ6IECnpuBOTW9tL2ZbuBsxym9HlmTc6Xzx7IYdjmoYzvu4OVJUzJZr4hGmVUOtWbPn5hIvOndC1egF8AOM0iTzuFpv-KF0eZ1uqKtWNZ1VqhvdXfuVyGtPNEZGJDmtAX2IG_g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRjMyMJP4ZJqmE6OJ9u8P7_a34ALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAnzVXKqX_7E-4AIAqAMByAMCqgSkAk_QzN_GV4DKjLhnrZ9JuKKUKqLGRVbwNrmF8J7-0VLkbOj2xvI0XM-wZNXbAzTX7Wimzys84fbBq_1-jOYwe54A94VuDcFT9SQFuXDDP2kdSpF3mSx5N56FZJXln5nfcUoDBlrcMSwNe3z6Af-KL4l1Vlcw8NNxohZ6sF6kzxIwnpr30YxIoEhKrXPbkzeEsWlTzWFJWXnzdba_nJ72G-DGXE1VBwoXB7GZcbCSW4VQMccMj8joUPGWTCpsj7X51KZ9i_u4U2sVVXxDPOmjBfGOHqOYRCLvtIHVYoR39QdyITVCjMFI1YZ_g1Nxr5lvq2OtE8s2PNaXUJRql8m8ZC2LK_R47wrXAiS1i7LWS4gNk4h2y474zYbpQP0E28MsdPMy-8rgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0A7Rm9KmN3QcrzznQpZHL4bGKW9w%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: D05067B1F86A52A4DB1BBD5166134D33
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 049C6580909BFA8AD74EAE1574B02414
Requests: 2 HTTP requests in this frame

Frame: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5EEF13282A1F6D4D9B0412D03B3C51E1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js
Frame ID: 19D808F7F749BF23735FD985AD9CD38C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ADF036EAF5DF3FA74E3F8DAD5DDF1E0E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA5841143419C600F48D4060ED9721F2
Requests: 2 HTTP requests in this frame

Frame: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BBBB7F0A14CA9B2291E0234DD3725E5A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 41B6ABC58D4C089E307A2D24BFFC1292
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8AFA25C77BD0C9A98ADCD03530A62777
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js
Frame ID: E714970C261015177B5B70C8C087DDD5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍹宦妃天下動態漫畫（4K）免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Page Statistics

104
Requests

93 %
HTTPS

54 %
IPv6

18
Domains

27
Subdomains

20
IPs

9
Countries

1685 kB
Transfer

3870 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 99

https://a.c.appier.net/gcm?google_gid=CAESEAlBqrA68MXNTmAO5-RZqWM&google_cver=1&google_push=AXcoOmQNw9h4tqU2qEUfKx9DCglGpf0sh8tG3p7o0dO4mlhPRNHhEq1NzdcNKnH9FPsEh3ZoT82gbZs_m7hZuX8kzC5uzrUCdG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MXNEUTk1ZGxDYmViWHFCSk1wUDRaQQ%3D%3D&google_push=AXcoOmQNw9h4tqU2qEUfKx9DCglGpf0sh8tG3p7o0dO4mlhPRNHhEq1NzdcNKnH9FPsEh3ZoT82gbZs_m7hZuX8kzC5uzrUCdG8

Request Chain 100

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKntvx-1UfFM3qmRvNRJoLw&google_cver=1&google_push=AXcoOmQ3Quw4QBCRGOntRXUU4izqkypf7sfL_Ig4ytyNg1cZp9babXxt-xfFBNiwJZam3yZbwAtqupUN7LgGn1NeWpLr74ZWnw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKntvx-1UfFM3qmRvNRJoLw&google_cver=1&google_push=AXcoOmQ3Quw4QBCRGOntRXUU4izqkypf7sfL_Ig4ytyNg1cZp9babXxt-xfFBNiwJZam3yZbwAtqupUN7LgGn1NeWpLr74ZWnw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ3Quw4QBCRGOntRXUU4izqkypf7sfL_Ig4ytyNg1cZp9babXxt-xfFBNiwJZam3yZbwAtqupUN7LgGn1NeWpLr74ZWnw&google_hm=Iy0AFOiJQ56dT3PFc5C79g==

Request Chain 101

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDUTXVsg2z9fzfAXaYiEoSA&google_cver=1&google_push=AXcoOmT5Y-4ByMljE-WZlAVIMdzWvhWQUrRdeFMZmxqIVa-0N-CTe19W_HK_uaWO1SEDNChTvEHXbszoI9ypoBTdTxItrBoYhrQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDUTXVsg2z9fzfAXaYiEoSA&google_push=AXcoOmT5Y-4ByMljE-WZlAVIMdzWvhWQUrRdeFMZmxqIVa-0N-CTe19W_HK_uaWO1SEDNChTvEHXbszoI9ypoBTdTxItrBoYhrQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDUTXVsg2z9fzfAXaYiEoSA&google_hm=ZPiTMY2JxyeEwUm6LpPv8wAABLAAAAAB&google_nid=index&google_push=AXcoOmT5Y-4ByMljE-WZlAVIMdzWvhWQUrRdeFMZmxqIVa-0N-CTe19W_HK_uaWO1SEDNChTvEHXbszoI9ypoBTdTxItrBoYhrQ

Request Chain 102

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRqs4mEXw6-STwdBydXC_WVc1qBvqd0oSbCK9FHLBcsW9asbnP3ofxvlrA8jxt55l0f_lgdq8bdVV_DIJa2LQlhBliSMbQ%26google_hm%3D%5BUID%5D&google_gid=CAESEJBR7kDms57L1nZoinP3Eqk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRqs4mEXw6-STwdBydXC_WVc1qBvqd0oSbCK9FHLBcsW9asbnP3ofxvlrA8jxt55l0f_lgdq8bdVV_DIJa2LQlhBliSMbQ&google_hm=081f956b-6003-401c-a51d-c6952c700a18

Request Chain 105

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEGRqIuIocPOlmrsDNrR1Z68&google_cver=1&google_push=AXcoOmQwygHn6-EQDMkR0SJPRqtCgTViohmle0uOJSaxAP8cYjib5VFkMnIwxDQvu1Cf-ijkoeQcyY2T622P4HT0V8qEEjTBJOOQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=1de8f3c9-1e7b-4021-8b58-484417c520cb&google_cver=1&google_gid=CAESEGRqIuIocPOlmrsDNrR1Z68&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQwygHn6-EQDMkR0SJPRqtCgTViohmle0uOJSaxAP8cYjib5VFkMnIwxDQvu1Cf-ijkoeQcyY2T622P4HT0V8qEEjTBJOOQ&gdpr=${GDPR}

Request Chain 107

https://securepubads.g.doubleclick.net/pagead/adview?ai=Co44oMZP4ZNbNDf2S1PIPj8iD0AK18IHpcqznoqShEvrx1rLFARABINPLzjBg9ZXOgeAEoAGSm4DQAcgBBqkCkOhRQAkFsj7gAgCoAwHIA8sEqgSVAk_QdctgnNtnAHIgGN1Fu33LqCcKHA7hYugQS2wz6Z6T4mPIYm_I-zQ_DZ9U2qPXg1OxwD_KZjLsX11Ygp5BEe72yR419UbUTgynsUdeB2-1ilM-fsJafjqcjqLsR1fxiOLTLzVuZ3bxJoi0VliG38MbedYu_dlYDFatGVTaPE4PZc9wmh5HLfVCZLc4jPm0kkxfEPMZzIafKq4lZxvHSEdtEpR9K4G4l77yii68TdnO71jVUAQvOBIH-gblEVAF8Oht07_v9FpT2qnsCC-Zb_xeJbuHhRFLM8_KDaaBt_F5A_dThSo_UjKAEfYsJkS7ppgdB0GkFBRntnDJ1DDvP6wiy4t1AUhVLewJjV6pz6xmKWadHb3ABIqHhJ-nBOAEAYgF37Wpp0ySBQQIBBgBkgUECAUYBKAGN4AH0fnc0wOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDQf9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgm7Amh0dHBzOi8vamVlcC1jaC5vbmxpbmUvZGUvbGFuZGluZ3BhZ2UvMzAxMTc5LzMxNjdfMzAxMTc5X0FWRU5HRVIuaHRtbD91dG1fY2FtcGFpZ249amVlcF9jaC1kZV8yMDIzMDlfZmxpZ2h0LWF2ZW5nZXJfYXZlbmdlcl9jb252ZXJzaW9uJmFkdmVydElEPSZ1dG1fbWVkaXVtPWRpc3BsYXktcHJvc3AmdXRtX3NvdXJjZT1tb2NjYS1kaXNwbGF5bmV0d29ya3MtYmFubmVyb2ZmZW5zaXZlJnV0bV9rcGk9Y3BjJnV0bV9mb3JtYXQ9YmFubmVyJm1jcF9pZD0yNjc3My0yMDJfMzAxMTc5Jm1fY2FtcGFpZ249amVlcF9hdmVuZ2VyJnV0bV9jb250ZW50PTMwMTE3OYAKA8gLAdoMEQoLEPDLwfGXtI3I6AESAgED2BMC0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=-5RtIUK1YBs&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWXd0W8umZnb0T0Sl_JaM-uv8C50kM-4Izep0N7YW9Yi0C0m9zGAE&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcbe41d7ef8dcba660000000000000000%22,%222%22:%220xd19d5b29915a15490000000000000000%22,%223%22:%220x8639a698450e25690000000000000000%22,%224%22:%220x19feb948f7878afb0000000000000000%22,%225%22:%220x960979c2a4fd9e5d0000000000000000%22},%22debug_key%22:%224705589355319141515%22,%22debug_reporting%22:true,%22destination%22:%22https://jeep-ch.online%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22436211090%22],%224%22:[%2209-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215969335247643594497%22}&andc=true

104 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request huanfeitianxia_dongtaimanhua-miaokela Show response
www.xgcartoon.com/detail/ 92 KB
18 KB 822ms
399ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b31c3164f2934f94b4e9c90d2787d49f5e6db387bbe56997fb92b3778badc4e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 06 Sep 2023 14:56:46 GMT
etag: "16e8e-w04k+zef3/olX5nS/kNhaR8VX38"
expires: Wed, 06 Sep 2023 14:57:46 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 132ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Sep 2023 14:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72941
x-xss-protection: 0
server: sffe
etag: "1fd4dd9eff57c430"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 14:56:47 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 113ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Sep 2023 14:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23124
x-xss-protection: 0
server: sffe
etag: "91fba5c7cd59114d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 14:56:47 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 142ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b491eb99f9549187dc757f548439a68f8d385df9f7397f8f100cabd3391c4a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Sep 2023 14:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9429
x-xss-protection: 0
server: sffe
etag: "0f2e69affa5191d7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 14:56:47 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 150ms
78ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0809abae4993d7aa20f26fd2f096e478bbb3ec27bae0be65d52f702cd65b5941

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Sep 2023 14:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14979
x-xss-protection: 0
server: sffe
etag: "a24acf355e95977e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 14:56:47 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
16 KB 100ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

654025901511fabd988a4842e4bbafe98ce91ba2f4a63df1f2c3b994643d8017

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Sep 2023 14:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
server: sffe
etag: "d317937609610457"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 14:56:47 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 123ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ceeca6156452a781004a85b58e62d32cef13a733dbaa8d53747f59ac31b0c0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Sep 2023 14:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4744
x-xss-protection: 0
server: sffe
etag: "b037f357d3f1155b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 14:56:47 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Sep 2023 14:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10339
x-xss-protection: 0
server: sffe
etag: "6b0a8d436e5c7ad3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 14:56:47 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
31 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Sep 2023 14:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32129
x-xss-protection: 0
server: sffe
etag: "d5ab003501cb3fb7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 14:56:47 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
467 B 221ms
158ms Image
image/gif 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 80278f87dd02927a-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 212ms
212ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:47 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Wed, 06 Sep 2023 14:59:47 GMT

GET
H2 200 huanfeitianxia_dongtaimanhua-miaokela.jpg
static-a.xgcartoon.com/cover/ 148 KB
148 KB 1022ms
964ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/huanfeitianxia_dongtaimanhua-miaokela.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b10b48b89bd734afa63f0fbd00d2829b79a0be2e993a6e306592176a3b7f3dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 23:44:03 GMT
server: cloudflare
etag: "BCB76CABEF79620822212362461655C1"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 80278f891dcb363f-FRA
content-length: 151282
expires: Thu, 07 Sep 2023 13:23:39 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 212ms
211ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:47 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Wed, 06 Sep 2023 14:59:47 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 212ms
211ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:47 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Wed, 06 Sep 2023 14:59:47 GMT

GET
H2 200 nimajiadiaole_youhuangbixia_dongtaimanhua-yunshuangtangwenhua.jpg
static-a.xgcartoon.com/cover/ 84 KB
84 KB 1002ms
944ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/nimajiadiaole_youhuangbixia_dongtaimanhua-yunshuangtangwenhua.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bfb9ca34892dfd934c84df5cb9a20664c788efb1ff03ce64e997a4ba3a2c34d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 23:23:09 GMT
server: cloudflare
etag: "5C2C23725FFA3CB2C57AD558F3E64938"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 80278f891dcd363f-FRA
content-length: 86036
expires: Thu, 07 Sep 2023 05:13:17 GMT

GET
H2 200 guominxiaocaoshinvsheng_dongtaimanhua_di1ji-yuewenjituan.jpg
static-a.xgcartoon.com/cover/ 66 KB
66 KB 1070ms
1013ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guominxiaocaoshinvsheng_dongtaimanhua_di1ji-yuewenjituan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 592498482ee6f47a6417c2fe0828b6c8ef8840df0ef67635507578321e29821a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Dec 2022 07:56:20 GMT
server: cloudflare
etag: "0520C015B362EE2F7BE0133E95A9D37A"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 80278f891dce363f-FRA
content-length: 67488
expires: Thu, 07 Sep 2023 05:08:23 GMT

GET
H2 200 yifeitianxia_dongtaimanhua-akewenhua.jpg
static-a.xgcartoon.com/cover/ 71 KB
72 KB 1000ms
943ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yifeitianxia_dongtaimanhua-akewenhua.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 591fbd32d583b622b9bbfbad8854c62faec8ca2392f9dc352476ef8a1c19bc67

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 01:38:07 GMT
server: cloudflare
etag: "FA9C244812E8D29A53B16958C3DC285E"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 80278f891dd0363f-FRA
content-length: 73006
expires: Thu, 07 Sep 2023 05:24:00 GMT

GET
H2 200 mamikuaipao_diedizhuilaile_dongtaimanhua-shaoxinghuangman.jpg
static-a.xgcartoon.com/cover/ 78 KB
78 KB 997ms
940ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/mamikuaipao_diedizhuilaile_dongtaimanhua-shaoxinghuangman.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 622055b9c3520e46b2170e1e51ed0c17a7359ea7ac68ecb8b58027bd820ab81e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Dec 2022 03:52:53 GMT
server: cloudflare
etag: "D22B71AEBA7DE9352B89A6690ECB2521"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 80278f891dcf363f-FRA
content-length: 80020
expires: Thu, 07 Sep 2023 05:13:17 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 8 KB
3 KB 60ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:30 GMT
age: 76217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2968
x-xss-protection: 0
server: sffe
etag: "20a8808a3fce3085"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:30 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 237 KB
63 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8833bac0069b4cd7d4afc62f869ec2d1d7f5c59a9e2ed9b9490de73e5723e2d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:32 GMT
age: 76215
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64143
x-xss-protection: 0
server: sffe
etag: "8b5731faa80e47c3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:32 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 12 KB
4 KB 40ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:31 GMT
age: 76216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3948
x-xss-protection: 0
server: sffe
etag: "a02df160e36bd176"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:31 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 949ms
885ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2308242321000&d_imp=1&c=6004031&ga_cid=amp-CziZjamjxEAlin6bleMFrA&ga_hid=4031&dt=1694012207584&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuanfeitianxia_dongtaimanhua-miaokela&bdt=332&dtd=12&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7e310b5dc2b9453f1a1b824b36cffa9e171c913c33b0359012703efb2f18c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13967
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CJr-r5-floEDFaOE_Qcdb_sNLA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 06 Sep 2023 14:56:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
17 KB 578ms
515ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2308242321000&d_imp=1&c=6004031&ga_cid=amp-CziZjamjxEAlin6bleMFrA&ga_hid=4031&dt=1694012207584&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuanfeitianxia_dongtaimanhua-miaokela&bdt=332&dtd=14&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14c120b520045f4ec077d2969a667f6f2994737de0c10f44695625eeca8eb0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 160x600
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampanalytics: {"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLnHk0GnqckCBQp46W2DOysNpo3WSHyRBJ21_rtp0R2e3DGZpKGARMwAoi9YjNhFE1vE-Gfb35KWxbUNEdciWEsJgPJJxXGr2NvYgG0_D87mZE-sVx8YuLmCGSoxhHOTrBlB9Q_kxG3g\u0026sai=AMfl-YQvKqG39a1VKOK_vAE4V8_hk2_YJEwkBcY5bFl0Q2vhiDsyx8vEShUph6_rXDQns6pS5woXNpVqZIgz\u0026sig=Cg0ArKJSzMoAxkk5PDGwEAE\u0026cid=CAQSGwBpAlJW8zvizuTLIu8CFUoRbLmbsgSle79-7RgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=3018598273"],"btrUrl":[]}
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15696
x-xss-protection: 0
amp-fast-fetch-signature: google:1:np6n+dDAZ2m0e7bXWABsMEyOj9QB084pJdLNUL36UBBPIU8G2gP/39/sE6JLlzJXD4WiMvvtlKPBACDp1lD7yNKb9eG1aAGw12N80It4tyFld5uTkrhEEK2ShadDRm6nCtsIHqgstx9P9ol5elBemmWKeX5SNh94NibRCvuNLncyYE0ADfFDND4xXejAK6NmgO4IOdIGhuS2qNDH9RXatggbYOWX5VYwwGNzUH8o4TCLPNbeeKZTptNYTA42gMVUMwOstQdlsnk7f2FQJrynP0ADf9xhnpdKfepHH9vkzoV1XpLLedZwRC7s4yddNCxt09rw8UOOkC7016fvpDMLYw==
google-lineitem-id: -1
x-qqid: CK7GmJ-floEDFUug_Qcd4XAF8Q
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 06 Sep 2023 14:56:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
23 KB 788ms
725ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2308242321000&d_imp=1&c=6004031&ga_cid=amp-CziZjamjxEAlin6bleMFrA&ga_hid=4031&dt=1694012207584&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuanfeitianxia_dongtaimanhua-miaokela&bdt=332&dtd=15&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29ebb763c530362d96bb591b53bcb3573395d671f53f7b1f011878acb6108ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23247
x-xss-protection: 0
google-lineitem-id: 6350518020
x-qqid: CN7diZ-floEDFUXuuwgdgfUO1g
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138441312652
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 06 Sep 2023 14:56:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
17 KB 1192ms
1135ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2308242321000&d_imp=1&c=6004031&ga_cid=amp-CziZjamjxEAlin6bleMFrA&ga_hid=4031&dt=1694012207584&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuanfeitianxia_dongtaimanhua-miaokela&bdt=332&dtd=16&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5ba7ad851ed21966a909d96b4bce7806bd3b89b41a2ed89d625af71daa0474e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
x-ampanalytics: {"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEmSBvnuZkndA_Vp9jkOd59hvbUD501Il-8R00pykkNVuCcxkASa6BfeEuSJY_-n2oQFsrGMc6Sdm7eWUcVRfzp8HNpA035urPUy57bjlFJOqRG06i-NZG0G0uQvVM_czeFf5iQBFU0Q\u0026sai=AMfl-YSFwsNm40D93UXP0cKT4cYphPPNXBXEp2bibMRPzLO1bLVI00XJnelfbWj_98Co4NQZy1ijVs0UcRq2\u0026sig=Cg0ArKJSzPPqfkDmi6UaEAE\u0026cid=CAQSGwBpAlJW2lhROdoYQci8unSXkg-f5804sFiBpxgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=132656383"],"btrUrl":[]}
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15767
x-xss-protection: 0
amp-fast-fetch-signature: google:1:S7HQG5xx2lxqSxit3qjFEoa9YR/UuDBWw+Iv1MwfE1s+YXJiGV5FFrrhPJUqwL/72mFSyW4wgwAj7N/o/8Cs8iUmFKgAvcucX5BE3nW4Vum7/B5OzcbpSeBM59IDTHoF2dZm83jfyZFQiXMV+bUrB7nCYicUqQx9fmIeILKiz8iVsVurPEfjnWTJM6Xk39bOA7FQPn5hoXyhanqziZOzNPrtJ7M4vpB0xnhx1AZXA29EhEbIxhyO713lgHEepOAqxi496ieI6gIl2hWmWKUFolkZmkTBGjsUq2gEmKjEUwQxrMbmVVhneb+YKmV4fpt3KsYKrp3MU/E+wVyGbgPkrg==
google-lineitem-id: -1
x-qqid: CMLtvJ-floEDFTDIuwgd2h4MlQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 06 Sep 2023 14:56:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 142 KB
50 KB 362ms
305ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2308242321000&d_imp=1&c=6004031&ga_cid=amp-CziZjamjxEAlin6bleMFrA&ga_hid=4031&dt=1694012207584&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuanfeitianxia_dongtaimanhua-miaokela&bdt=332&dtd=17&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b25ba24357beae0c2e44af27c7988a1c78d181af68eb23fa7e0118b86a4b1bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49440
x-ampimps: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiqhAL5P4ZNnoKp_C7_UPtIazyALdsJDqctOWo6XxEZPZldSqCRABINPLzjBg9ZXOgeAEoAH2ptv0A8gBBqkCfNVcqpf_sT7gAgCoAwHIA9sEqgSTAk_QE9gJ-fi2e_BBxNZifvzv3zf64JHpDfmA6hh1nSF2XSUHFVMu-Iu2rj5smJrcf0BlYIP420Z0KuRkyiWRw3bq31EoM6OwW0lTxSXX8fwFbWMcihxFKP_T14WLqUqodmqRy5Wr0hv9GUAGAW77jpXpJ5Rmt_nw5JcfvQb5RyAf-YYF5RP9ModMyGYtFh7A3vBtSiifE5S0Ptxjg3FTFbCDxOPR9tR3IY1ACxgVwI_UMTF1BF1bFwco57uRRvSrydUulrI3DyXuqDaUtNbZrPiS0VxjJr_I_A-DRWRtiD_eEOzNaJsWSQ1thu3fyf_18H-hxHKrnbZvA51Ig9a78itNG9KL0Mqu4cGoDnqdWAVSCPfGwATOicCSrATgBAGIBeW9pM5KkgUECAQYAZIFBAgFGASgBjeAB-nSwTGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCvcNIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgl_aHR0cHM6Ly93d3cuaGVzc25hdHVyLmNvbS9jaC9kYW1lbi9iZWtsZWlkdW5nL2tvb3BlcmF0aW9uLWhpcnNjaGhhdXNlbi9jL2RhbWVuLWtvb3BlcmF0aW9uZW4taGlyc2NoaGF1c2VuP2Fkd29yZD1Hb29nbGUvRGlzcGxheYAKA8gLAdoMEAoKEKDppqO3ypzfexICAQPYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItMzAzOTE5OTUwMzQwMzYzNBiZ0iE&sigh=AbC8oW_4l-Y&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW-hZz74PAMh6iw5vgcAZGJ6WXEiW9QhgB&template_id=492
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CJm8ip-floEDFR_huwgdNMMMKQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: X-AmpImps,Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 06 Sep 2023 14:56:47 GMT

GET
H2 200 container.html
f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 107ms
27ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 19 KB
7 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-exit-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

408af98bb4234c6372a10c7fcef007714e0728f3cb84d1d46ff08a0714f787d3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:36 GMT
age: 76212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6655
x-xss-protection: 0
server: sffe
etag: "3eaf92bbc6257312"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:36 GMT

GET
H3 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012308242321000/v0/ 7 KB
2 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/amp-fit-text-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc4e1ea5ef24a8fc2af80860cdc349206a6447859c2fa7ab06465f53527e2833

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:36 GMT
age: 76212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2510
x-xss-protection: 0
server: sffe
etag: "98914ac12f06980b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:36 GMT

GET
DATA 200
OK truncated
/ Frame F0BD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a20f6471e92d139a148a642542818d4b73dbb3838f9c5c6792b64834d20b8f54

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 2 KB
886 B 19ms
19ms Fetch
application/json 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 17:46:46 GMT
age: 76202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "13417016125ec007"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 17:46:46 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 217ms
216ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela
AMP-Same-Origin: true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Wed, 06 Sep 2023 14:59:48 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 88ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=4031&cid=amp-CziZjamjxEAlin6bleMFrA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuanfeitianxia_dongtaimanhua-miaokela&dr=&dt=%F0%9F%8D%B9%E5%AE%A6%E5%A6%83%E5%A4%A9%E4%B8%8B%20%E5%8B%95%E6%85%8B%E6%BC%AB%E7%95%AB%EF%BC%884K%EF%BC%89%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1694012209&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 14:56:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 51D0 6 KB
3 KB 30ms
28ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:48 GMT
expires: Thu, 05 Sep 2024 14:56:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2679 6 KB
3 KB 28ms
28ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:48 GMT
expires: Thu, 05 Sep 2024 14:56:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1308 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:48 GMT
expires: Thu, 05 Sep 2024 14:56:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D050 51 KB
20 KB 108ms
48ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPiTMAAE0xoH_YSjAA37b3gYu73r45gYxFNJhw&u=%7C5WQEiFZqeNFUNa9o%2FdamtaYkHTAgaN9yxyI%2FB51xOqA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgkomLnrnn8qkSCFAawZDNKsDpS5F79akQqBUSJUAJUGpFIXqwyK8osImCLOwYz3KBqETHHwAf70LrI_TFIHIv9u32e5AYoZ-pJoN-eswZGcft5WPWfucW0Wp14YZrYgm9YvqK_1EGJif7EtjTuwkJJQj6RSz3qYswH_BASGpBVr4WRaqrUh4EyPsa4oEQrvvQAaDfYnDo-ztgKcM6o3awHFwqbqtBRry7AY8jUq7e1NCsomFTfpiFL9lwkVSMUOTbYA-YX6J6OmIOz3M5ku6bwvKPs6hUrND8_5fyzcSvAIsQZV4YHNQH-nuv3kJOPWJFJJRISFJ7_NhSOovpl6VY9EUCmpB2YaSbzxDwe4R70S5aDRjIPvdWJSsd9KEwsIU1yY--a5BQFga_SS54hhfMVsLj-v4lFfseSdpJiRVWpYKTRPkEPVtkAfhEdE1JGziUT3FntUXIZjhzUXZSHN_cdDMb6PCqManUMYA8ERzEFZUk-YDJrIHvKXMpxEUkvIuuohBJEuB2HLqmx6rHKJ6IECnpuBOTW9tL2ZbuBsxym9HlmTc6Xzx7IYdjmoYzvu4OVJUzJZr4hGmVUOtWbPn5hIvOndC1egF8AOM0iTzuFpv-KF0eZ1uqKtWNZ1VqhvdXfuVyGtPNEZGJDmtAX2IG_g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRjMyMJP4ZJqmE6OJ9u8P7_a34ALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAnzVXKqX_7E-4AIAqAMByAMCqgSkAk_QzN_GV4DKjLhnrZ9JuKKUKqLGRVbwNrmF8J7-0VLkbOj2xvI0XM-wZNXbAzTX7Wimzys84fbBq_1-jOYwe54A94VuDcFT9SQFuXDDP2kdSpF3mSx5N56FZJXln5nfcUoDBlrcMSwNe3z6Af-KL4l1Vlcw8NNxohZ6sF6kzxIwnpr30YxIoEhKrXPbkzeEsWlTzWFJWXnzdba_nJ72G-DGXE1VBwoXB7GZcbCSW4VQMccMj8joUPGWTCpsj7X51KZ9i_u4U2sVVXxDPOmjBfGOHqOYRCLvtIHVYoR39QdyITVCjMFI1YZ_g1Nxr5lvq2OtE8s2PNaXUJRql8m8ZC2LK_R47wrXAiS1i7LWS4gNk4h2y474zYbpQP0E28MsdPMy-8rgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0A7Rm9KmN3QcrzznQpZHL4bGKW9w%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d5bd5a047f4035d6d516eee5463f7eb392067e9f6e2eeab576bdd98c67363630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BgOq6rpbm-5yXun_fWVo0lLdqRUm6l6vIXEuHcFwalHC0UCzaae91WuU4xLlZAiv9xOIpMwGjmFlGtpU_IW2evtmqzzVNCgTMNZ0LkeRTHb1CsoPw5psQtQhnrPdOIyDUqZJ78kYEVp2TjYVjXuS3E9a_qJW53QF3ku8dWjHkF9JMImpPi4WZzFfMT8X6Ao9_islYN53eUZWI0wtDFe1k6XZUlZippug-KA2XMnNefKQ-uAM0B0_m61yBAkfx-XJ_SxEmA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4417671
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 51D0 3 KB
2 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 13:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 13:52:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 51D0 20 KB
8 KB 71ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:41 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 51D0 24 KB
7 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 14:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 520536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Aug 2024 14:21:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51D0 181 KB
57 KB 120ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:56:48 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2679 98 KB
29 KB 95ms
93ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0faa91e23281a4503b56aae40caf1b4b9c3278d54f8998598ba5d6d3d924700f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29009
x-xss-protection: 0
server: cafe
etag: 823 / 19606 / m202308310101 / config-hash: 15008231380658717738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:56:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2679 181 KB
57 KB 114ms
97ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:56:49 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2679 0
439 B 59ms
57ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxGb-MOrGkZl3yskwHe1D0_YLSIzAhWbaLLYuFOfBATeK86qBhQNM94ISAGxWx_P8_3jj1BVI9f3qWWK5cHKFVoaeYAneXg0pAn_IDbtLJX7F64JirIGTIXHLbU4EWFWrvyCQntbO4Pr9gekit3jkuRB5CBN2tBMjZ5VIfJjCJca4XJ0GJwzZ9wvTA0ZESTXuhwjhg0ke6yCt6ndrxhPY2Ij2PGTmX3b7QVX-A3X-RjBlZhWQZmL0MVZKCesAc9PaaRyXxFpL-nmG8mp2S8ZLfg6TdDOgre0him0XXYaKQydXH--aMC3NMhQzY3argdVguknv6d9aO-20LDwjciAGZwktAE1M7egbOvrQ71gH9P7M&sai=AMfl-YQ1PSEuW6OZRE_bUzOOgE04A6HL_uLqnJ9LSjTKOcnKDlSELRYV4_D6wqh9BoOj5X9njXivJt6xOzGV9Rc&sig=Cg0ArKJSzM1kx6H4BZVQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Sep 2023 14:56:48 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 1308 34 KB
13 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 19:54:15 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1308 24 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 14:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 520536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Aug 2024 14:21:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1308 181 KB
57 KB 109ms
104ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:56:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/ Frame 1308 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/abg_lite_fy2021.js

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:30:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 1308 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 13:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 13:52:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 1308 20 KB
8 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:41 GMT

GET
DATA 200
OK truncated
/ Frame 51D0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 003ecc3b34442216729007c7772e6376227feb3cb854a558f79317c2eb37ebe8

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13577534069531007057/ Frame 1308 31 KB
31 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13577534069531007057/14763004658117789537?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4ql9ZO49H7xms0Prk41vEBGbn4G3Uw

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca600d3c7c6b428622736ac826b8559cae386c0ea8c94ed14f24d1c601778055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:21:14 GMT
x-content-type-options: nosniff
age: 66934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31426
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 11:44:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Sep 2024 20:21:14 GMT

GET
H2 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame 1308 1 KB
1 KB 19ms
19ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 31 Aug 2024 13:28:33 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D050 2 KB
1 KB 145ms
85ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPiTMAAE0xoH_YSjAA37b3gYu73r45gYxFNJhw&u=%7C5WQEiFZqeNFUNa9o%2FdamtaYkHTAgaN9yxyI%2FB51xOqA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgkomLnrnn8qkSCFAawZDNKsDpS5F79akQqBUSJUAJUGpFIXqwyK8osImCLOwYz3KBqETHHwAf70LrI_TFIHIv9u32e5AYoZ-pJoN-eswZGcft5WPWfucW0Wp14YZrYgm9YvqK_1EGJif7EtjTuwkJJQj6RSz3qYswH_BASGpBVr4WRaqrUh4EyPsa4oEQrvvQAaDfYnDo-ztgKcM6o3awHFwqbqtBRry7AY8jUq7e1NCsomFTfpiFL9lwkVSMUOTbYA-YX6J6OmIOz3M5ku6bwvKPs6hUrND8_5fyzcSvAIsQZV4YHNQH-nuv3kJOPWJFJJRISFJ7_NhSOovpl6VY9EUCmpB2YaSbzxDwe4R70S5aDRjIPvdWJSsd9KEwsIU1yY--a5BQFga_SS54hhfMVsLj-v4lFfseSdpJiRVWpYKTRPkEPVtkAfhEdE1JGziUT3FntUXIZjhzUXZSHN_cdDMb6PCqManUMYA8ERzEFZUk-YDJrIHvKXMpxEUkvIuuohBJEuB2HLqmx6rHKJ6IECnpuBOTW9tL2ZbuBsxym9HlmTc6Xzx7IYdjmoYzvu4OVJUzJZr4hGmVUOtWbPn5hIvOndC1egF8AOM0iTzuFpv-KF0eZ1uqKtWNZ1VqhvdXfuVyGtPNEZGJDmtAX2IG_g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRjMyMJP4ZJqmE6OJ9u8P7_a34ALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAnzVXKqX_7E-4AIAqAMByAMCqgSkAk_QzN_GV4DKjLhnrZ9JuKKUKqLGRVbwNrmF8J7-0VLkbOj2xvI0XM-wZNXbAzTX7Wimzys84fbBq_1-jOYwe54A94VuDcFT9SQFuXDDP2kdSpF3mSx5N56FZJXln5nfcUoDBlrcMSwNe3z6Af-KL4l1Vlcw8NNxohZ6sF6kzxIwnpr30YxIoEhKrXPbkzeEsWlTzWFJWXnzdba_nJ72G-DGXE1VBwoXB7GZcbCSW4VQMccMj8joUPGWTCpsj7X51KZ9i_u4U2sVVXxDPOmjBfGOHqOYRCLvtIHVYoR39QdyITVCjMFI1YZ_g1Nxr5lvq2OtE8s2PNaXUJRql8m8ZC2LK_R47wrXAiS1i7LWS4gNk4h2y474zYbpQP0E28MsdPMy-8rgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0A7Rm9KmN3QcrzznQpZHL4bGKW9w%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 31 Aug 2024 14:56:49 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D050 2 KB
1 KB 144ms
85ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 31 Aug 2024 14:56:49 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D050 308 B
636 B 123ms
64ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 31 Aug 2024 14:56:49 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D050 293 B
621 B 142ms
83ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 31 Aug 2024 14:56:49 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame D050 43 B
348 B 104ms
30ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=e4cQigutJvklX78xyGDUIOhooy3Cpg67s9dtYybynIrWlfytfqOMpYjHcoFP_NgbaUVXUQwBgWpbr-XpKs9N1zoYkkM2hpzCgMqQcBdtDUEceNUXWdCPxa1r-alzj2NOJkwUl629XpjqLOdVwZJQX_ASiIrLt-HLqFfe0xT_VcOsKVLLtcJNrayxnIAGO8szdJ-r3OTxmgQlvnKbgZ1G-Ym-pW-bUzYh86elQ7nQXV7GPaj6LNS9G-kyAIBLalV9FRo7l8hXGII2DLMxn-f42Z32iEX0En47zNwdhj_OKrWFJQn9mEa41FRu4iX1uLY_cYFSuFy5IUlc3ZSBOF3Ngu7wUpthqV47GDwmfmdFag4D4Dq-ThmaGI6-5DNd0kyIaWdUhFuOjLhRj8k7BSeCpHyXoU8ujudcbLYZvHFm6alTFBRPPeEioq30zgO7_el7M2z9QYJB9X2mocRaO8EY3dGIi7oaHMKcOqrZSF_ZL4XQ3zvo6AejeZLJsA1Bd60PLLHHE-PqfVDykyaPYrscSrQso_0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 14:56:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1464811
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 67bdb57857c94b1f9c280338c8d8a493_image_ad_728x90.jpeg
static.criteo.net/design/dt/92327/4936843/ Frame D050 55 KB
56 KB 111ms
52ms Image
image/jpeg 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/92327/4936843/67bdb57857c94b1f9c280338c8d8a493_image_ad_728x90.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e8f112bda71f3dcdf6fbd49cbbc228937f89bffdd0da5f4f6915203119d48bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 01 Sep 2023 06:41:27 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "64f18797-dcc3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 56515
expires: Sat, 31 Aug 2024 14:56:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D050 0
128 B 95ms
27ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=BgOq6rpbm-5yXun_fWVo0lLdqRUm6l6vIXEuHcFwalHC0UCzaae91WuU4xLlZAiv9xOIpMwGjmFlGtpU_IW2evtmqzzVNCgTMNZ0LkeRTHb1CsoPw5psQtQhnrPdOIyDUqZJ78kYEVp2TjYVjXuS3E9a_qJW53QF3ku8dWjHkF9JMImpPi4WZzFfMT8X6Ao9_islYN53eUZWI0wtDFe1k6XZUlZippug-KA2XMnNefKQ-uAM0B0_m61yBAkfx-XJ_SxEmA&sds=2&rev=88100.4&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 06 Sep 2023 14:56:48 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D050 2 KB
1 KB 129ms
83ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 31 Aug 2024 14:56:49 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D050 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 31 Aug 2024 14:56:49 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ Frame 2679 403 KB
127 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 12:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8892
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129723
x-xss-protection: 0
server: cafe
etag: 14901160554504536944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 05 Sep 2024 12:28:37 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 049C 143 B
228 B 19ms
19ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1308 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10ef507c8a602d83220d06652260982a284c0dec4968e773c0c53768d52e1bc

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2679 143 KB
51 KB 401ms
400ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=351288822089572&correlator=2028003270903065&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_mob_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600%7C300x100%7C300x250%7C300x600&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com&abxe=1&dt=1694012209158&adxs=-12245933&adys=-12245933&biw=300&bih=1200&scr_x=0&scr_y=0&ucis=76awu5jobr8b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuanfeitianxia_dongtaimanhua-miaokela&loc=https%3A%2F%2Ff432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&dlt=1694012208856&idt=281&prev_scp=in2w_key9001%3D1%26in2w_key%3D91%26in2w_key2%3Dnope%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D91%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1&adks=357098299&frm=24

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6be6de7aa41dc2747ba8aa621ff4d5e522c607250ef09951b05231e8701e9daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52331
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5EEF 6 KB
3 KB 64ms
34ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:49 GMT
expires: Thu, 05 Sep 2024 14:56:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 51D0 0
0 67ms
67ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cx8C3MJP4ZJqmE6OJ9u8P7_a34ALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAnzVXKqX_7E-4AIAqAMByAMCqgShAk_QzN_GV4DKjLhnrZ9JuKKUKqLGRVbwNrmF8J7-0VLkbOj2xvI0XM-wZNXbAzTX7Wimzys84fbBq_1-jOYwe54A94VuDcFT9SQFuXDDP2kdSpF3mSx5N56FZJXln5nfcUoDBlrcMSwNe3z6Af-KL4l1Vlcw8NNxohZ6sF6kzxIwnpr30YxIoEhKrXPbkzeEsWlTzWFJWXnzdba_nJ72G-DGXE1VBwoXB7GZcbCSW4VQMccMj8joUPGWTCpsj7X51KZ9i_u4U2sVVXxDPOmjBfGOHqOYRCLvtIHVYoR39QdyITVCjMFI1YZ_g1Nxr5lvq2OtE8s2PNaXUJRq1cud9qoEt-fHcx500hkTc7vCQT4HvZD0f0bFa3RWXtEcXmmoZ0zgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=zAG2Hoz3m4o&uach_m=[UACH]&cid=CAQSGwBpAlJWuzzme2XWTbIydXwyJg2_RrsSc1n7wBgB&cbvp=2&vis=1
Requested by: Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 51D0 0
126 B 107ms
35ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k4v1F--uBNgFWp2DYgICAAAAHUL_eV8vfNe13ephhfBvkRAwk_hkDDG31lSv1gw9MQAAEgAACgpBUVVCRHdFQkR3&wp=ZPiTMAAE0xoH_YSjAA37b3gYu73r45gYxFNJhw&cbvp=2

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:48 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 135493
server: Kestrel
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 049C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
27ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:49 GMT
expires: Wed, 06 Sep 2023 14:56:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js Show response
pagead2.googlesyndication.com/bg/ Frame 19D8 37 KB
15 KB 71ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js

Requested by

Host: f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdbb28a61125e2f817cfca97dc459c63c43aee2210edb1678c69ea532c4847a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 12:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 12:45:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2679 0
0 101ms
57ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSWRnZVXuQ7-UvPtW1YCqIdS10Vgg0FlTQCGTWK9agVnldRenr8Ovhm-YFXW-lTsZWcjwG_nzKW4o7mjq3ncasrkiKpcZtNn9g2DhlOW1BVwbA_GeOa1SDEj2lC0OhahH8ujwQJthHsX8jqEP3SmQLz2znbl56icyQXXwyyjO7vLL5dSwWRG0vZzFkxX9z93r0MeMHEf4XF9n6zHHbrjGIIyQaQk4YdKovPzPIJ5KfjcJkVNQ1DJch56VdpP4-6ig7-aY3R8clwtdgT5amJdBWx1cwzOn0xP16_TfnylJzMobdKoU035p-BBCs6w6ftyGC-cZWrwCaNwO-GOOpIfLiuNOpd5MBt2P82iUOiwEkTmEZHA&sai=AMfl-YSM7U_9ixu4xm4gT21_mLtMWJVoCjP2jQCnUsigITr3ipezhxd9ZwS8zXzIHJYprTSIhE0CnfiCH2vADuo&sig=Cg0ArKJSzOU4OwqLbHJ3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Sep 2023 14:56:49 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2679 16 KB
12 KB 122ms
76ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c1ec3c3dfbd24bec724559f0d30691ce1120352b0d88f32674c48a8d35c9086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11984
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2679 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Sep 2023 14:56:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ADF0 13 KB
5 KB 22ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:01:50 GMT
expires: Thu, 05 Sep 2024 14:01:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FA58 829 B
992 B 30ms
29ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32028c863c376e7c17c3fbe110cfa37b99b71074b04498aa2dbddd68e5df7926

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_NeFxfRITrd-2-YT46nmvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-_NeFxfRITrd-2-YT46nmvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:49 GMT
expires: Wed, 06 Sep 2023 14:56:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js Show response
pagead2.googlesyndication.com/bg/ Frame ADF0 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdbb28a61125e2f817cfca97dc459c63c43aee2210edb1678c69ea532c4847a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 12:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 12:45:19 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FA58 0
0 121ms
121ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=351288822089572&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ADF0 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ofpLxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 container.html Show response
dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BBBB 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:49 GMT
expires: Thu, 05 Sep 2024 14:56:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame BBBB 34 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 19:54:15 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BBBB 24 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 14:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 520537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Aug 2024 14:21:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBBB 181 KB
57 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:56:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/ Frame BBBB 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/abg_lite_fy2021.js

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:30:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame BBBB 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 13:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 13:52:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame BBBB 20 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BBBB 0
0 29ms
28ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzz406XolEP4zvvpCMctu1FRQq71HEBi7OtQSyTDNtb-UrT_VVZH1sXhJ69WK-ZlSzL0SAengFhl3XM815ls3POifD4w
Requested by: Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame BBBB 1 KB
757 B 20ms
20ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 13:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 31 Aug 2024 13:28:33 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15374600021072584441/ Frame BBBB 96 KB
96 KB 66ms
66ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15374600021072584441/14763004658117789537?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qnoYBBuVTejj334W7XG3GdmWxUu1g

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccedf87fd442f27b6ebd15a342c56b6e5025037b3e36cc945da43aca11f16869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98467
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 08:52:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Sep 2024 14:56:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41B6 143 B
166 B 19ms
19ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8AFA 1 KB
643 B 19ms
19ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 21602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Thu, 07 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41B6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
29ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:49 GMT
expires: Wed, 06 Sep 2023 14:56:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 14:56:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AFA
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEAlBqrA68MXNTmAO5-RZqWM&google_cver=1&google_push=AXcoOmQNw9h4tqU2qEUfKx9DCglGpf0sh8tG3p7o0dO4mlhPRNHhEq1NzdcNKnH9FPsEh3ZoT82gbZs_m7hZuX8kzC5uzrUCdG8
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MXNEUTk1ZGxDYmViWHFCSk1wUDRaQQ%3D%3D&google_push=AXcoOmQNw9h4tqU2qEUfKx9DCglGpf0sh8tG3p7o0dO4mlhPRNHhEq1NzdcNKnH9FPsEh3ZoT82gbZs_m7hZu...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MXNEUTk1ZGxDYmViWHFCSk1wUDRaQQ%3D%3D&google_push=AXcoOmQNw9h4tqU2qEUfKx9DCglGpf0sh8tG3p7o0dO4mlhPRNHhEq1NzdcNKnH9FPsEh3ZoT82gbZs_m7hZuX8kzC5uzrUCdG8

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 14:56:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 06 Sep 2023 14:56:50 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MXNEUTk1ZGxDYmViWHFCSk1wUDRaQQ%3D%3D&google_push=AXcoOmQNw9h4tqU2qEUfKx9DCglGpf0sh8tG3p7o0dO4mlhPRNHhEq1NzdcNKnH9FPsEh3ZoT82gbZs_m7hZuX8kzC5uzrUCdG8
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 242

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AFA
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKntvx-1UfFM3qmRvNRJoLw&google_cver=1&google_push=AXcoOmQ3Quw4QBCRGOntRXUU4izqkypf7sfL_Ig4ytyNg1cZp9babXxt-xfFBNiwJZam3yZbwAtqupUN7LgGn1NeWpLr...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKntvx-1UfFM3qmRvNRJoLw&google_cver=1&google_push=AXcoOmQ3Quw4QBCRGOntRXUU4izqkypf7sfL_Ig4ytyNg1cZp9babXxt-xfFBNiwJZam3yZbwAtqupUN7LgGn1...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ3Quw4QBCRGOntRXUU4izqkypf7sfL_Ig4ytyNg1cZp9babXxt-xfFBNiwJZam3yZbwAtqupUN7LgGn1NeWpLr74ZWnw&google_hm=Iy0AFOiJQ56dT3PFc5C79g==

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ3Quw4QBCRGOntRXUU4izqkypf7sfL_Ig4ytyNg1cZp9babXxt-xfFBNiwJZam3yZbwAtqupUN7LgGn1NeWpLr74ZWnw&google_hm=Iy0AFOiJQ56dT3PFc5C79g==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 14:56:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ3Quw4QBCRGOntRXUU4izqkypf7sfL_Ig4ytyNg1cZp9babXxt-xfFBNiwJZam3yZbwAtqupUN7LgGn1NeWpLr74ZWnw&google_hm=Iy0AFOiJQ56dT3PFc5C79g==
date: Wed, 06 Sep 2023 14:56:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8AFA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDUTXVsg2z9fzfAXaYiEoSA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDUTXVsg2z9fzfAXaYiEoSA&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDUTXVsg2z9fzfAXaYiEoSA&google_hm=ZPiTMY2JxyeEwUm6LpPv8wAABLAAAAAB&google_nid=index&google_push=AXcoOmT5Y-4ByMljE-WZlAVIMdzWvhWQUrRde...

170 B
232 B

34ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDUTXVsg2z9fzfAXaYiEoSA&google_hm=ZPiTMY2JxyeEwUm6LpPv8wAABLAAAAAB&google_nid=index&google_push=AXcoOmT5Y-4ByMljE-WZlAVIMdzWvhWQUrRdeFMZmxqIVa-0N-CTe19W_HK_uaWO1SEDNChTvEHXbszoI9ypoBTdTxItrBoYhrQ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 14:56:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Sep 2023 14:56:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDUTXVsg2z9fzfAXaYiEoSA&google_hm=ZPiTMY2JxyeEwUm6LpPv8wAABLAAAAAB&google_nid=index&google_push=AXcoOmT5Y-4ByMljE-WZlAVIMdzWvhWQUrRdeFMZmxqIVa-0N-CTe19W_HK_uaWO1SEDNChTvEHXbszoI9ypoBTdTxItrBoYhrQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AFA
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRqs4mEXw6-STwdBydXC_WVc1qBvqd0oSbCK9FHLBcsW9asbnP3ofxvlrA8jxt55l0f_lgdq8bdVV...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRqs4mEXw6-STwdBydXC_WVc1qBvqd0oSbCK9FHLBcsW9asbnP3ofxvlrA8jxt55l0f_lgdq8bdVV_DIJa2LQlhBliSMbQ&google_hm=081f956b-6003-401c-a51...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRqs4mEXw6-STwdBydXC_WVc1qBvqd0oSbCK9FHLBcsW9asbnP3ofxvlrA8jxt55l0f_lgdq8bdVV_DIJa2LQlhBliSMbQ&google_hm=081f956b-6003-401c-a51d-c6952c700a18

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 14:56:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Sep 2023 14:56:50 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-25
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRqs4mEXw6-STwdBydXC_WVc1qBvqd0oSbCK9FHLBcsW9asbnP3ofxvlrA8jxt55l0f_lgdq8bdVV_DIJa2LQlhBliSMbQ&google_hm=081f956b-6003-401c-a51d-c6952c700a18
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET pub
cs.chocolateplatform.com/ Frame 8AFA 0
0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 8AFA 0
44 B 734ms
238ms Image
text/plain 54.95.87.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEM5kQgeeqfIDw7bU07Fa494&google_cver=1&google_push=AXcoOmRSOtg0b1UHC8lv89bxvFnLEW4mYJpUVkDHVUDn5OIZZ-TBn9ZZe07uDTe_QKH56S5_5YJ-XrXmYMf8ktib2O839Q7KGQ
Requested by: Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.87.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-87-33.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:50 GMT
server: awselb/2.0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8AFA
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=1de8f3c9-1e7b-4021-8b58-484417c520cb&google_cver=1&google_gid=CAESEGRqIuIocPOlmrsDNrR1Z68&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
329 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=1de8f3c9-1e7b-4021-8b58-484417c520cb&google_cver=1&google_gid=CAESEGRqIuIocPOlmrsDNrR1Z68&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQwygHn6-EQDMkR0SJPRqtCgTViohmle0uOJSaxAP8cYjib5VFkMnIwxDQvu1Cf-ijkoeQcyY2T622P4HT0V8qEEjTBJOOQ&gdpr=${GDPR}

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 14:56:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=1de8f3c9-1e7b-4021-8b58-484417c520cb&google_cver=1&google_gid=CAESEGRqIuIocPOlmrsDNrR1Z68&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQwygHn6-EQDMkR0SJPRqtCgTViohmle0uOJSaxAP8cYjib5VFkMnIwxDQvu1Cf-ijkoeQcyY2T622P4HT0V8qEEjTBJOOQ&gdpr=${GDPR}
date: Wed, 06 Sep 2023 14:56:49 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8AFA 0
130 B 93ms
32ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I7Cpchg1IZnCvm3zR1CWew6vgL8vYSXBgW7DhpbjiHPOEOwDKYwbPggf1ENAbf653eKi-ksg

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BBBB
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=Co44oMZP4ZNbNDf2S1PIPj8iD0AK18IHpcqznoqShEvrx1rLFARABINPLzjBg9ZXOgeAEoAGSm4DQAcgBBqkCkOhRQAkFsj7gAgCoAwHIA8sEqgSVAk_QdctgnNtnAHIgGN1Fu33LqCcK...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcbe41d7ef8dcba660000000000000000%22,%222%22:%220xd19d5b29915a15490000000000000000%22,%223%22:%220x8639a6...

0
0

107ms
59ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcbe41d7ef8dcba660000000000000000%22,%222%22:%220xd19d5b29915a15490000000000000000%22,%223%22:%220x8639a698450e25690000000000000000%22,%224%22:%220x19feb948f7878afb0000000000000000%22,%225%22:%220x960979c2a4fd9e5d0000000000000000%22},%22debug_key%22:%224705589355319141515%22,%22debug_reporting%22:true,%22destination%22:%22https://jeep-ch.online%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22436211090%22],%224%22:[%2209-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215969335247643594497%22}&andc=true

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:56:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xcbe41d7ef8dcba660000000000000000","2":"0xd19d5b29915a15490000000000000000","3":"0x8639a698450e25690000000000000000","4":"0x19feb948f7878afb0000000000000000","5":"0x960979c2a4fd9e5d0000000000000000"},"debug_key":"4705589355319141515","debug_reporting":true,"destination":"https://jeep-ch.online","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["436211090"],"4":["09-06"],"6":["true"]},"priority":"500","source_event_id":"15969335247643594497"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Sep 2023 14:56:50 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 06 Sep 2023 14:56:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xcbe41d7ef8dcba660000000000000000","2":"0xd19d5b29915a15490000000000000000","3":"0x8639a698450e25690000000000000000","4":"0x19feb948f7878afb0000000000000000","5":"0x960979c2a4fd9e5d0000000000000000"},"debug_key":"4705589355319141515","debug_reporting":true,"destination":"https://jeep-ch.online","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["436211090"],"4":["09-06"],"6":["true"]},"priority":"500","source_event_id":"15969335247643594497"}&andc=true
access-control-allow-origin: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 54ms
54ms Preflight
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=Co44oMZP4ZNbNDf2S1PIPj8iD0AK18IHpcqznoqShEvrx1rLFARABINPLzjBg9ZXOgeAEoAGSm4DQAcgBBqkCkOhRQAkFsj7gAgCoAwHIA8sEqgSVAk_QdctgnNtnAHIgGN1Fu33LqCcKHA7hYugQS2wz6Z6T4mPIYm_I-zQ_DZ9U2qPXg1OxwD_KZjLsX11Ygp5BEe72yR419UbUTgynsUdeB2-1ilM-fsJafjqcjqLsR1fxiOLTLzVuZ3bxJoi0VliG38MbedYu_dlYDFatGVTaPE4PZc9wmh5HLfVCZLc4jPm0kkxfEPMZzIafKq4lZxvHSEdtEpR9K4G4l77yii68TdnO71jVUAQvOBIH-gblEVAF8Oht07_v9FpT2qnsCC-Zb_xeJbuHhRFLM8_KDaaBt_F5A_dThSo_UjKAEfYsJkS7ppgdB0GkFBRntnDJ1DDvP6wiy4t1AUhVLewJjV6pz6xmKWadHb3ABIqHhJ-nBOAEAYgF37Wpp0ySBQQIBBgBkgUECAUYBKAGN4AH0fnc0wOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDQf9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgm7Amh0dHBzOi8vamVlcC1jaC5vbmxpbmUvZGUvbGFuZGluZ3BhZ2UvMzAxMTc5LzMxNjdfMzAxMTc5X0FWRU5HRVIuaHRtbD91dG1fY2FtcGFpZ249amVlcF9jaC1kZV8yMDIzMDlfZmxpZ2h0LWF2ZW5nZXJfYXZlbmdlcl9jb252ZXJzaW9uJmFkdmVydElEPSZ1dG1fbWVkaXVtPWRpc3BsYXktcHJvc3AmdXRtX3NvdXJjZT1tb2NjYS1kaXNwbGF5bmV0d29ya3MtYmFubmVyb2ZmZW5zaXZlJnV0bV9rcGk9Y3BjJnV0bV9mb3JtYXQ9YmFubmVyJm1jcF9pZD0yNjc3My0yMDJfMzAxMTc5Jm1fY2FtcGFpZ249amVlcF9hdmVuZ2VyJnV0bV9jb250ZW50PTMwMTE3OYAKA8gLAdoMEQoLEPDLwfGXtI3I6AESAgED2BMC0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=-5RtIUK1YBs&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWXd0W8umZnb0T0Sl_JaM-uv8C50kM-4Izep0N7YW9Yi0C0m9zGAE&template_id=492&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Sep 2023 14:56:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js Show response
pagead2.googlesyndication.com/bg/ Frame E714 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js

Requested by

Host: dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
URL: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdbb28a61125e2f817cfca97dc459c63c43aee2210edb1678c69ea532c4847a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 12:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 12:45:19 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 124ms
56ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Sep 2023 14:56:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame D050 0
127 B 32ms
32ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 06 Sep 2023 14:56:49 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 51D0 42 B
174 B 125ms
123ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuE0AL_pEE4XPB6ZokYMCYv-KcKTRSb77Y6fAJnb8jGFYpVEtmaCimGsn8UK8clQcKAQcCn1DO6R3pGjDxZE7sdMBR_gy6lMr1wZzU&sig=Cg0ArKJSzFRd20uAUVt2EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694012208805&rpt=253&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 14:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2679 0
0 124ms
124ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=351288822089572&bg=!hYalhsnNAAYHwnCgJ8I7ADQBe5WfOGlCOFOaRddhRktvPuMZxM34K1YBghTOR7vl_mycsT5yHvsWTAoWYfqphGs8MjzTAgAAAGlSAAAACWgBBwoAgjKCfJJglPmMPwfkcQbiQzBEZK6GX-Kd1Y-wKnic1HYGfOvDwoA4VG11wwbofMC0quOrzBZpE2V-5K5jLo4g1urZqbl9OktkZJNarCENi78PmQu32UED8H_XbLO3DfJu4vHxx4ZAdiljVRYas7twAxBXXoQCYDOjJoitHwB_B1TOeoaZAwZBVAnOGcMG62BLDgqQ-fr7JRpVnDyqjrhzDriRfiz7-Z9so8AojBHmPSmBoUm8rp4wAkjEXap6wTevWjdD6DWBsYOfq7TgpRG-BUxwM_xWuPx8rlI8BrSHQ-FrJOtNqwDFB5ck3Wm39PwbwIyOzeb179HWqCdap_36U0wx7O2C_dlo43paz1TkatJ6xTokqEQ4P00cMoKXCw9kZBwDqd0vWJCX4AJnEJaT_kZWIJS9MU4E_Xow3-HXMG_GXyYolx-krIckqvracnG5LX5XFu_uTnSZJ3n4xeq2lQiwyV-gQ7NEhHss9Vbmu3rBvq4EFxMxxU_vDV5O0AFBBEgrovjKG-wpJPkc6ooBz2VevBdq1U_s-mPQY1npaJkyeJhMwg8UKPjc6PrHp9NXynjDI2mosfd9jk4uNeEondjNT9Dq81k-j8nqIPADCGH-7k6HNVRn06i4hosehHGCEl87S6q2lD-VPSN0JAleRlz0j3lrzDLfnTShH3KrLg8mbYVetcKndC_QIMYSSQ2_oT2LcyJ3emrLj_ofMh-wGYaHsNiHBXLAJD4I3KgdyGkfaFeNIc-TY78vA4vxSjMmvwMjP3VRTdUqQERRXchOyq7XrUJT9dHXyP2u21YxAlNw3AKS83-499WekS10_rLCyJE1boc1lAZCSzno67DPy9C-3OpeFrGRDXX3tFAz3k_ICVig_HxoHJbM1GU0WJe0HYADcCyK9ch3_nw2LsMD9iYqk7waeY9Ltmg-sT1OcDQmZ8C6bmEBwb8APdo9ZpgHIq1kxGMVlXFlApQTVECL1Ddox9-oddpItdhvY0NWUAW3BW1OhHq7WinA24ivEznn4BVMvB_mEv-LYe0cJLmsYeiXMPp3VHE6oUldPeEYv-2-f8XcHAD0MI0MIxXjnYBNOr_6YAmz40D_1ttIGcmuxQxYW5RFXUsgOZoDSORSrGyH3zedtzknVoAmkI8z8cmhVu-YaI4m5LddcggdeupLho6O9YlykjvcqvmmJIzlW7bUFn0aQaRFqBrf624
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.chocolateplatform.com
URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEC43dR6InV7XyAy1dAL6qsc&google_cver=1&google_push=AXcoOmTbQV72uPbuyMf3fKK5qEIaDHaGcjUFhvcgKy1ha4Am8UB4pD5ns_zhSo5OMwgu2zqqZZn9ZcngYs-yMf2MdFMq8cvHwzc

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 00:09:32	Name: is_unique Value: sc12916097.1694012207.0
.statcounter.com/	1970-01-21 00:09:32	Name: is_visitor_unique Value: 1694012207187092160
.xgcartoon.com/	1970-01-20 23:19:08	Name: _ga Value: amp-CziZjamjxEAlin6bleMFrA
.doubleclick.net/	1970-01-21 00:09:32	Name: IDE Value: AHWqTUlyyGSAFp9Sa6Z75-ZiaDHXS7wcyQ9VYIuIbtfvjWpjx2X8_GJCqeqa0yy9Y00
.doubleclick.net/	1970-01-20 14:33:35	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 23:19:08	Name: CMID Value: ZPiTMY2JxyeEwUm6LpPv8wAA
.casalemedia.com/	1970-01-20 16:43:08	Name: CMPS Value: 1200
.casalemedia.com/	1970-01-20 16:43:08	Name: CMPRO Value: 1200
.csync.loopme.me/	1970-01-20 16:44:34	Name: viewer_token Value: 1de8f3c9-1e7b-4021-8b58-484417c520cb
.bidswitch.net/	1970-01-20 23:19:08	Name: tuuid Value: 232d0014-e889-439e-9d4f-73c57390bbf6
.bidswitch.net/	1970-01-20 23:19:08	Name: c Value: 1694012209
.bidswitch.net/	1970-01-20 23:19:08	Name: tuuid_lu Value: 1694012209
.bidswitch.net/	1970-01-20 14:33:32	Name: google_push Value: AXcoOmQ3Quw4QBCRGOntRXUU4izqkypf7sfL_Ig4ytyNg1cZp9babXxt-xfFBNiwJZam3yZbwAtqupUN7LgGn1NeWpLr74ZWnw
.googleadservices.com/	1970-01-20 16:43:08	Name: ar_debug Value: 1
.go.sonobi.com/	1970-01-20 15:16:44	Name: __uis Value: 081f956b-6003-401c-a51d-c6952c700a18
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8525\|ZPiTN
.c.appier.net/	1970-01-20 23:19:08	Name: _auid Value: 1sDQ95dlCbebXqBJMpP4ZA
.c.appier.net/	1970-01-20 15:16:44	Name: _gu Value: CAESEAlBqrA68MXNTmAO5-RZqWM

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEC43dR6InV7XyAy1dAL6qsc&google_cver=1&google_push=AXcoOmTbQV72uPbuyMf3fKK5qEIaDHaGcjUFhvcgKy1ha4Am8UB4pD5ns_zhSo5OMwgu2zqqZZn9ZcngYs-yMf2MdFMq8cvHwzc Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
javascript	warning	URL: https://www.xgcartoon.com/detail/huanfeitianxia_dongtaimanhua-miaokela Message: The resource https://f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
ads.eu.criteo.com
c.statcounter.com
cat.fr3.eu.criteo.com
cc.adingo.jp
cdn.ampproject.org
cm.g.doubleclick.net
cs.chocolateplatform.com
csm.eu.criteo.net
csync.loopme.me
dfc7c217ca9aeb705d7775baec5c0b03.safeframe.googlesyndication.com
f432fa9061d9930fa258622cf1ce7613.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-a.xgcartoon.com
static.criteo.net
sync.go.sonobi.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.xgcartoon.com
x.bidswitch.net
cs.chocolateplatform.com
103.3.63.48
104.20.218.77
142.250.185.162
142.250.186.162
169.150.222.217
178.250.7.9
18.194.47.135
185.80.39.216
2001:4860:4802:32::36
2606:4700:10::6816:2f93
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2001
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a02:2638:3::1a
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::c
35.214.156.196
54.95.87.33
69.166.1.67
003ecc3b34442216729007c7772e6376227feb3cb854a558f79317c2eb37ebe8
0809abae4993d7aa20f26fd2f096e478bbb3ec27bae0be65d52f702cd65b5941
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0faa91e23281a4503b56aae40caf1b4b9c3278d54f8998598ba5d6d3d924700f
14c120b520045f4ec077d2969a667f6f2994737de0c10f44695625eeca8eb0cf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bfb9ca34892dfd934c84df5cb9a20664c788efb1ff03ce64e997a4ba3a2c34d
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
29ebb763c530362d96bb591b53bcb3573395d671f53f7b1f011878acb6108ca4
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32028c863c376e7c17c3fbe110cfa37b99b71074b04498aa2dbddd68e5df7926
34ceeca6156452a781004a85b58e62d32cef13a733dbaa8d53747f59ac31b0c0
408af98bb4234c6372a10c7fcef007714e0728f3cb84d1d46ff08a0714f787d3
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b10b48b89bd734afa63f0fbd00d2829b79a0be2e993a6e306592176a3b7f3dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
591fbd32d583b622b9bbfbad8854c62faec8ca2392f9dc352476ef8a1c19bc67
592498482ee6f47a6417c2fe0828b6c8ef8840df0ef67635507578321e29821a
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622055b9c3520e46b2170e1e51ed0c17a7359ea7ac68ecb8b58027bd820ab81e
654025901511fabd988a4842e4bbafe98ce91ba2f4a63df1f2c3b994643d8017
6be6de7aa41dc2747ba8aa621ff4d5e522c607250ef09951b05231e8701e9daa
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6c1ec3c3dfbd24bec724559f0d30691ce1120352b0d88f32674c48a8d35c9086
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
8833bac0069b4cd7d4afc62f869ec2d1d7f5c59a9e2ed9b9490de73e5723e2d2
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b491eb99f9549187dc757f548439a68f8d385df9f7397f8f100cabd3391c4a2
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a20f6471e92d139a148a642542818d4b73dbb3838f9c5c6792b64834d20b8f54
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b25ba24357beae0c2e44af27c7988a1c78d181af68eb23fa7e0118b86a4b1bb6
b31c3164f2934f94b4e9c90d2787d49f5e6db387bbe56997fb92b3778badc4e2
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c5ba7ad851ed21966a909d96b4bce7806bd3b89b41a2ed89d625af71daa0474e
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
ca600d3c7c6b428622736ac826b8559cae386c0ea8c94ed14f24d1c601778055
ccedf87fd442f27b6ebd15a342c56b6e5025037b3e36cc945da43aca11f16869
cdbb28a61125e2f817cfca97dc459c63c43aee2210edb1678c69ea532c4847a3
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
d5bd5a047f4035d6d516eee5463f7eb392067e9f6e2eeab576bdd98c67363630
dc4e1ea5ef24a8fc2af80860cdc349206a6447859c2fa7ab06465f53527e2833
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f112bda71f3dcdf6fbd49cbbc228937f89bffdd0da5f4f6915203119d48bf1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10ef507c8a602d83220d06652260982a284c0dec4968e773c0c53768d52e1bc
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7e310b5dc2b9453f1a1b824b36cffa9e171c913c33b0359012703efb2f18c42

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

93 %HTTPS

54 %IPv6

18 Domains

27 Subdomains

20 IPs

9 Countries

1685 kBTransfer

3870 kBSize

18 Cookies

1 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

93 %
HTTPS

54 %
IPv6

18
Domains

27
Subdomains

20
IPs

9
Countries

1685 kB
Transfer

3870 kB
Size

18
Cookies

104 HTTP transactions
11 data transactions