www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Submission: On November 22 via api (November 22nd 2023, 3:14:18 am UTC) from US — Scanned from DE

Summary HTTP 221 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 38 IPs in 10 countries across 34 domains to perform 221 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.218.77 104.20.218.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::681a:3f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
31	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 7	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9 26	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 6	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
2 2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2 2	35.214.220.248 35.214.220.248	15169 (GOOGLE) (GOOGLE)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:8101:fe84:3355:65	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4 4	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1 2	34.253.135.155 34.253.135.155	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
221	38

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:3f3 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.185.98 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.20 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.97.41 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (Hessen, Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.220.248 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 248.220.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:8101:fe84:3355:65 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.135.155 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-135-155.eu-west-1.compute.amazonaws.com

samsung-germany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.45.165 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	googlesyndication.com 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com	721 KB
56	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	578 KB
14	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	72 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	2 MB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	251 KB
10	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 33424 ad4m.at — Cisco Umbrella Rank: 12394 assets.ad4m.at — Cisco Umbrella Rank: 45800	100 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com — Cisco Umbrella Rank: 999053	478 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	510 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	3 KB
6	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	1 KB
4	3lift.com 4 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	2 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 secure.adnxs.com — Cisco Umbrella Rank: 495	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
4	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732 dis.criteo.com — Cisco Umbrella Rank: 597	51 KB
2	demdex.net 1 redirects samsung-germany.demdex.net — Cisco Umbrella Rank: 265218	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 683	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	647 B
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 940	798 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 746	768 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	400 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 100456	494 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 18131	696 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1549	63 KB
1	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 150954	103 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	551 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	610 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	713 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 726	187 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 9937	467 B
221	34

	Domain	Requested by
37	pagead2.googlesyndication.com	8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com googleads.g.doubleclick.net www.xgcartoon.com 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com www.googletagservices.com s0.2mdn.net
31	tpc.googlesyndication.com	8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com googleads.g.doubleclick.net www.xgcartoon.com 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net
26	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
18	securepubads.g.doubleclick.net	cdn.ampproject.org www.xgcartoon.com 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
12	s0.2mdn.net	www.xgcartoon.com s0.2mdn.net 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
8	googleads.g.doubleclick.net	8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com pagead2.googlesyndication.com 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	www.googletagservices.com	8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com googleads.g.doubleclick.net 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
7	www.google.com	1 redirects tpc.googlesyndication.com 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com googleads.g.doubleclick.net 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
7	static.criteo.net	ads.eu.criteo.com
6	sync.teads.tv	2 redirects googleads.g.doubleclick.net 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
6	8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com	cdn.ampproject.org
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	eb2.3lift.com	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	imageproxy.eu.criteo.net	ads.eu.criteo.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
2	assets.ad4m.at	as.ad4m.at
2	googleads4.g.doubleclick.net	www.xgcartoon.com
2	samsung-germany.demdex.net	1 redirects 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
2	ad.doubleclick.net	www.xgcartoon.com
2	ap.lijit.com	2 redirects
2	d5p.de17a.com	2 redirects
2	csync.loopme.me	2 redirects
2	onetag-sys.com	2 redirects
2	c1.adform.net	2 redirects
2	r.turn.com	googleads.g.doubleclick.net 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	us-u.openx.net	googleads.g.doubleclick.net
2	0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	code.createjs.com	s0.2mdn.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	dis.criteo.com	55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	secure.adnxs.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-sync.sitescout.com	0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	rtb.fr3.eu.criteo.com	8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
221	53

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Frame ID: CC592ADDCC14221137431AA41255CF40
Requests: 38 HTTP requests in this frame

Frame: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 017CDB6980704B48A863FE456DA15793
Requests: 9 HTTP requests in this frame

Frame: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 3CBDF611D53EE6E4AC9F58955CAF7323
Requests: 10 HTTP requests in this frame

Frame: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: AAF43BF92A04E8DAA260A21373584275
Requests: 11 HTTP requests in this frame

Frame: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: C3E27557F4D22C19449ADF7C27F4114F
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1yAQADIQkIu-IHAAFOnotfGwbJkWkz8yAPEg&u=%7ChzZ99vLVsWjR9RRLLMpD02XOFjGlx9N9TsUAISrp6Ys%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4xxP9T5iTyx5FwWG6yvvocOfr6acBUZm0opn17_EYy791xCsJ9gezHq1Mwo0Jllhmnyb4okR7dkzUSl134peD17rTt51weaAU3A9rg7SIGqjsCcf8zmH7S1wKWZA546mtXkH6K8dPvSqJEKzO5LM4pAIajLV3esPqFM2Q0JXOP7WHzhKON-n04XpyI4qcX_I15dKaPcuoqDh5kLOSQt2g3JpLHrYCQJFW_sFrT-FIpnmPgiaeYvotl8ECGcG1GMvvLSjQLkBKj3TErvnaQLnw67y_Z9OWVYF0pytf1r63KS8xhZuWeMs3i3zZS-hPF54b_XiFo7acNWgVCc74i14MlnYn4pp8_ZAhAT6pQVytWJeSCv8lvGWCXaAcSbmeAeqvXWJ893LxiE_W4aKmlyzCTynQjAVOv1FKxbH1dS1eRSNByIYKssizX7hwkzQMiQ5pyV6D72ak3RsogSvDxlHQJpAhpV60ylS4OLzDYhfc-Hs8WfHh-s2T4JTxIrqk1i0fMEd-l0UNqoXWt7vkNe6wX-uSDIrKjTxiE_xK59CVuzep5b_d_gr42Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrDBVAXJdZYnCDIfE7_UPnp2FuAXJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgStAk_QiHPLqrp9CIvmGUwfKwNg5SVq15w9KA6_dZd2TM-Hvry0_IYLWNJ6XmalkQoC7CT6NYCN_PoSSnwkuMRsCMkTQhpBG8BDm0XPnHjQIClbegG-QqDY6tB5tGO_DCJHVQ6TAV5oSujcPtJ1WX7518XlLgsXq9c4sS1lpzJG8KarBszUNEcjG1PO-nSXZAtboFi6bgm8bzpDKFuL7_Ct5erCy6ggtN1vV-kKxcQs2ikH0GqWEteukoxiGoPtcyqh42c0-AJU5BY7kgW2MVWoJL38rXb47F_BqMQdsd65uTpetWyqa7fu7_q8kjAmGaDIh4H7Jfh-5-HuPvlI6I7UAPYZ5IcQpgNa8xPUCNzKIxvrlWXp3_MK2k0BvABWkArL-niGUq9YlQNDoRLvbzzgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwiOr8Dm0daCAxUH4rsIHZ5OAVfQFQGAFwE%26num%3D1%26sig%3DAOD64_3e0p4OgCzKVatPUaK-yV2R74JyJQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 44FBEE76E7FF4A86C687ADF50986DAB0
Requests: 16 HTTP requests in this frame

Frame: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 33F0144BDC40E70A6B3C388969BCBDAA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A45331B4EF685DD1FD1B696617C83138
Requests: 2 HTTP requests in this frame

Frame: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CEE783757B6F9A4BB3219FF2264043DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 01D39BEE7931A1A05F178341BD677400
Requests: 1 HTTP requests in this frame

Frame: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B2129566F5740B715A71F7EA936836AC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js
Frame ID: 981FBFE841BF0B8FC74CCA9535978326
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700622850269&bpp=217&bdt=217&idt=364&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&is_amp=1&correlator=2205&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575605023&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079605%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285%2C44809053%2C31079698&oid=2&pvsid=3840382749125815&tmod=1831003793&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b4q560hq2e96&fsb=1&dtd=379
Frame ID: F4F8814E6E17A4CEB2C57C5ED6D62ED5
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED2B579E7BD99CBB645ED6AF4A86B15E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7E135F071D71E3BB4C3433C2EAA12A2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 753663BDFD0F995555FB6B215E57C78F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EEDF494D0BD54D1433FC816ED33EE3AC
Requests: 2 HTTP requests in this frame

Frame: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DFD95C709FEE573FC96B3E8094501B9D
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDMv5e-BRifw_77ATAB&v=APEucNXojBCu06aZTFLs664Qm3qcYKzO_xtmYh5Qb2Ns7lOxEaeO5EQja3DnpfqY9_GaMBsmMPBILGGWuE6dL5DaFEnGsnAUGDsSEf5ikVu0zAbzRyKJlsOdNMj_m91eazS8l3MhHAEtu34o62tKDDMMVhi5uD8WPM1tUCrC6WlUFnfBkkBeLss
Frame ID: D39F2E855B0C5E731FC5AB6777543BA1
Requests: 5 HTTP requests in this frame

Frame: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1B055413B98E8513DE82E82C18B7AB45
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1katnhvg2b498aesp0z3kv3dx6656j0skcszrgpqqtk3j2mgwhy9868tadwsg5rgs1apafh4cbz9es61ebkyem2wc58wgqmeec0hy3mn73vccxbhe6rcaprr18kg1qy6w8tzjrt0d3rh7y00zjxdfj844e9kwc5w7j4310fa1p28wdzx5v7dbynqt4mdaqr6jtxyvt8xz9dkya5ey2abqvy03w2qe0wxrrfmhb8gg4v0cbc7sn49av9k1tb8rthc67tp3qe84db9p6cx5ee05t70g40rcqmsj0qdknrzxyk1dbgn0vp8w8n4e3sq6v8wzavtsdf3tcfht2fk8vgye2dg1egagxwf38xwqxze2tvx18fhd9exk5tvcgwa779nr2x65g16pmdbgs30q6wn6ccwbkfv2avx6ak19ezebjpme3kw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: CF9177515BF6641C05D17EA3D571C98F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9FAEF1BD7B845A10C2F23136A4441B33
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYlqfW_QEwAQ&v=APEucNVNTu1HjVsV6B4T6jzdNv3nAKDHJ3GT2cumCZAOyhoDXglGy5CP0js3DqFobFHAuzmYpH4t3sHQ5z991o0LgycEgO0ZawSOSJ1MZmUikaTcGUfnta0tSKZazjEvOpIYjCql1DQd72-Sq_iUh4DtDJDo8V9hDlokyp793HxHpsWCCpADLP8
Frame ID: 6F40CACFFB94D4E3FECE4D819AF7CF9C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FA31E5128BD4B3E3A0318F6801FA560A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FE085E5856CDBB50D22AFC1D0EA752E1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 507F66E09E0590EA3F237393ABF99F60
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/223378114309701365/index.html?e=69&leftOffset=0&topOffset=0&c=Y7M5bK5sap&t=1&renderingType=2&ev=01_250
Frame ID: AD51C1A708EEB473A1CA2D485F0F1A0D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0C9E0A9A1656C6C5099F8DAF22B7FF80
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250
Frame ID: D03EA713B1EA9CEA95570224B279360F
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A7BC4903ECCD921B25AE76A568995BE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AE2600D38194B8E794C1FFCF856340DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49E64EE8BEF6A38E9BC517AB4A3E21CA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 1AA1115395CD10D34A263B28C5156A4C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=537178&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27&c=320&d=50&e=&g=e766648ce51f9e59f31ecd5a4ce18494%2F14829723260315485766&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700622851821&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjche3dkm74xa98j9fcg74f791wbqq5bkwvacf6tmcm6s9qka3kh6m78dzhxm1twzexqj7a3hv62kqyvk4kyxhqtb0h29cb1babxbpgckrdd03t49vt41tpw0va7kv4yzqdx8d6cee1tcenjeetd1ctgqanwfk7ync95sngdewqekh5ddag3dk159gxf47y8v9v6zn4rz5aapycxmj0d521bdvg0kgb6gh75n1jcpwxkf5rvt9jsm7hkp6c0chwg0yb1m8qpbt9abrwkn9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 3B20C54483E9638A2313011EF26B3635
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍴進化戰記（進化人）【日語】免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

221
Requests

88 %
HTTPS

51 %
IPv6

34
Domains

53
Subdomains

38
IPs

10
Countries

4750 kB
Transfer

9743 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjHSqDyZPaVG7o-Gf6XIAs&google_cver=1

Request Chain 120

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV1yA7myFZqoipqncjd4NQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjHSqDyZPaVG7o-Gf6XIAs&google_cver=1

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI9Bywqt1JBKbXWYNa12IXQ&google_cver=1

Request Chain 122

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgwMTYzMjQ0ODY0NDkwMTM0Mg%3D%3D

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDJ-KKiXIaY1hdQTPDUfbP8&google_cver=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKp38EivDHvOV9o-YIf9geI&google_cver=1

Request Chain 150

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1&google_push=AXcoOmRoE5109XuARE6lVSSMkvKNf01XTYDYkorA29-dB7fF56B6jUWjGQlhER9jPk9mCpRuX8A5PQbM2bKt-JPrTveamkCyFxI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODAxMjc2OTAwNjkyOTU5NjA5Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1

Request Chain 151

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOElMZY8jYu4-6xPokZadL8&google_cver=1&google_push=AXcoOmTigz3aeD0GsbPwH_HVo9t18GmHM7-IQZU2-k5RqEGoEbcChrC-0H3wSAAQMxrBfSeYvsYBf9P-cz6hVySw3b5wV5iylRo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTigz3aeD0GsbPwH_HVo9t18GmHM7-IQZU2-k5RqEGoEbcChrC-0H3wSAAQMxrBfSeYvsYBf9P-cz6hVySw3b5wV5iylRo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOElMZY8jYu4-6xPokZadL8&google_cver=1&google_push=AXcoOmTigz3aeD0GsbPwH_HVo9t18GmHM7-IQZU2-k5RqEGoEbcChrC-0H3wSAAQMxrBfSeYvsYBf9P-cz6hVySw3b5wV5iylRo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTigz3aeD0GsbPwH_HVo9t18GmHM7-IQZU2-k5RqEGoEbcChrC-0H3wSAAQMxrBfSeYvsYBf9P-cz6hVySw3b5wV5iylRo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 153

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIubKaFyk2HCRRkdMKXmlAw&google_cver=1&google_push=AXcoOmQ6noYT5PjhaeC_LA-sjDEG6k4naNurmYbWZRDdgN2Rx4P5WbpIrxIvNKDFdHBC1W3kb4X-P_e6a2DFPAEsXumIUdubWg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIubKaFyk2HCRRkdMKXmlAw&google_cver=1&google_push=AXcoOmQ6noYT5PjhaeC_LA-sjDEG6k4naNurmYbWZRDdgN2Rx4P5WbpIrxIvNKDFdHBC1W3kb4X-P_e6a2DFPAEsXumIUdubWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY3MTQ3OTI2NDEyNTQ1MTQ2&google_push=AXcoOmQ6noYT5PjhaeC_LA-sjDEG6k4naNurmYbWZRDdgN2Rx4P5WbpIrxIvNKDFdHBC1W3kb4X-P_e6a2DFPAEsXumIUdubWg

Request Chain 154

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJGdtAoEJzHg2YdrWy90doc&google_cver=1&google_push=AXcoOmTgY4EKzUtd9YNHC9j44LSdKwR2r3vqyv2uP4MZTsHC-MGYx7IwYsg32d10aKY2qgJGCEylg8QWcjSjraSNPTmXXBbMBUk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTgY4EKzUtd9YNHC9j44LSdKwR2r3vqyv2uP4MZTsHC-MGYx7IwYsg32d10aKY2qgJGCEylg8QWcjSjraSNPTmXXBbMBUk

Request Chain 155

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK-OR_FzWjPljqRYOJSWRnk&google_cver=1&google_push=AXcoOmQoZHkYwXHX_rDRgT4-6euSdSOROviq3Mm_bYjwkyW8bMEAg9ys8dvABY--Rh2begMM7j67PmmgtpCgROLwU9HGlX-t6_M0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQoZHkYwXHX_rDRgT4-6euSdSOROviq3Mm_bYjwkyW8bMEAg9ys8dvABY--Rh2begMM7j67PmmgtpCgROLwU9HGlX-t6_M0 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 156

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEDTEPReTDmytHrP8ob4Yi9g&google_cver=1&google_push=AXcoOmRCxpdQF2ly51_KqDZomRBTmqEXx_QWweBhcvwDgagnZEHZF6-iEGJVu8oYsiB1kIKZwV2steESgim8zi_7gvk2sZzjxX_Q HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ce8b0e6e-190e-4737-b9f9-beee787f3825&google_cver=1&google_gid=CAESEDTEPReTDmytHrP8ob4Yi9g&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRCxpdQF2ly51_KqDZomRBTmqEXx_QWweBhcvwDgagnZEHZF6-iEGJVu8oYsiB1kIKZwV2steESgim8zi_7gvk2sZzjxX_Q&gdpr=${GDPR}

Request Chain 169

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHzvwMlAjmUgCDMpydQYjZs&google_cver=1&google_push=AXcoOmQMzN3HPt1lmAHfH_BF-dIMrnI8E7wP9NEH9LWRe-aGkoDJraggJFfcyranSV4wR4XVuAhFv-Xi08bXtlXaY8n4DmiGLWgM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQMzN3HPt1lmAHfH_BF-dIMrnI8E7wP9NEH9LWRe-aGkoDJraggJFfcyranSV4wR4XVuAhFv-Xi08bXtlXaY8n4DmiGLWgM&google_hm=eS1hOEpQQ0RsRTJwRi4yT3hMUWxtQ1ZLbDdweHRVRnlPNX5B

Request Chain 170

https://d5p.de17a.com/cookies/google?google_gid=CAESEClO8s-h7kt9bDGkfRTXmek&google_cver=1&google_push=AXcoOmSEdC4JaS9rocU8P3AYIEgMbu3xxrUD2mHoprsccX6mreBBKRBaHAZ_QMC7oSkSvITu-Ix-JHyiN_l-NzSHamUxHSsTmjGN HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEClO8s-h7kt9bDGkfRTXmek&google_cver=1&google_push=AXcoOmSEdC4JaS9rocU8P3AYIEgMbu3xxrUD2mHoprsccX6mreBBKRBaHAZ_QMC7oSkSvITu-Ix-JHyiN_l-NzSHamUxHSsTmjGN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSEdC4JaS9rocU8P3AYIEgMbu3xxrUD2mHoprsccX6mreBBKRBaHAZ_QMC7oSkSvITu-Ix-JHyiN_l-NzSHamUxHSsTmjGN

Request Chain 171

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKVStA6N8rwZ6ykC1PBVNDs&google_cver=1&google_push=AXcoOmTQ_s1Qc_WWv7Lwf4zmT99XYS52hH4XZAhM-7hvzNmfKNMc1ZMtpo8D5pFOnEHgR5lYmtFOhVNKoWFWR4F-rc0JCy9x0j0 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKVStA6N8rwZ6ykC1PBVNDs&google_cver=1&google_push=AXcoOmTQ_s1Qc_WWv7Lwf4zmT99XYS52hH4XZAhM-7hvzNmfKNMc1ZMtpo8D5pFOnEHgR5lYmtFOhVNKoWFWR4F-rc0JCy9x0j0&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTQ_s1Qc_WWv7Lwf4zmT99XYS52hH4XZAhM-7hvzNmfKNMc1ZMtpo8D5pFOnEHgR5lYmtFOhVNKoWFWR4F-rc0JCy9x0j0&google_hm=HslivGZHXNd2mN0bRz6il7dv

Request Chain 172

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJGdtAoEJzHg2YdrWy90doc&google_cver=1&google_push=AXcoOmRUrKsE-kF57xFojoprU-mCVZL3TEjurTjgt0Ynx2DY3i7ipbrHiTXQXcBeRQyMa28EtCL1J-WM246IpeB2EPL8Ocm5gj82 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRUrKsE-kF57xFojoprU-mCVZL3TEjurTjgt0Ynx2DY3i7ipbrHiTXQXcBeRQyMa28EtCL1J-WM246IpeB2EPL8Ocm5gj82

Request Chain 173

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG_9-j9r9M-XONCgYlOTYn4&google_cver=1&google_push=AXcoOmQrkw0Ej1Bt4tKC9QssIAMyZVhLOqPdXPTOJExPutoDyi9VvTaXN8iaV3vU7XKlnTZJjO56RVo6ezdp9_ID0S3wdhC71ta2 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQrkw0Ej1Bt4tKC9QssIAMyZVhLOqPdXPTOJExPutoDyi9VvTaXN8iaV3vU7XKlnTZJjO56RVo6ezdp9_ID0S3wdhC71ta2&google_gid=CAESEG_9-j9r9M-XONCgYlOTYn4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg1MDY3MjE0NzM2OTQ0NTM2ODQ3Mg%3D%3D&google_push=AXcoOmQrkw0Ej1Bt4tKC9QssIAMyZVhLOqPdXPTOJExPutoDyi9VvTaXN8iaV3vU7XKlnTZJjO56RVo6ezdp9_ID0S3wdhC71ta2

Request Chain 174

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOUkqB6Mv-unyP-Z9ChT-iQ&google_cver=1&google_push=AXcoOmSerD1yXVOi7VqW0sv6ApJeYvAWfRCvw9FKFWzyAX5MUqhK2BseCULAEZ8f6zVDGuCzbGaQ4ESiv36gvrE2GXausxdE4xNq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODgwMTYzMjQ0ODY0NDkwMTM0Mg%3D%3D&google_gid=CAESEOUkqB6Mv-unyP-Z9ChT-iQ&google_cver=1&google_push=AXcoOmSerD1yXVOi7VqW0sv6ApJeYvAWfRCvw9FKFWzyAX5MUqhK2BseCULAEZ8f6zVDGuCzbGaQ4ESiv36gvrE2GXausxdE4xNq

Request Chain 178

https://samsung-germany.demdex.net/event?d_event=imp&d_src=38080&d_site=5313500&d_creative=189641794&d_adgroup=23233&d_placement=380729639&d_campaign=29651479&d_cb=1214064808 HTTP 302
https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=189641794&d_adgroup=23233&d_placement=380729639&d_campaign=29651479&d_cb=1214064808

Request Chain 180

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1&google_push=AXcoOmRh60C7VOttcCNWfWRXTRCAG5Xf5Zvaxdl1PSkQ7ETB0O-R1QCmscXVHKCQfcEZt8pxtNAoPnhoYq1ySXWUqcT4MUhMsvW2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc5NjU5NjIyNDgxNTgxMjI4OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1

Request Chain 181

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAIlMxurZUOWgsMZuXpx8KY&google_cver=1&google_push=AXcoOmRr23PsSkH3hkRY7ZGgjDevhs1MCiDcDWJQ3W7jD1TOIO4nobWm268UEq-0BwQPwacVA9w77GeMLIL_u47V9y0p1jOx4LqHug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRr23PsSkH3hkRY7ZGgjDevhs1MCiDcDWJQ3W7jD1TOIO4nobWm268UEq-0BwQPwacVA9w77GeMLIL_u47V9y0p1jOx4LqHug&google_hm=TH154HTvQq-f-10JohCUaxc

Request Chain 182

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAHZvASiNp_N56eA3I91vd0&google_cver=1&google_push=AXcoOmRyYKNwQb664RFe60VKV6mlt8PLCROr_IxuiRFAqhrU6TigaX-2LgdzHHoIMcb-REKcg0PjP2p3G3OKBffg8kcKvGT2MG4B-g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7MH1LhAXRlcZ2okNTyNrqA&google_push=AXcoOmRyYKNwQb664RFe60VKV6mlt8PLCROr_IxuiRFAqhrU6TigaX-2LgdzHHoIMcb-REKcg0PjP2p3G3OKBffg8kcKvGT2MG4B-g

Request Chain 184

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG_9-j9r9M-XONCgYlOTYn4&google_cver=1&google_push=AXcoOmRud7MAFVj6_1FX5Tys4RU_fp9_W7H83kZiKoaYmw_sAzKZUgn5OZONydeXeTH7-01_ml8bbOd55L-4EFyI4g-Z8voIfoXH HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRud7MAFVj6_1FX5Tys4RU_fp9_W7H83kZiKoaYmw_sAzKZUgn5OZONydeXeTH7-01_ml8bbOd55L-4EFyI4g-Z8voIfoXH&google_gid=CAESEG_9-j9r9M-XONCgYlOTYn4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg1MDY3MjE0NzM2OTQ0NTM2ODQ3Mg%3D%3D&google_push=AXcoOmRud7MAFVj6_1FX5Tys4RU_fp9_W7H83kZiKoaYmw_sAzKZUgn5OZONydeXeTH7-01_ml8bbOd55L-4EFyI4g-Z8voIfoXH

Request Chain 185

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK-OR_FzWjPljqRYOJSWRnk&google_cver=1&google_push=AXcoOmSpk4W_D6Fm8aNt7Koy_G0bAChQbkM0f6LMYQUvR8uwvPpz3vp2g8upOzymF-HYluDZHcSuK7H7VPGM1rnLA6j45xTqRswHZj4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSpk4W_D6Fm8aNt7Koy_G0bAChQbkM0f6LMYQUvR8uwvPpz3vp2g8upOzymF-HYluDZHcSuK7H7VPGM1rnLA6j45xTqRswHZj4 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 186

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEDTEPReTDmytHrP8ob4Yi9g&google_cver=1&google_push=AXcoOmSHP4PC9rQWZCPoVPNCImVTqFpCHQfyjg5lf0LcE-VHgxqrczYGedYJ8MD79ROfWCEGPEbEBtkXSDlSpFXD68CH7Lrea9loIXs HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ce8b0e6e-190e-4737-b9f9-beee787f3825&google_cver=1&google_gid=CAESEDTEPReTDmytHrP8ob4Yi9g&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSHP4PC9rQWZCPoVPNCImVTqFpCHQfyjg5lf0LcE-VHgxqrczYGedYJ8MD79ROfWCEGPEbEBtkXSDlSpFXD68CH7Lrea9loIXs&gdpr=${GDPR}

Request Chain 223

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzDoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1700622852_356edb90-88e5-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=

221 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request jinhuazhanjijinhuarenriyu-miguliangzhi Show response
www.xgcartoon.com/detail/ 84 KB
18 KB 810ms
392ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f0bf3a91a1bdc8d77bb4f115ea8e8c0ef7f2a7ca66b700649937e437720c769f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 03:14:08 GMT
etag: "14e9e-gZfbXqgC9iVO4a1OTpQ5tCNcV04"
expires: Wed, 22 Nov 2023 03:15:08 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 03:14:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73200
x-xss-protection: 0
server: sffe
etag: "b209cac081bc437c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Nov 2023 03:14:08 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 157ms
79ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24979159d22e669183d56e2d4bc17586bc3ad62f94c87ce4226f7bc5437f2303

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 03:14:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23158
x-xss-protection: 0
server: sffe
etag: "95f4f5bad9d4d867"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Nov 2023 03:14:08 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 132ms
74ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d0226100df3d2fa77d0ca26140de33676d2678f1348850d4dc031f23d390ef0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 03:14:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9446
x-xss-protection: 0
server: sffe
etag: "ee89a3546e3a6f0c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Nov 2023 03:14:08 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 127ms
69ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c80037aeed66b1de77e82789686d5d65393f0e67dbb0d848434151e4c9a6011d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 03:14:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14977
x-xss-protection: 0
server: sffe
etag: "233cb1cb2c22655b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Nov 2023 03:14:08 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
16 KB 88ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096e5af117be6289f79270963f52d315a65710d1cd48f95935c2a16171c4e080

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 03:14:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15398
x-xss-protection: 0
server: sffe
etag: "70325008ebc4b03a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Nov 2023 03:14:08 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 130ms
73ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d231dab03e0f5f208538cec3a7809ccafe18021983a419c628ecda4b02fa5998

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 03:14:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4733
x-xss-protection: 0
server: sffe
etag: "2936ef8216ac27e2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Nov 2023 03:14:08 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aacd03f1ad46351376066570cff333848f66dcf64153fd31752fc6de3cc6a71

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 03:14:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10341
x-xss-protection: 0
server: sffe
etag: "83089d5803699637"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Nov 2023 03:14:08 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afe48129d69d1636977964c86ba5a17bc8105402afa294c0a61300f6df050a63

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 03:14:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32227
x-xss-protection: 0
server: sffe
etag: "705776dc36d17428"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Nov 2023 03:14:08 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
467 B 207ms
149ms Image
image/gif 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 829e00237c8e9c07-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 211ms
211ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:08 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Wed, 22 Nov 2023 03:17:08 GMT

GET
H2 200 jinhuazhanjijinhuarenriyu-miguliangzhi.jpg
static-a.xgcartoon.com/cover/ 161 KB
162 KB 955ms
781ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/jinhuazhanjijinhuarenriyu-miguliangzhi.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e46753fbc48c3cccaa132ee230c29fc1233357aa4943994ae528fa67a371888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 08:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "A8A9D9F52B0791E975FF4AA1992AE8FD"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syxPSy6njCfhTeGJ0zPgBCl3ZTyCj7ysOjuKqygpwEG7vePWdnVmbA0E4rooThf6HmbP0602oZ8Q4BXd0AJbOgxH1BHG1t1EQZC4APQayIHB2EX%2F6hn%2FOM3%2F8F4mrSByr%2FMAuS14CP%2BLtigioyJDQzW%2BiQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 829e0025a8cf18cd-FRA
content-length: 165295
expires: Wed, 22 Nov 2023 03:30:47 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 216ms
214ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:08 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Wed, 22 Nov 2023 03:17:08 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 209ms
207ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:08 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Wed, 22 Nov 2023 03:17:08 GMT

GET
H2 200 xiaopinyijiarenzhijiangdaolichaoren_dongtaimanhua-tengxunshipin.jpg
static-a.xgcartoon.com/cover/ 74 KB
74 KB 1205ms
1032ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xiaopinyijiarenzhijiangdaolichaoren_dongtaimanhua-tengxunshipin.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ca6342887029556b06f279d9e7536aabebba9fcbb7c326893b85404bec4e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 21:41:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "815AE84DB301BDD184F495D310C44E6D"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8b5JAKeQigvWeHulP9hc5IUuixWOGPbXlwpJWnoPCVLmWApjdEGFpnNksgAzJNn5TdgGEa767uI4vVtHgUVesgCVurmbmYzeS4JooLthMa8y2cc%2F3GIUrE74Mnmx4FXJdGXmiXYeR9qHhdmxFolSv1%2BY4xc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 829e0025a8ce18cd-FRA
content-length: 75302
expires: Thu, 23 Nov 2023 03:38:19 GMT

GET
H2 200 langkejianxin_-mingzhijiankelangmantan-liulangrenjianxinyueyu-yueshenhong.jpg
static-a.xgcartoon.com/cover/ 75 KB
75 KB 1144ms
971ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/langkejianxin_-mingzhijiankelangmantan-liulangrenjianxinyueyu-yueshenhong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 961f7df9a55477821e0e58f4bdcb0e74496fd11ff296572a1cdf18a504c5b8a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 06:13:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "515A0F03F13F5638D633D630EED843BE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okFtc2geocRUfZuqZd9MO2YksdRan7a0tGAnRErLaIJyrlvqH9GpXi0u5hq%2FjNmxN%2Fqa8C8ye7hNYJO9FA8Jjfv7pk0bqfFfkP0L7ztSXk6vXVkkGe7DzFN9m3ZCy0S6xqORyD6MlrEV9EU15%2F30faHckzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 829e0025a8cd18cd-FRA
content-length: 76393
expires: Thu, 23 Nov 2023 04:44:25 GMT

GET
H2 200 baogangongchengshideyishijiekuangxiangqucongsiwangzhilvkaishideyishijiekuangxiangquriyu-dazhaoxin.jpg
static-a.xgcartoon.com/cover/ 72 KB
72 KB 1162ms
989ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/baogangongchengshideyishijiekuangxiangqucongsiwangzhilvkaishideyishijiekuangxiangquriyu-dazhaoxin.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d5a213935cfae539406701049774133266c4e376ad3551037194a1f0a181a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Jul 2023 02:46:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "DF63F895294D7B7A3B30C5896B129F42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROgNK6JxVkvZgHHkPxxT%2B2QNsa%2BalfWuyc6DpsRGDc8Tyk42ciHWCjIh%2B1C71GXhWnKYH%2BbphxH2SKDAFeese42IgTWkNVPoqeuwKnv0YemLcyqcP%2FezNGAfiXGe4t6PFPCpeyAvbMz%2Fr%2F%2FxwY3m9N%2FBH3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 829e002598c918cd-FRA
content-length: 73481
expires: Thu, 23 Nov 2023 03:19:28 GMT

GET
H2 200 miaomiaomeishaonvmiaobukeyanriyu-jiganggongwei.jpg
static-a.xgcartoon.com/cover/ 60 KB
60 KB 1159ms
987ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/miaomiaomeishaonvmiaobukeyanriyu-jiganggongwei.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 147123f5636ab90ebbad7dd0bad22ee2abc80dd6b019e413908f8c2d846a2ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Jul 2023 06:23:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "24171634BA36863299C7BC61BD449E43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaXsXUb1OVAm7HTwMdc8%2BkxPvDX%2FEUuf%2FaX7qzMgiU1C27CYkq8QMhbXf6Z5cjWgEA8n19g0crreuOUoJkgl1c82Bn2ju%2FkeQjJsqpDAnfbPLl2QmYSX08QEmCwUhHwQ4ek0ftei7o0glNwlNIrJ7z%2FVN%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 829e0025a8cb18cd-FRA
content-length: 60972
expires: Thu, 23 Nov 2023 03:26:07 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 8 KB
3 KB 77ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 05:32:45 GMT
age: 337283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "ebb1be4e47c7faed"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 05:32:45 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 237 KB
62 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de77969ba046f1d65becf2c6edaba80b74522e1cc9afee70661066fc471420eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 01:29:57 GMT
age: 351851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63670
x-xss-protection: 0
server: sffe
etag: "e2462c3292cd3f65"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 01:29:57 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 12 KB
4 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 04:39:45 GMT
age: 426863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "3c281510b2fc8bce"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 04:39:45 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 477ms
414ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310301456000&d_imp=1&c=10620002205&ga_cid=amp-1B-06Wjk2wGk0cpzmpPzSA&ga_hid=2205&dt=1700622848918&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinhuazhanjijinhuarenriyu-miguliangzhi&bdt=433&dtd=9&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

874f35c9081209c3c48dc059db9004bd350e635094696f6fca5b256344fbd13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14417
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CMnGy-bR1oIDFQfiuwgdnk4BVw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 22 Nov 2023 03:14:09 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 153 KB
52 KB 307ms
244ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310301456000&d_imp=1&c=10620002205&ga_cid=amp-1B-06Wjk2wGk0cpzmpPzSA&ga_hid=2205&dt=1700622848919&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinhuazhanjijinhuarenriyu-miguliangzhi&bdt=434&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfddd60b28325e6db46c365acb1aedfe4f11f43c34badbc2cfa3a3639b6c38ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51264
x-ampimps: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgQxHAXJdZeqBAvyU7_UPj9WimAOzx7Cjbqvi_duUDNrZHhABINPLzjBglfrwgYwHoAGumIqiAsgBBqkCGPGLRMhOsj7gAgCoAwHIA9sEqgS_Ak_QsOXchjhAf4RNswLM9Yj4SFcl0W1tltxyH7gRiMVo_0wd6WIJxfT33K_jcja-77XFL2HeLJj5ajjT0lNhx3T0SNK-Tsae57A1qj91-AduHN3So8zY9kt0vdi1iZa6iIMR0_UcvhDP8h78vSD-ujvmNaOGhzIRWXsm3u6ke6rAzinVSZ039PYZocJMXuNdsfKyjOQZVHXvBkYJo9FYKzhQ6W_KKDBMsrRL1dtqnOiHEQ9XqtzyERgLsFH-NxXzsrxoo5WVe-fWj5wn9H30jAagLSJpVyKOd4qRTubwMdvIdABtaZd1Gdz9z2Pcy7e2r7ZgRDcVj0rsHkVJR2PyaK-VJGREXcqJWmFcM451sh9zj6uywhPNwG77VSOcGrvV9xoKB4Dkhr8A7759uwSNje7rni_gitWtNgB0vUedLHXABPWVyZyEA-AEAYgFk_r5jCiSBQQIBBgBkgUECAUYBKAGN4AHuuf13QGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCivwLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkgaHR0cHM6Ly94Y3JhZnQubmV0L3JlZ2lzdHJhdGlvbi-ACgPICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLiDRMIkJ_A5tHWggMVfMq7CB2Pqggz2BMMiBQD0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=pH_5gvUb-cY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNXZr_NdAMirzQ9H1Ws6kzda3_l_eGpxgB&template_id=492
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CKqGwebR1oIDFXzKuwgdj6oIMw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: X-AmpImps,Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 22 Nov 2023 03:14:09 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 667ms
604ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310301456000&d_imp=1&c=10620002205&ga_cid=amp-1B-06Wjk2wGk0cpzmpPzSA&ga_hid=2205&dt=1700622848919&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinhuazhanjijinhuarenriyu-miguliangzhi&bdt=434&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af4d8c2eb95db499b8efc4d2a327b0fc9f6bf61a6466e35a5a9e7fb1f32df0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 320x50
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13616
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJGtwObR1oIDFbrFuwgdT0YPnw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027454033
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 22 Nov 2023 03:14:09 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
24 KB 1090ms
1028ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310301456000&d_imp=1&c=10620002205&ga_cid=amp-1B-06Wjk2wGk0cpzmpPzSA&ga_hid=2205&dt=1700622848919&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinhuazhanjijinhuarenriyu-miguliangzhi&bdt=434&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c1a26fcdb2ba6bd3889eccac4f109cd1a6482d97e177b53030f6e67452bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23929
x-xss-protection: 0
google-lineitem-id: 6350518038
x-qqid: CJm7wObR1oIDFYvJuwgdcygPVg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440647307
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
24 KB 876ms
814ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2310301456000&d_imp=1&c=10620002205&ga_cid=amp-1B-06Wjk2wGk0cpzmpPzSA&ga_hid=2205&dt=1700622848919&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinhuazhanjijinhuarenriyu-miguliangzhi&bdt=434&dtd=12&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5e78823d29ca02eb8ad1eabe7bd3f3fd7ea01d721e95ee303a407d437b084c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 728x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23936
x-xss-protection: 0
google-lineitem-id: 6136661665
x-qqid: CO2qwObR1oIDFfbDuwgdV70PVg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138370495019
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 22 Nov 2023 03:14:09 GMT

GET
H2 200 container.html
8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 120ms
30ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012310301456000/v0/analytics-vendors/ 2 KB
886 B 23ms
22ms Fetch
application/json 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 03:16:26 GMT
age: 345463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "bcba5ecb5154feab"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 03:16:26 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 209ms
208ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi
AMP-Same-Origin: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Wed, 22 Nov 2023 03:17:09 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 97ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=2205&cid=amp-1B-06Wjk2wGk0cpzmpPzSA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinhuazhanjijinhuarenriyu-miguliangzhi&dr=&dt=%F0%9F%8D%B4%E9%80%B2%E5%8C%96%E6%88%B0%E8%A8%98%EF%BC%88%E9%80%B2%E5%8C%96%E4%BA%BA%EF%BC%89%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1700622850&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 017C 6 KB
3 KB 30ms
29ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:09 GMT
expires: Thu, 21 Nov 2024 03:14:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3CBD 6 KB
3 KB 30ms
24ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:09 GMT
expires: Thu, 21 Nov 2024 03:14:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AAF4 6 KB
3 KB 28ms
24ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:09 GMT
expires: Thu, 21 Nov 2024 03:14:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C3E2 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:09 GMT
expires: Thu, 21 Nov 2024 03:14:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 44FB 158 KB
50 KB 175ms
92ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1yAQADIQkIu-IHAAFOnotfGwbJkWkz8yAPEg&u=%7ChzZ99vLVsWjR9RRLLMpD02XOFjGlx9N9TsUAISrp6Ys%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4xxP9T5iTyx5FwWG6yvvocOfr6acBUZm0opn17_EYy791xCsJ9gezHq1Mwo0Jllhmnyb4okR7dkzUSl134peD17rTt51weaAU3A9rg7SIGqjsCcf8zmH7S1wKWZA546mtXkH6K8dPvSqJEKzO5LM4pAIajLV3esPqFM2Q0JXOP7WHzhKON-n04XpyI4qcX_I15dKaPcuoqDh5kLOSQt2g3JpLHrYCQJFW_sFrT-FIpnmPgiaeYvotl8ECGcG1GMvvLSjQLkBKj3TErvnaQLnw67y_Z9OWVYF0pytf1r63KS8xhZuWeMs3i3zZS-hPF54b_XiFo7acNWgVCc74i14MlnYn4pp8_ZAhAT6pQVytWJeSCv8lvGWCXaAcSbmeAeqvXWJ893LxiE_W4aKmlyzCTynQjAVOv1FKxbH1dS1eRSNByIYKssizX7hwkzQMiQ5pyV6D72ak3RsogSvDxlHQJpAhpV60ylS4OLzDYhfc-Hs8WfHh-s2T4JTxIrqk1i0fMEd-l0UNqoXWt7vkNe6wX-uSDIrKjTxiE_xK59CVuzep5b_d_gr42Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrDBVAXJdZYnCDIfE7_UPnp2FuAXJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgStAk_QiHPLqrp9CIvmGUwfKwNg5SVq15w9KA6_dZd2TM-Hvry0_IYLWNJ6XmalkQoC7CT6NYCN_PoSSnwkuMRsCMkTQhpBG8BDm0XPnHjQIClbegG-QqDY6tB5tGO_DCJHVQ6TAV5oSujcPtJ1WX7518XlLgsXq9c4sS1lpzJG8KarBszUNEcjG1PO-nSXZAtboFi6bgm8bzpDKFuL7_Ct5erCy6ggtN1vV-kKxcQs2ikH0GqWEteukoxiGoPtcyqh42c0-AJU5BY7kgW2MVWoJL38rXb47F_BqMQdsd65uTpetWyqa7fu7_q8kjAmGaDIh4H7Jfh-5-HuPvlI6I7UAPYZ5IcQpgNa8xPUCNzKIxvrlWXp3_MK2k0BvABWkArL-niGUq9YlQNDoRLvbzzgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwiOr8Dm0daCAxUH4rsIHZ5OAVfQFQGAFwE%26num%3D1%26sig%3DAOD64_3e0p4OgCzKVatPUaK-yV2R74JyJQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bf1d3e6c74f29513274854308f7afada9930bf9319788639e00fdf557aeb5e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=PAb58DgShGCIPC7ZOXXWAbZjsEmyCxXTEFHl7RZteoOSFUsGC6OLvnBuU46uLQGNabSLxomTom6Sf3dgyYQ2lsZeHw0s_AiefpqLg-Y8BYJLcZPOYe7BHKDuEyn06053UZlWAa5blhckLg2KR3WU4EiyuUhmXz-5MOWF6gdG_1dLBC8DSh56bN0YIFM24NV-uW-fFqYJv0XBCcDhFSVA2Xf5y0m_ok6cHQYmZaWs1wgCXTFIgfgFZo53u-b75aOVqMzkng"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 47782915
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 017C 3 KB
1 KB 136ms
55ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:29:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 017C 20 KB
9 KB 102ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 017C 24 KB
7 KB 106ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Nov 2024 10:09:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 017C 202 KB
64 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3CBD 36 KB
14 KB 81ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0d006d3b93ee93e669d0b6b3b2b29bc4da89483eef6007c90ab91598a8bf701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 17:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14410
x-xss-protection: 0
server: cafe
etag: 7890425002344327526
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 17:26:40 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3CBD 24 KB
6 KB 98ms
45ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Nov 2024 10:09:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CBD 202 KB
64 KB 126ms
74ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 3CBD 23 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3CBD 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:29:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3CBD 20 KB
8 KB 101ms
49ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AAF4 24 KB
6 KB 91ms
46ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Nov 2024 10:09:23 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame AAF4 24 KB
10 KB 125ms
34ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1821196f2abbf6fa928f4417ca0a90dde7cd24983c28fe50d9eea66356475100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10179
x-xss-protection: 0
server: cafe
etag: 1130849435876820695
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAF4 202 KB
64 KB 137ms
93ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C3E2 100 KB
31 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a34742cf62432547e92893047c4c29a4ae2df50188f41e5c3d0ca0de758d9fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31385
x-xss-protection: 0
server: cafe
etag: 8 / 19683 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3E2 202 KB
64 KB 109ms
81ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3E2 0
437 B 60ms
60ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtyC8pedWmJF3qFciNQMKh-RUWbfrIJ97PePANeBsem0v-ZGm40TMHSHhGprXZ7h0gquKl6mYIJPfUjOvutRkCTtJMeebiblcUkoPIgU2c6-8vhUblmsJmJ6FKa9iUPmaNVgEjyLacIRq3iY4P4-pcS6baT8A2C0ZYy_Zo0dziChwzvWwMmd9brzLfBi2bqgBesNzdvXTO1wZtvNeI6z2cuNwPkJQpybQ8RD3lnACsUapQHLU-XuodZ0FbNhzHbOw5PaneEUDL-Dk9gPhqKYSR71sBSAeEGd2YwGqd_rzDzCCrGS88ngoOJSX9Kp4yAmKl7vszlGWyIKFjcXVMsqkP_q3sodrdTpgv7hbaPagUPpFJSFCFVEYLzjoc1pz9AOmiNYAzuWL7HaUp&sai=AMfl-YTJ8dKJI4mfl76S5Oo-RgpzzCl8K4Wmoz-3aoOsNX_eFk8Ej0AQhxt-eR0oNq2OZMpv06_5IEOYtMa-6lM&sig=Cg0ArKJSzAGJCNKWFzGyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H3 200 container.html Show response
8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 33F0 6 KB
3 KB 26ms
24ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:09 GMT
expires: Thu, 21 Nov 2024 03:14:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 33F0 98 KB
30 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd7bb4fd8d7bbef0aa1444d580657cc75c63bdc4806b619d2b8b08f857824e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30331
x-xss-protection: 0
server: cafe
etag: 452 / 19683 / 31079695 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33F0 202 KB
64 KB 92ms
89ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 33F0 0
29 B 82ms
79ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshSs2Po0CPHez3rmNch_-C_ZX69zqypA2cyP6i5VQD2fjIEh6TDjvolEWg6wg63CU75VP75UJc-7bYZLr4SRwpgXttnMz7BctLECIMZhXapZSOPCuV3ZIu8fKMTxe3rjH3pIbKs9Fo2gdurVg0UiRJY8VZ9ykUanjFTEKi4bYfh2eSHx5MB5TrV_mnmfe3HjQc5jbs8ekuVe3OYuwbavdxwD5sq1evzAOqTadAqetU8U3Vs0yKaaiSSPOXOdLyPpWwLDAUZu21o9seqyVA_D4aVNkVm2XncBn-DEjWm05xlbOtg_nudV9BjLpqonekq3jvfX-mo-AvbvKNmNJdhmePW64NHxZxr8S0S4XGyJMeL3soma3zyIi73fUYVUmnPX_8rpKcb6MilmA&sai=AMfl-YSlfoxDuFPyM0YInlt3Y54v6fZv0B8gc9m73XRyUAA4p9eM2VMZBhfWCzXpjQ_o-iVKWDzGYM5s9-5JnMU&sig=Cg0ArKJSzKgOfpVCJhfKEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
DATA 200
OK truncated
/ Frame 017C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acb8a3e7cadc2c0a9f16959000f631136b580a9f7a5eb4a7095eb49ab38cb5e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame C3E2 429 KB
134 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59733
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 10:38:37 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4630882801178358159/ Frame 3CBD 108 KB
109 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4630882801178358159/14763004658117789537?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qkU4GnmqnaW4jZaqimzQjDpapssEg

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6428ad454d38fea0c344634cff185057c0111181bdebe2873b48d357c27bb49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:03:40 GMT
x-content-type-options: nosniff
age: 328230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110995
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 09:16:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Nov 2024 08:03:40 GMT

GET
H2 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame 3CBD 1 KB
1 KB 22ms
22ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467198
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 17:27:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AAF4 0
26 B 68ms
66ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKXWJYt9pX2kWBgBwkemsrHeV1Wei5oh5_KWYQ8kvm15abxncSuBE20_eatl-HHLya-B_wfoIxupd1jNzTLf_6okCAY_h2y6cdL6S6y4AvnjtK3_kdXvIaK_7ELBi9tcr8eji_jBg2zXhZ0yFtlj_s6In2L9aqe5H8paQLjgkuaIX6SrkFicDgVW8f1O8VeRRsWF1npzMI0F2c9PzgSQk6nk3njMrPujW9V52f7kG6rbVCRTqkPuZe8MRTevl-JUPiwWYojND6FHs8ry6UJm9AakqR-p0gMf8Hg6ybJtwgjpVSSmD1Njh1ijdl2C1i9Ys8PUoXbCYU7RU0NiNrjyY9M3KVkE-oad1-53OsbkyzwEBqI9N_k-f6oVX2bs-rPgOs3_Vy&sai=AMfl-YSNd3F4bvmDIEC8r_PpZEDGEV7bMzAer1tdQdTYBAOs0Aa2orF6y-IR9SkDMN3jV-I2u7-m6lP2oZtAtUo&sig=Cg0ArKJSzAKX3MOJsn2dEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 44FB 2 KB
1 KB 118ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV1yAQADIQkIu-IHAAFOnotfGwbJkWkz8yAPEg&u=%7ChzZ99vLVsWjR9RRLLMpD02XOFjGlx9N9TsUAISrp6Ys%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4xxP9T5iTyx5FwWG6yvvocOfr6acBUZm0opn17_EYy791xCsJ9gezHq1Mwo0Jllhmnyb4okR7dkzUSl134peD17rTt51weaAU3A9rg7SIGqjsCcf8zmH7S1wKWZA546mtXkH6K8dPvSqJEKzO5LM4pAIajLV3esPqFM2Q0JXOP7WHzhKON-n04XpyI4qcX_I15dKaPcuoqDh5kLOSQt2g3JpLHrYCQJFW_sFrT-FIpnmPgiaeYvotl8ECGcG1GMvvLSjQLkBKj3TErvnaQLnw67y_Z9OWVYF0pytf1r63KS8xhZuWeMs3i3zZS-hPF54b_XiFo7acNWgVCc74i14MlnYn4pp8_ZAhAT6pQVytWJeSCv8lvGWCXaAcSbmeAeqvXWJ893LxiE_W4aKmlyzCTynQjAVOv1FKxbH1dS1eRSNByIYKssizX7hwkzQMiQ5pyV6D72ak3RsogSvDxlHQJpAhpV60ylS4OLzDYhfc-Hs8WfHh-s2T4JTxIrqk1i0fMEd-l0UNqoXWt7vkNe6wX-uSDIrKjTxiE_xK59CVuzep5b_d_gr42Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrDBVAXJdZYnCDIfE7_UPnp2FuAXJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgStAk_QiHPLqrp9CIvmGUwfKwNg5SVq15w9KA6_dZd2TM-Hvry0_IYLWNJ6XmalkQoC7CT6NYCN_PoSSnwkuMRsCMkTQhpBG8BDm0XPnHjQIClbegG-QqDY6tB5tGO_DCJHVQ6TAV5oSujcPtJ1WX7518XlLgsXq9c4sS1lpzJG8KarBszUNEcjG1PO-nSXZAtboFi6bgm8bzpDKFuL7_Ct5erCy6ggtN1vV-kKxcQs2ikH0GqWEteukoxiGoPtcyqh42c0-AJU5BY7kgW2MVWoJL38rXb47F_BqMQdsd65uTpetWyqa7fu7_q8kjAmGaDIh4H7Jfh-5-HuPvlI6I7UAPYZ5IcQpgNa8xPUCNzKIxvrlWXp3_MK2k0BvABWkArL-niGUq9YlQNDoRLvbzzgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwiOr8Dm0daCAxUH4rsIHZ5OAVfQFQGAFwE%26num%3D1%26sig%3DAOD64_3e0p4OgCzKVatPUaK-yV2R74JyJQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:14:10 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 44FB 2 KB
1 KB 119ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:14:10 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 44FB 308 B
637 B 89ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 03:14:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 44FB 293 B
621 B 89ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 03:14:10 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 44FB 43 B
348 B 114ms
32ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=44g7Vn_HudUqxNn-waL3LdtUvYvei31gmaRx4UXh3phjvvqakLdd_dFlrXPwGjoZ-0QwyMopqtbGhBSOQQzqaF5sXrF9p3ogvGdo42GMhRaAU7K2mZQ2qIUxdybldTbAXaDfR7jeCJg7DtXESvMqoXaXOA579aqtCn79Yc1ZVqQ89cLZ3-ZWi6MMyltKgugEX5ovwZn3X3xxwTZhH-PldCQbayI62dFmryLVbVUbU_vbyaajRKyDk11418nd2d_9FuoBsuoF5bs4tOVADXy5fKlR5uOrKEu7gIjrm9zxnQwZwSJh4KW7sSx9fPaOoquakOQz9kbW19dXU6g8L8jg1fmx3t6vXRjz2V_ruoVC9vO5CtgAXwJ6MC-XNnHE5G44wZ5FlQRFwz1W5vqAQ7aht07mirKtX9Xxib0kichzMBoyO-SZ9oxdyQGNRYhsX0gx5NdNgw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2486462
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AAF4 150 KB
52 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13eb07e1962399c8d1bd190595af2a4dc41d7a19600301260826001259e12da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52681
x-xss-protection: 0
server: cafe
etag: 16374132937502891449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ Frame 33F0 431 KB
135 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20694
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137994
x-xss-protection: 0
server: cafe
etag: 6213585212225905441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 21:29:16 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A453 143 B
383 B 79ms
23ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 02:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 44FB 12 KB
6 KB 41ms
41ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:14:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 44FB 4 KB
4 KB 130ms
52ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048761%2F6f7ba01dddc545849d773bd0825bfdfd_kare-spassamwohnen-2020-clean-rgb.jpg&v=3&w=256&rid=4&s=bV4K7e3LjGUnZkc-ouaGI54M

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6221253ad9714c013d8ad0fe4630839bac19c58e88ea423d4cf2a1b9e0f79aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3686
expires: Fri, 18 Oct 2024 12:21:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 44FB 28 KB
28 KB 158ms
81ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048761%2F21393a45d2d04d6bbea2d1b316744f92_2023-09-native-ads-strong-man-640x360px.jpg&v=3&w=1200&rid=4&s=wGcMqd2HLx53ehIzq9jTzNfd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

62ade288f2abf7a6aa32dd1342efedc3ae89cd69a61d55011e3ef07881bfcad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 28872
expires: Fri, 18 Oct 2024 12:21:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 44FB 21 KB
21 KB 190ms
112ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F28cdec48592007aeb1404086d89e84e9b0628439.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=CP5g8G4FpyX1ixNSkfHWei_K&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

136abe5a5e2bc44d9d5e0b914b4e89c433c6f26fb969bccc5a4614ca4e345bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21206
expires: Sat, 02 Nov 2024 09:15:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 44FB 6 KB
6 KB 129ms
52ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Fc1ace0e56cf7ca2722f6c8efefa2a1b535d2b088.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=hjNH2eSIo4FRuZWxEf26zPL0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f280711898dd279348bbdf0fd10d7b22f9d0de316a5597b9cb4e1d8c86c5d3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6266
expires: Sat, 02 Nov 2024 09:11:32 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 44FB 0
128 B 135ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=PAb58DgShGCIPC7ZOXXWAbZjsEmyCxXTEFHl7RZteoOSFUsGC6OLvnBuU46uLQGNabSLxomTom6Sf3dgyYQ2lsZeHw0s_AiefpqLg-Y8BYJLcZPOYe7BHKDuEyn06053UZlWAa5blhckLg2KR3WU4EiyuUhmXz-5MOWF6gdG_1dLBC8DSh56bN0YIFM24NV-uW-fFqYJv0XBCcDhFSVA2Xf5y0m_ok6cHQYmZaWs1wgCXTFIgfgFZo53u-b75aOVqMzkng&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:14:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 44FB 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:14:10 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 44FB 2 KB
1 KB 37ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:14:10 GMT

GET
DATA 200
OK truncated
/ Frame 3CBD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9775f872c78a013224e8a6ed90c47cd32f8a7295065826ea943198fbdfa61f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C3E2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77c6dee173dbcd40c080cead582b57052fd7e065707a79315dae083647df4723

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C3E2 25 KB
12 KB 314ms
314ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1001667210739326&correlator=3001155036213440&eid=31079659%2C31078015&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C468x60%7C728x90&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com&abxe=1&dt=1700622850442&adxs=0&adys=0&biw=728&bih=180&isw=728&scr_x=0&scr_y=0&ucis=82tdbgpnmtuc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinhuazhanjijinhuarenriyu-miguliangzhi&loc=https%3A%2F%2F8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&dlt=1700622850055&idt=366&prev_scp=in2w_key9001%3D1%26in2w_key%3D70%26in2w_key2%3Dnope%2Cbenchmark%26in2w_key3%3Dnop%26in2w_key4%3Dnop%26in2w_key5%3Dbenchmark%26in2w_key6%3D--3---%26in2w_key7%3D1580%26in2w_key8%3D70%26in2w_key9%3Dbenchmark_request%26in2w_key12%3Dbenchmark%26in2w_key15%3Db0%26in2w_key16%3D1&adks=851951971&frm=24

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0b81a123e01781ec59d4493e7db19cdbcbc911f51009356b1c808d56ad343b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11831
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CEE7 6 KB
3 KB 50ms
30ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
expires: Thu, 21 Nov 2024 03:14:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame AAF4 400 KB
135 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcccb99202620830eb72555609352e59f36ee70374044a1c6671d1ace613d08e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138528
x-xss-protection: 0
server: cafe
etag: 8404223425930713078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 01D3 9 KB
4 KB 26ms
25ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:57:20 GMT
etag: 16674218716276178799
expires: Tue, 05 Dec 2023 21:57:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 33F0 125 KB
47 KB 329ms
327ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2232162055958793&correlator=3514189846057613&eid=31079695&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_mob_anime_vrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600%7C300x100%7C300x250%7C300x600&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com&abxe=1&dt=1700622850542&adxs=-12245933&adys=-12245933&biw=300&bih=1200&scr_x=0&scr_y=0&ucis=12p1soj7l9wf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjinhuazhanjijinhuarenriyu-miguliangzhi&loc=https%3A%2F%2F8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&dlt=1700622850136&idt=382&prev_scp=in2w_key9001%3D1%26in2w_key%3D95%26in2w_key2%3Dnope%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D95%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1&adks=3552451172&frm=24

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c6d0728952d6838d4265a88ad53c20bce319ea25c8db4c7ef873699d7866e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48159
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B212 6 KB
3 KB 46ms
31ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
expires: Thu, 21 Nov 2024 03:14:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A453
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
29ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
expires: Wed, 22 Nov 2023 03:14:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 981F 38 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 479412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 14:03:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3E2 0
0 138ms
94ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsun62z3QU5r-cjx2vI62aT0WPnaWlF8Ar7VUPEEZtNY_x-66acCCO2f-Z4rUNk68TwB2N8PHRC8HWS_SV6z9abew0iHHiss2DYUM2TweBI-X9LO9RcmX_1wbtp9Q6BIJpI5FsAvIA_nLpvMu5EOOV4rUy1nRK2coXNqyMkJi9ebErWo2-Ybe1R2qDOecYQEA5p8hz-_CMweB376M2FRGHlF8F7tKDoNigWG7tR-2CXwvureXObU3wx-IADdrLLvIqKzbzuNHRKpEaSoFoAB7QVtTPVmhjuCCTJ0OA9vVsLObNl7lUR7VnEReXw7Kd5qwKnONOqT41u1OOy9XnnRyQvulTJuyaqduxvNjZRKK562PlxyAd-vxLH--2kYGazN6FiT339Bo8LejngLQdA&sai=AMfl-YQ2CI0O4ucKSR81Vy5OOL0XjRMIKEIPHnoUdj7cv1QEAVYYpOLPHk5neoW4bGlugKW5DWL3aQH_zyVbmuM&sig=Cg0ArKJSzLbrOOUuP_DSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C3E2 16 KB
12 KB 96ms
46ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bea159f9bfd8a5f0ab88e7fc340ed7b2e64639222b47b5a3e8de709ce91294c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12271
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 017C 0
0 75ms
74ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CU491AXJdZYnCDIfE7_UPnp2FuAXJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-4AIAqAMByAMCqgSqAk_QiHPLqrp9CIvmGUwfKwNg5SVq15w9KA6_dZd2TM-Hvry0_IYLWNJ6XmalkQoC7CT6NYCN_PoSSnwkuMRsCMkTQhpBG8BDm0XPnHjQIClbegG-QqDY6tB5tGO_DCJHVQ6TAV5oSujcPtJ1WX7518XlLgsXq9c4sS1lpzJG8KarBszUNEcjG1PO-nSXZAtboFi6bgm8bzpDKFuL7_Ct5erCy6ggtN1vV-kKxcQs2ikH0GqWEteukoxiGoPtcyqh42c0-AJU5BY7kgW2MVWoJL38rXb47F_BqMQdsd65uTpetWyqa7fu7_q8kjAmGaDIh4H7Jfh-5-HuPvlI6I7UAPYZ5IcQ5AF7YZNH2OFs8zwxGUUAe_0t0PsLkhjUJML2XIo5TINADcnXgfvgBAGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAeINEwiOr8Dm0daCAxUH4rsIHZ5OAVfQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=kqtPWNGzNz8&uach_m=%5BUACH%5D&cid=CAQSGwDICaaNxrzBLsg6LxOcPE4GBZhAoIzqVIIzBxgB&cbvp=2&vis=1
Requested by: Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 017C 0
126 B 126ms
36ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k8HZGMg12AVanYNiAgIAAAADNhDNspDdxr_52f6F8G-REAByXWUHq6WErUom9YiaAAASAAAKCkFRVUREd0VCRHc&wp=ZV1yAQADIQkIu-IHAAFOnotfGwbJkWkz8yAPEg&cbvp=2

Requested by

Host: 8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 158427
server: Kestrel
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 33F0 0
0 69ms
58ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9Smn9hQ9GDSeGCkFRPmk4tXdN_0KJ7N-W_w_WNcnjs_FN6bw3SG29Ob0lQMD-r4MsiUpCwsM5-a0YZIHjBuSFI2oueInOsDWaJ5TCMvv8XKiqGLvFagWvLTZljMl4giC2WLwk3aQ_6dMFxtsCD1w5W3rpLx-YyilUaPfvKNb9H1SgEnT9Z8adZHyhE17cWIoCbfORHGYr_W4tG6IYN2t2ybcoypHafiB4hAeVUoPX2BGvxgbqlJ2J4QRJqQO0vxdHc2Oiu7zFXZct0i0zQIn-2YDHKQSnZLXqAEY87hEtOtpoB87RplEVYfOh4Mg9hjJbPnJwD0J20-W4Bf7mGolt1QWNiodJXXAOIEuluHnYOGL-xw6u6bg71cPnIdAy24HfxWmyOwGUQOIV7g&sai=AMfl-YTfjh48R0HWDKKjKElFMQrAm-Sle1K5cBzxgiaqdW48FqYYGxKzJk4b0eNR80Xs7PAbRZ8S9QhqsrpW9k8&sig=Cg0ArKJSzPbN_O-9RaFvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 33F0 16 KB
12 KB 55ms
37ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1af0eaedbf2589b79e2b2bbb6b85480ca3e3706e772c7cdd8aee5b768dfacf8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12346
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F4F8 39 KB
16 KB 324ms
323ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700622850269&bpp=217&bdt=217&idt=364&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&is_amp=1&correlator=2205&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575605023&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079605%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285%2C44809053%2C31079698&oid=2&pvsid=3840382749125815&tmod=1831003793&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b4q560hq2e96&fsb=1&dtd=379

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c641878f4049cfaf6aa6a1ebe88176bf609e506a4fa45a461b4e3ef056a60951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16473
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 33F0 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C3E2 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED2B 13 KB
5 KB 33ms
28ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 23:21:42 GMT
expires: Wed, 20 Nov 2024 23:21:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C7E1 829 B
995 B 79ms
72ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb46bcad23b265c49414fc7775ac6682b71eb7c44dceb90da68322df575da5b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D57FrmfNNmoFNpcfBzLaog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-D57FrmfNNmoFNpcfBzLaog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
expires: Wed, 22 Nov 2023 03:14:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7536 13 KB
5 KB 36ms
32ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 23:21:42 GMT
expires: Wed, 20 Nov 2024 23:21:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EEDF 829 B
769 B 87ms
75ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

525a02f1c31210195898fe91d5842d80e195b585cc1c76fcaf5de348a20f096a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OgbPwFPKNuiahz5i9TGH9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OgbPwFPKNuiahz5i9TGH9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
expires: Wed, 22 Nov 2023 03:14:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DFD9 6 KB
3 KB 42ms
41ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
expires: Thu, 21 Nov 2024 03:14:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame ED2B 39 KB
15 KB 31ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 7536 39 KB
15 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C7E1 0
0 68ms
66ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311140101&jk=2232162055958793&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D39F 624 B
242 B 48ms
46ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDMv5e-BRifw_77ATAB&v=APEucNXojBCu06aZTFLs664Qm3qcYKzO_xtmYh5Qb2Ns7lOxEaeO5EQja3DnpfqY9_GaMBsmMPBILGGWuE6dL5DaFEnGsnAUGDsSEf5ikVu0zAbzRyKJlsOdNMj_m91eazS8l3MhHAEtu34o62tKDDMMVhi5uD8WPM1tUCrC6WlUFnfBkkBeLss

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DFD9 89 KB
31 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFD9 42 B
63 B 59ms
57ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Av8w8KpnvhIbelcXXSvAbvEBKx4icHMToGDVZNEPbRls3wZOJSPfYbotnicCgegDh3v-YWJTzlOK8t7Hn5l-8OakTTUkM4m7HYAe33Mm2UV6u3by8

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFD9 0
20 B 59ms
57ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1874402642365037323&x=1&ct=119

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DFD9 3 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:29:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DFD9 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DFD9 0
0 46ms
44ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNKiKlHI0XZ_y1Lv4pE3HDx3Jyambf0cR6gaQjZ7uH6Gu8vX0jOYYzkpWWppj6nejIHtdWOTq9KJgvN3Z0kB5CntEfkg
Requested by: Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFD9 202 KB
64 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:10 GMT

GET
H3 200 container.html Show response
0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B05 6 KB
3 KB 37ms
35ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:10 GMT
expires: Thu, 21 Nov 2024 03:14:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D39F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjHSqDyZPaVG7o-Gf6XIAs&google_cver=1

43 B
764 B

52ms
48ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjHSqDyZPaVG7o-Gf6XIAs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDMv5e-BRifw_77ATAB&v=APEucNXojBCu06aZTFLs664Qm3qcYKzO_xtmYh5Qb2Ns7lOxEaeO5EQja3DnpfqY9_GaMBsmMPBILGGWuE6dL5DaFEnGsnAUGDsSEf5ikVu0zAbzRyKJlsOdNMj_m91eazS8l3MhHAEtu34o62tKDDMMVhi5uD8WPM1tUCrC6WlUFnfBkkBeLss
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8RbTY9ONkGkaG1LCrd40DAscRV8r5ptapV3wvBVGOT5x9P8mgHAVTejUhrDVUklI1OAKYLRmm7yG6te0uk94YTl5Z7Us8JBXZgzc3eXOmEZB%2Fde9carHXGyD42lDpIRVPaMedcpfdbeng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829e0034bcf33689-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjHSqDyZPaVG7o-Gf6XIAs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D39F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV1yA7myFZqoipqncjd4NQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjHSqDyZPaVG7o-Gf6XIAs&google_cver=1

43 B
731 B

41ms
40ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjHSqDyZPaVG7o-Gf6XIAs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDMv5e-BRifw_77ATAB&v=APEucNXojBCu06aZTFLs664Qm3qcYKzO_xtmYh5Qb2Ns7lOxEaeO5EQja3DnpfqY9_GaMBsmMPBILGGWuE6dL5DaFEnGsnAUGDsSEf5ikVu0zAbzRyKJlsOdNMj_m91eazS8l3MhHAEtu34o62tKDDMMVhi5uD8WPM1tUCrC6WlUFnfBkkBeLss
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7qjrLVKUqXmzPYL3HK5jHYiMdGNBx9nUJgNGXw4i0tjqoB%2FSsfAdSGD8iOlFShopxQn9UO7tAcSGJ5O1FuMgNcaCTGEBFRRuetUE0tEbJ04rIPJm5Pcr%2B9bxNTLMGh3aXheXYJiWghnxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829e00351d223689-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEjHSqDyZPaVG7o-Gf6XIAs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D39F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI9Bywqt1JBKbXWYNa12IXQ&google_cver=1

43 B
840 B

42ms
34ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI9Bywqt1JBKbXWYNa12IXQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhDMv5e-BRifw_77ATAB&v=APEucNXojBCu06aZTFLs664Qm3qcYKzO_xtmYh5Qb2Ns7lOxEaeO5EQja3DnpfqY9_GaMBsmMPBILGGWuE6dL5DaFEnGsnAUGDsSEf5ikVu0zAbzRyKJlsOdNMj_m91eazS8l3MhHAEtu34o62tKDDMMVhi5uD8WPM1tUCrC6WlUFnfBkkBeLss

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
an-x-request-uuid: 85cee21a-da5d-407a-80d5-66f96ecc97ef
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.23; 217.114.218.23; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI9Bywqt1JBKbXWYNa12IXQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D39F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgwMTYzMjQ0ODY0NDkwMTM0Mg%3D%3D

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgwMTYzMjQ0ODY0NDkwMTM0Mg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
an-x-request-uuid: 02ef0e6c-d9be-4375-b29a-993a1d427698
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgwMTYzMjQ0ODY0NDkwMTM0Mg%3D%3D
x-proxy-origin: 217.114.218.23; 217.114.218.23; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F4F8 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700622850269&bpp=217&bdt=217&idt=364&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&is_amp=1&correlator=2205&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575605023&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079605%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285%2C44809053%2C31079698&oid=2&pvsid=3840382749125815&tmod=1831003793&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b4q560hq2e96&fsb=1&dtd=379

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:29:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F4F8 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F4F8 0
0 32ms
31ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRowIsXxpMCqBDVExxNfmSNtaCTqVrNS56BAr0Du_zkx78lp9UwMgM8NECPt8Uj-AH-dKKaE0RLoMfZfdj3tg4O5TsI0A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700622850269&bpp=217&bdt=217&idt=364&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&is_amp=1&correlator=2205&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575605023&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079605%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285%2C44809053%2C31079698&oid=2&pvsid=3840382749125815&tmod=1831003793&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b4q560hq2e96&fsb=1&dtd=379
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4F8 202 KB
64 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:11 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFD9 0
20 B 190ms
190ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3604607394347&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFD9 0
20 B 188ms
187ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3604607394347&version=m202309260101&ct=119&x=1&cor=1874402642365037300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DFD9 90 KB
37 KB 174ms
173ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CftiFIrqfZbGNSavY4KEW1ZK1QpRtycPrUdR0ar5siLAvtM8w42XtW5jxy_m3m1jXE5xz-h1XClCp6BJQBXLKVgqglDfMF8gvPpvZkTCY2u8n2Rne0zNFLs5OgsJAIG5FC8D23bt5ZbSk9JCKTEm95R2opM8xz3-FgRNGMLojbvvXmZak&cry=1&dbm_d=AKAmf-B77-eJpA3H1Ti62aoVxTnjXemRPtzxYNAgzORHBjj2wdg6H5lqU2_NgRcbSI5VzO6SFgM6Qw9cTcX0KBNWPCBdXZn7YCtdj0YucgVQrlWJraxLud4NtPI2nuKerUo4ULBQUw5Y5vrdliFT6Rmiajdxpkxe2DAqbB4s5T77sSoMmldDQ_jfqOO41-vhb07pWmcRO6mfElTFGRmidJFza8uMlenctoRbzuObHwj3118_3kiCcV7Nf-hL1ZhPkWHzUIYTTwYTCdddDW0bN4ZoRbhBgHYFsF5GqDOsIRgVzO1awJgW7ubpVvCFCaJn4Mu0R14DLFyV6t8R1X-7EC3VbOmbxxBQ3en6kNTuOUbLKvfm5KEmONBKOawopb6ifL4a75w4Zryi4arBHmo_4NYXXEnIJz8e6zE_9JL1t_5OOhDzAy4Np9l9-nyeqeVM95pHURHdVHPmePYbrSHsDpDfxCYQM96g3Xi-G6dRpL8AnZERJ2q6ZHkTfz1Zfh1UGkTvoTHjPrSbJ3K33n6evvakLcaKGt8qsBJaqEwi1Ni5VD7pLIt-t09U6qPPiZL0mKgdOKpbJrH69MQPXtRA9uIWFk9HsxugeFziglEJFYal-uQsSnSQ-0ddEX70-JvkUU1SW3RZENiJSohKSEzalAZaBcU63reRxggv3bfkeXzKAXP4myBdjwt74kHHDZp29d20UBxlvD0Z8iW8JpbP_ykCHMkOycbU5xBa-b2vLijAsA1UkNNHORi8BhNaLphh5hA2AdRX9IXgtk3707hEb5mvyxXPayPSgRSZmiBm_dI-MObluinEoIsJ8D0ATW3w5TYs-nAaSoDrZldSlfnHAA89xdualnhbvfRhh_XpTiimcXF-4-plJeukz6rEewNXXWkTPyQk4NHxjVKU0Sjj1yh_EODYb2JF8dgsm9EoUpJVOo1NmfndFGxI4IdgVhSAlsuwjlddjzqK_I8ipnSWg-Aoy95jMpKoheHaMMWc7w_SeEL6SBqZAJ97qNahGc9SXicOzqCJ3zXwdGxPIP9COk_zBtc1hL5d0sFo0h4K7PFiVbtAJZYLQKbcSHMoCwfupqGmCpiOneOPCVahqHgLZAup8Da7PlrSQwTryEU6DvtNGp5-SxzpHb1ExQNbuvZPZfNS6eFVpSEm5MJHoF91ScgG0QW4TOsv7yKsFloMA0ykaWvymjt9het521DGVI5CfDYp0jclU3HgUzF_qbRKks1h9scTu6MUdoqSV_-mX98guOakpQH1R6kHgvzlyt6JGH8aRAVGSzRJMT1su6o7zX21oXzEzxQHXqv5urrTRAmRAAm5k299kMOfBmFe783eFUD_LKT0b0zKlvEgMAO7LAT0UworHs82E2xR1PP7EcmBuxJhHqiHZ3NzfbO64w74HVJd8CAPmn2zmsEfqFG3WHS3oHhCuWax5aTZx0Y2PKIAOiFW1t0qG-lqf2oQnZ72VBYBfe6KHTfoJbJqKrLwo87GdVXsbU4m5_atjGTuA96D4ndQssxIKWjwHZPw1sVmBzJjYQl8rIB45iSGaKozIfVX7m0UtflcO4EOUraXbPaAsnRZEbFcpFVB4RrEwVQ6oC4nx_sOVx6RPYdgZ59qFCeofMnEkbJ8jXltOb32SiKlahLc2qR8Y_WtjZblYYGVHQJcbjoYZp4xertRDrbFu8J9jIHAwX_EnSq72lxTjekTnevbLF3GEO8UM5w1JDf3odRJdGgbTdlQmuQ1L-Pc4zdXQVsRydBkQt2yiRfqANy22LaYaLULsX7rqCBSfMNWfnJ_Mr6xEzkfNSxZlpidn1NtYwAx-5sRW1NknFpF70e0QhCSio4QUqtgqNdMfCdoKDMcu4ircGpGHKPGFeMiM6ppv-O8fv1AE62WJgPP2SiBIms10qn-w9xPvcCheVzG-mUof0LWRkcmpUGkWMNcbysWb2DIgefI6UmVjRKbQb_jjSgxCXn7IlrS2pT2CvtUI58Q-GTZJhe-tydoVEtgRhb99fHWGIJIuYlIevr8zdma6oXe2ehuS-kLTxVBCDPWGJw1hAzc2bivhzqa7BCfxnkxM0Ki-3SiO_cWN43ShbIjs0EcR-0d4bxaOTfJ_DG4QEc_Moseuv6yRf4pdqFMLR1AhstDKJbs6wOZ1ZRHGOwDPkXGw64FP2U7XVO_7w5_en3fLX1Msr0HBsk0JGnQyBEq0pLU5r1QyIlv4igVn-POfmxoJ95NKwwQpCN7W2kgV1ZADx0RK7WFHq5U3WwGH8ZYff3AaPD7ytTvqzphdfhWVjdAmiMhc6XvYoYXBomq5yD7YKvFhn4zdqa2ug5C10NJ0slNSfs3bB3qN31lP87fZnB00aNaUKGycC-oXIYRLjyDoW30Z8cVn2E3gEJJOvtdn4Xbymm0f7b8o216AslvgQ1SlruwTl7DFSlv474_xsa_iN5ZtrryHBCjaP9eFWQ0QjIytbJXqubeTYPtN0nuaB4glBP3Zdv1QMn9oR44MLj0-FTkF8Irll8tbydNlYE5HGz1HonDthgOkvRYUprOIMOcLOud-ha2O_4HN39YtRS8FfU1F-XmHwMfMxbcZBmBNr2iqYDe-xhvgoXKtP10Yf2k-y9E7P4laUBUtsPmcjbuhqAeEXLZrhwIAZxPiI0hjYqVwKS2UlkXLzzff0HdDu4XoH92g6_1DQDal5vwdj9KrCEpJbNaFyK_eg_vnJ8gSOOUivYxGgl4lGtBwIiKMV8GkFpDXfrPiV425TyDSYRXr-as0bUkxPRvclzB_wiC2XQBXyBfjObjpjzHQrVtaGBXwTdtO1oz3KeuNyIeugtD4st2jdmxJkgc1LhrrxlAGSaIzj6vCYjKqNi2MR7a5qe7H7azJwhLwi7J9NwM3FJ87kfw51S9m2aUZYkjN51FXl6bA53yZ4ZPrRNMiZCJlLkuTTY0M9LYyaEe_WJ4WzhFbh-f-PcZXMpbD08WniUR0LghQbErLNBZXDgRjRIOA8OYhVKsyeumOR0uJuNGbKBk1efDxTkNbd4Oex31GDD9dhxxd3WMa7UzywTGn_chAZihZYTtYRFPHDqR5vhGhXZ0SewVfPj4Gk8K2gjKQeU1Pp2C2X8phBOjc-mzeZaExdi1mIBSVmGivPr4YHwDQw9kte1oikWuEZKHTiqqJgL7UPWPH-8b-E77U8hH66RPJPFEdMoB-BkTSXx-ylUD0qQlA-3_HGzv7W-tFU5zdNMPpIq0JYNEYMTNBiuk_9-UgrPF5Y-U0VGM1lC39EkUHBnWwFqZqIAX06XLEl6R6mG0BNpU4n6ePXMRJi1khLDi8ShZHoF6kPHBP4ll2V0Pint1vhkLSMuxQvW-yU-3JVCKF3CWJ69j7_rL7XJiaeNIX4eOTT7Y7N3bViAhp1O66KdJf_B-LVKKyJ8bIKw6DbczdpXZ0mJUMDwZXtpg8MXAU7FCLMtkgIgQXPkP9OM7Hi_aRrPaDioYDjznt1v49K29xlR248cyM3uhTXFSwi1QTu2r5VD9R9HfuX64NDMggOj6H2S1mId0_KWnUsr2wcxy7R4nnFhenojzLVk2XlgOyAcwx053jr65EpqXVY_S5SBx3njSmtpo9dgl0W4Yc7TQrsq8krsrC3OsGpzmSKihk5mZ6brjpO_Onq-3uaeX_i7zUGYE048mkUF-mTX865VJyT08vAhJ-wb9Zi3HciVQF75LwCSw6soCe6gOBfYRLgLsmWg44830VuxAXKq1L7x_w8L_woFULWE-zlqN3h6ouAH9rqo795EfIB4Zyizc50VrRTy9eLUDOpZ8aSTLY24HTzBz-KQz5K8tNgq__Kn7hzxRx-bP48TPzWsE4GNhwRsNgDv43KMxbYo_aATWuZl5RKHSkHsUuQuO32xdakfpDFDKdtdFbIGSAuOgf89_fRVBNCrKOb3j3_yAeI1jz-WwAq9cehGPt8sJ37AW-nmvBb_Xd6KNGus&cid=CAQSKQDICaaN8gycL-7dkFKiciYB-s5bvOPP10wNUrUXSqAbRQZ1fqRXvGHnGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=1874402642365037300&adk=2789206706&idt=59&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cb866edd013587dddc6140975c99e16467cc693cdf2011726ed3ea85e34318a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38220
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EEDF 0
0 169ms
169ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=1001667210739326&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame CF91 2 KB
3 KB 260ms
50ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1katnhvg2b498aesp0z3kv3dx6656j0skcszrgpqqtk3j2mgwhy9868tadwsg5rgs1apafh4cbz9es61ebkyem2wc58wgqmeec0hy3mn73vccxbhe6rcaprr18kg1qy6w8tzjrt0d3rh7y00zjxdfj844e9kwc5w7j4310fa1p28wdzx5v7dbynqt4mdaqr6jtxyvt8xz9dkya5ey2abqvy03w2qe0wxrrfmhb8gg4v0cbc7sn49av9k1tb8rthc67tp3qe84db9p6cx5ee05t70g40rcqmsj0qdknrzxyk1dbgn0vp8w8n4e3sq6v8wzavtsdf3tcfht2fk8vgye2dg1egagxwf38xwqxze2tvx18fhd9exk5tvcgwa779nr2x65g16pmdbgs30q6wn6ccwbkfv2avx6ak19ezebjpme3kw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4275ea022a0e90532f54dc4404924799572718262aeb639849354587f51a95a4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 829e00344d131c1c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:11 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9FAE 1 KB
643 B 156ms
155ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6F40 640 B
262 B 161ms
160ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYlqfW_QEwAQ&v=APEucNVNTu1HjVsV6B4T6jzdNv3nAKDHJ3GT2cumCZAOyhoDXglGy5CP0js3DqFobFHAuzmYpH4t3sHQ5z991o0LgycEgO0ZawSOSJ1MZmUikaTcGUfnta0tSKZazjEvOpIYjCql1DQd72-Sq_iUh4DtDJDo8V9hDlokyp793HxHpsWCCpADLP8

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1B05 172 KB
61 KB 207ms
24ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
Origin: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 07:58:52 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 1B05 7 KB
3 KB 150ms
150ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 14:44:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1B05 23 KB
9 KB 146ms
146ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:58:47 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B05 41 KB
14 KB 138ms
137ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 07:58:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1B05 3 KB
1 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:29:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FA31 1 KB
643 B 138ms
138ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1B05 20 KB
8 KB 137ms
136ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:09:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B05 42 B
63 B 153ms
153ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CKWycDBUcVzdfwHbl7Qx0hMwUg_-i4CFYOjsdtAnF0aDr-d_AMc7Y2pv3RX0jmKnhXoBuezt8yj0tqPEP1W_menP5Z5Fm-SgDcfUGyGsN3wEUxr2E

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1B05 0
0 144ms
143ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaCF_KcLylNQEsvTRe_KFHM0fC8sw5cmdPJ6kPSIDT8AXTxO_mazxq3UcKpEsfgeB7WF44OOFBtq7wu4RoqVSpHX3LLg
Requested by: Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B05 202 KB
64 KB 150ms
149ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 03:14:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ED2B 0
10 B 103ms
99ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?V2bwwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7536 0
10 B 89ms
88ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cb8RdA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6F40
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDJ-KKiXIaY1hdQTPDUfbP8&google_cver=1

43 B
264 B

44ms
38ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDJ-KKiXIaY1hdQTPDUfbP8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYlqfW_QEwAQ&v=APEucNVNTu1HjVsV6B4T6jzdNv3nAKDHJ3GT2cumCZAOyhoDXglGy5CP0js3DqFobFHAuzmYpH4t3sHQ5z991o0LgycEgO0ZawSOSJ1MZmUikaTcGUfnta0tSKZazjEvOpIYjCql1DQd72-Sq_iUh4DtDJDo8V9hDlokyp793HxHpsWCCpADLP8
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDJ-KKiXIaY1hdQTPDUfbP8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 6F40 43 B
136 B 117ms
39ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYlqfW_QEwAQ&v=APEucNVNTu1HjVsV6B4T6jzdNv3nAKDHJ3GT2cumCZAOyhoDXglGy5CP0js3DqFobFHAuzmYpH4t3sHQ5z991o0LgycEgO0ZawSOSJ1MZmUikaTcGUfnta0tSKZazjEvOpIYjCql1DQd72-Sq_iUh4DtDJDo8V9hDlokyp793HxHpsWCCpADLP8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 6F40
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKp38EivDHvOV9o-YIf9geI&google_cver=1

23 B
163 B

95ms
49ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKp38EivDHvOV9o-YIf9geI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYlqfW_QEwAQ&v=APEucNVNTu1HjVsV6B4T6jzdNv3nAKDHJ3GT2cumCZAOyhoDXglGy5CP0js3DqFobFHAuzmYpH4t3sHQ5z991o0LgycEgO0ZawSOSJ1MZmUikaTcGUfnta0tSKZazjEvOpIYjCql1DQd72-Sq_iUh4DtDJDo8V9hDlokyp793HxHpsWCCpADLP8
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 03:14:11 GMT
pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEKp38EivDHvOV9o-YIf9geI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6F40 23 B
163 B 158ms
50ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYlqfW_QEwAQ&v=APEucNVNTu1HjVsV6B4T6jzdNv3nAKDHJ3GT2cumCZAOyhoDXglGy5CP0js3DqFobFHAuzmYpH4t3sHQ5z991o0LgycEgO0ZawSOSJ1MZmUikaTcGUfnta0tSKZazjEvOpIYjCql1DQd72-Sq_iUh4DtDJDo8V9hDlokyp793HxHpsWCCpADLP8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 03:14:11 GMT
pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9FAE
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1&google_push=AXcoOmRoE5109XuARE6lVSSMkvKNf01XTYDYkorA29-dB7fF56B6jUWjGQlhER9jPk9mCpRuX8A5PQbM2bKt-JPrTveamkCyFxI
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODAxMjc2OTAwNjkyOTU5NjA5Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1

43 B
398 B

61ms
30ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700622850269&bpp=217&bdt=217&idt=364&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&is_amp=1&correlator=2205&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575605023&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079605%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285%2C44809053%2C31079698&oid=2&pvsid=3840382749125815&tmod=1831003793&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b4q560hq2e96&fsb=1&dtd=379
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Nov 2023 03:14:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 9FAE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOElMZY8jYu4-6xPokZadL8&google_cver=1&google_push=AXcoOmTigz3aeD0GsbPwH_HVo9t18GmHM7-IQZU2-k5RqEGoEbcChrC-0H3wSAAQMxrBfSeYvsYBf9P-cz6hVySw3b5wV5iylRo&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOElMZY8jYu4-6xPokZadL8&google_cver=1&google_push=AXcoOmTigz3aeD0GsbPwH_HVo9t18GmHM7-IQZU2-k5RqEGoEbcChrC-0H3wSAAQMxrBfSeYvsYBf9P-cz6hVySw3b5wV5iylRo...

43 B
424 B

198ms
182ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOElMZY8jYu4-6xPokZadL8&google_cver=1&google_push=AXcoOmTigz3aeD0GsbPwH_HVo9t18GmHM7-IQZU2-k5RqEGoEbcChrC-0H3wSAAQMxrBfSeYvsYBf9P-cz6hVySw3b5wV5iylRo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTigz3aeD0GsbPwH_HVo9t18GmHM7-IQZU2-k5RqEGoEbcChrC-0H3wSAAQMxrBfSeYvsYBf9P-cz6hVySw3b5wV5iylRo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700622850269&bpp=217&bdt=217&idt=364&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&is_amp=1&correlator=2205&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575605023&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079605%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285%2C44809053%2C31079698&oid=2&pvsid=3840382749125815&tmod=1831003793&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b4q560hq2e96&fsb=1&dtd=379
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829e003669ce5cb0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3835
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOElMZY8jYu4-6xPokZadL8&google_cver=1&google_push=AXcoOmTigz3aeD0GsbPwH_HVo9t18GmHM7-IQZU2-k5RqEGoEbcChrC-0H3wSAAQMxrBfSeYvsYBf9P-cz6hVySw3b5wV5iylRo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTigz3aeD0GsbPwH_HVo9t18GmHM7-IQZU2-k5RqEGoEbcChrC-0H3wSAAQMxrBfSeYvsYBf9P-cz6hVySw3b5wV5iylRo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829e003509285cb0-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9FAE 70 B
149 B 180ms
51ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFlmjcRUbkH1lAQ1Ltlm8_8&google_cver=1&google_push=AXcoOmRs00oZXu2Xf4rHoDE_dnprt43eucZqSIRbcWjXe99gXasihf_mShBAjEbhuYwKg_DcJNw5FmYkxOhHgWtbXQCLx5lOCfs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700622850269&bpp=217&bdt=217&idt=364&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&is_amp=1&correlator=2205&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575605023&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079605%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285%2C44809053%2C31079698&oid=2&pvsid=3840382749125815&tmod=1831003793&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b4q560hq2e96&fsb=1&dtd=379
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FAE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIubKaFyk2HCRRkdMKXmlAw&google_cver=1&google_push=AXcoOmQ6noYT5PjhaeC_LA-sjDEG6k4naNurmYbWZRDdgN2Rx4P5WbpIrxIvNKDFdHBC1W3kb4X-P_e6...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIubKaFyk2HCRRkdMKXmlAw&google_cver=1&google_push=AXcoOmQ6noYT5PjhaeC_LA-sjDEG6k4naNurmYbWZRDdgN2Rx4P5WbpIrxIvNKDFdHBC1W3kb4X...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY3MTQ3OTI2NDEyNTQ1MTQ2&google_push=AXcoOmQ6noYT5PjhaeC_LA-sjDEG6k4naNurmYbWZRDdgN2Rx4P5WbpIrxIvNKDFdHBC1W3kb4X-P_e6...

170 B
188 B

41ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY3MTQ3OTI2NDEyNTQ1MTQ2&google_push=AXcoOmQ6noYT5PjhaeC_LA-sjDEG6k4naNurmYbWZRDdgN2Rx4P5WbpIrxIvNKDFdHBC1W3kb4X-P_e6a2DFPAEsXumIUdubWg

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY3MTQ3OTI2NDEyNTQ1MTQ2&google_push=AXcoOmQ6noYT5PjhaeC_LA-sjDEG6k4naNurmYbWZRDdgN2Rx4P5WbpIrxIvNKDFdHBC1W3kb4X-P_e6a2DFPAEsXumIUdubWg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FAE
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJGdtAoEJzHg2YdrWy90doc&google_cver=1&google_push=AXcoOmTgY4EKzUtd9YNHC9j44LSdKwR2r3vqyv2uP4MZTsHC-MGYx7IwYsg32d10aKY2qgJGCEylg8QWcjSj...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTgY4EKzUtd9YNHC9j44LSdKwR2r3vqyv2uP4MZTsHC-MGYx7IwYsg32d10aKY2qgJGCEylg8QWcjSjraSNPTmXXBbMBUk

170 B
188 B

60ms
54ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTgY4EKzUtd9YNHC9j44LSdKwR2r3vqyv2uP4MZTsHC-MGYx7IwYsg32d10aKY2qgJGCEylg8QWcjSjraSNPTmXXBbMBUk

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTgY4EKzUtd9YNHC9j44LSdKwR2r3vqyv2uP4MZTsHC-MGYx7IwYsg32d10aKY2qgJGCEylg8QWcjSjraSNPTmXXBbMBUk
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 9FAE
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK-OR_FzWjPl...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQoZHkYwXHX_rDRgT4-6euSdSOROviq3Mm_bYjwkyW8bMEAg9ys8dvABY--Rh2begMM7j67PmmgtpCgROLwU9HGlX-t6_M0
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

47ms
45ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700622850269&bpp=217&bdt=217&idt=364&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&is_amp=1&correlator=2205&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575605023&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079605%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285%2C44809053%2C31079698&oid=2&pvsid=3840382749125815&tmod=1831003793&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b4q560hq2e96&fsb=1&dtd=379
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 03:14:11 GMT
pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FAE
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ce8b0e6e-190e-4737-b9f9-beee787f3825&google_cver=1&google_gid=CAESEDTEPReTDmytHrP8ob4Yi9g&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

46ms
36ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ce8b0e6e-190e-4737-b9f9-beee787f3825&google_cver=1&google_gid=CAESEDTEPReTDmytHrP8ob4Yi9g&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRCxpdQF2ly51_KqDZomRBTmqEXx_QWweBhcvwDgagnZEHZF6-iEGJVu8oYsiB1kIKZwV2steESgim8zi_7gvk2sZzjxX_Q&gdpr=${GDPR}

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ce8b0e6e-190e-4737-b9f9-beee787f3825&google_cver=1&google_gid=CAESEDTEPReTDmytHrP8ob4Yi9g&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRCxpdQF2ly51_KqDZomRBTmqEXx_QWweBhcvwDgagnZEHZF6-iEGJVu8oYsiB1kIKZwV2steESgim8zi_7gvk2sZzjxX_Q&gdpr=${GDPR}
date: Wed, 22 Nov 2023 03:14:11 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9FAE 0
59 B 51ms
31ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INR42ohP0TnyqPJndSluERWXD_wTD2DaHN4nbZL_UWqFRtkyTAppG57w6ml5nZw1LV_qQWzZY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DFD9 111 KB
39 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
Origin: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 07:40:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame DFD9 11 KB
4 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CftiFIrqfZbGNSavY4KEW1ZK1QpRtycPrUdR0ar5siLAvtM8w42XtW5jxy_m3m1jXE5xz-h1XClCp6BJQBXLKVgqglDfMF8gvPpvZkTCY2u8n2Rne0zNFLs5OgsJAIG5FC8D23bt5ZbSk9JCKTEm95R2opM8xz3-FgRNGMLojbvvXmZak&cry=1&dbm_d=AKAmf-B77-eJpA3H1Ti62aoVxTnjXemRPtzxYNAgzORHBjj2wdg6H5lqU2_NgRcbSI5VzO6SFgM6Qw9cTcX0KBNWPCBdXZn7YCtdj0YucgVQrlWJraxLud4NtPI2nuKerUo4ULBQUw5Y5vrdliFT6Rmiajdxpkxe2DAqbB4s5T77sSoMmldDQ_jfqOO41-vhb07pWmcRO6mfElTFGRmidJFza8uMlenctoRbzuObHwj3118_3kiCcV7Nf-hL1ZhPkWHzUIYTTwYTCdddDW0bN4ZoRbhBgHYFsF5GqDOsIRgVzO1awJgW7ubpVvCFCaJn4Mu0R14DLFyV6t8R1X-7EC3VbOmbxxBQ3en6kNTuOUbLKvfm5KEmONBKOawopb6ifL4a75w4Zryi4arBHmo_4NYXXEnIJz8e6zE_9JL1t_5OOhDzAy4Np9l9-nyeqeVM95pHURHdVHPmePYbrSHsDpDfxCYQM96g3Xi-G6dRpL8AnZERJ2q6ZHkTfz1Zfh1UGkTvoTHjPrSbJ3K33n6evvakLcaKGt8qsBJaqEwi1Ni5VD7pLIt-t09U6qPPiZL0mKgdOKpbJrH69MQPXtRA9uIWFk9HsxugeFziglEJFYal-uQsSnSQ-0ddEX70-JvkUU1SW3RZENiJSohKSEzalAZaBcU63reRxggv3bfkeXzKAXP4myBdjwt74kHHDZp29d20UBxlvD0Z8iW8JpbP_ykCHMkOycbU5xBa-b2vLijAsA1UkNNHORi8BhNaLphh5hA2AdRX9IXgtk3707hEb5mvyxXPayPSgRSZmiBm_dI-MObluinEoIsJ8D0ATW3w5TYs-nAaSoDrZldSlfnHAA89xdualnhbvfRhh_XpTiimcXF-4-plJeukz6rEewNXXWkTPyQk4NHxjVKU0Sjj1yh_EODYb2JF8dgsm9EoUpJVOo1NmfndFGxI4IdgVhSAlsuwjlddjzqK_I8ipnSWg-Aoy95jMpKoheHaMMWc7w_SeEL6SBqZAJ97qNahGc9SXicOzqCJ3zXwdGxPIP9COk_zBtc1hL5d0sFo0h4K7PFiVbtAJZYLQKbcSHMoCwfupqGmCpiOneOPCVahqHgLZAup8Da7PlrSQwTryEU6DvtNGp5-SxzpHb1ExQNbuvZPZfNS6eFVpSEm5MJHoF91ScgG0QW4TOsv7yKsFloMA0ykaWvymjt9het521DGVI5CfDYp0jclU3HgUzF_qbRKks1h9scTu6MUdoqSV_-mX98guOakpQH1R6kHgvzlyt6JGH8aRAVGSzRJMT1su6o7zX21oXzEzxQHXqv5urrTRAmRAAm5k299kMOfBmFe783eFUD_LKT0b0zKlvEgMAO7LAT0UworHs82E2xR1PP7EcmBuxJhHqiHZ3NzfbO64w74HVJd8CAPmn2zmsEfqFG3WHS3oHhCuWax5aTZx0Y2PKIAOiFW1t0qG-lqf2oQnZ72VBYBfe6KHTfoJbJqKrLwo87GdVXsbU4m5_atjGTuA96D4ndQssxIKWjwHZPw1sVmBzJjYQl8rIB45iSGaKozIfVX7m0UtflcO4EOUraXbPaAsnRZEbFcpFVB4RrEwVQ6oC4nx_sOVx6RPYdgZ59qFCeofMnEkbJ8jXltOb32SiKlahLc2qR8Y_WtjZblYYGVHQJcbjoYZp4xertRDrbFu8J9jIHAwX_EnSq72lxTjekTnevbLF3GEO8UM5w1JDf3odRJdGgbTdlQmuQ1L-Pc4zdXQVsRydBkQt2yiRfqANy22LaYaLULsX7rqCBSfMNWfnJ_Mr6xEzkfNSxZlpidn1NtYwAx-5sRW1NknFpF70e0QhCSio4QUqtgqNdMfCdoKDMcu4ircGpGHKPGFeMiM6ppv-O8fv1AE62WJgPP2SiBIms10qn-w9xPvcCheVzG-mUof0LWRkcmpUGkWMNcbysWb2DIgefI6UmVjRKbQb_jjSgxCXn7IlrS2pT2CvtUI58Q-GTZJhe-tydoVEtgRhb99fHWGIJIuYlIevr8zdma6oXe2ehuS-kLTxVBCDPWGJw1hAzc2bivhzqa7BCfxnkxM0Ki-3SiO_cWN43ShbIjs0EcR-0d4bxaOTfJ_DG4QEc_Moseuv6yRf4pdqFMLR1AhstDKJbs6wOZ1ZRHGOwDPkXGw64FP2U7XVO_7w5_en3fLX1Msr0HBsk0JGnQyBEq0pLU5r1QyIlv4igVn-POfmxoJ95NKwwQpCN7W2kgV1ZADx0RK7WFHq5U3WwGH8ZYff3AaPD7ytTvqzphdfhWVjdAmiMhc6XvYoYXBomq5yD7YKvFhn4zdqa2ug5C10NJ0slNSfs3bB3qN31lP87fZnB00aNaUKGycC-oXIYRLjyDoW30Z8cVn2E3gEJJOvtdn4Xbymm0f7b8o216AslvgQ1SlruwTl7DFSlv474_xsa_iN5ZtrryHBCjaP9eFWQ0QjIytbJXqubeTYPtN0nuaB4glBP3Zdv1QMn9oR44MLj0-FTkF8Irll8tbydNlYE5HGz1HonDthgOkvRYUprOIMOcLOud-ha2O_4HN39YtRS8FfU1F-XmHwMfMxbcZBmBNr2iqYDe-xhvgoXKtP10Yf2k-y9E7P4laUBUtsPmcjbuhqAeEXLZrhwIAZxPiI0hjYqVwKS2UlkXLzzff0HdDu4XoH92g6_1DQDal5vwdj9KrCEpJbNaFyK_eg_vnJ8gSOOUivYxGgl4lGtBwIiKMV8GkFpDXfrPiV425TyDSYRXr-as0bUkxPRvclzB_wiC2XQBXyBfjObjpjzHQrVtaGBXwTdtO1oz3KeuNyIeugtD4st2jdmxJkgc1LhrrxlAGSaIzj6vCYjKqNi2MR7a5qe7H7azJwhLwi7J9NwM3FJ87kfw51S9m2aUZYkjN51FXl6bA53yZ4ZPrRNMiZCJlLkuTTY0M9LYyaEe_WJ4WzhFbh-f-PcZXMpbD08WniUR0LghQbErLNBZXDgRjRIOA8OYhVKsyeumOR0uJuNGbKBk1efDxTkNbd4Oex31GDD9dhxxd3WMa7UzywTGn_chAZihZYTtYRFPHDqR5vhGhXZ0SewVfPj4Gk8K2gjKQeU1Pp2C2X8phBOjc-mzeZaExdi1mIBSVmGivPr4YHwDQw9kte1oikWuEZKHTiqqJgL7UPWPH-8b-E77U8hH66RPJPFEdMoB-BkTSXx-ylUD0qQlA-3_HGzv7W-tFU5zdNMPpIq0JYNEYMTNBiuk_9-UgrPF5Y-U0VGM1lC39EkUHBnWwFqZqIAX06XLEl6R6mG0BNpU4n6ePXMRJi1khLDi8ShZHoF6kPHBP4ll2V0Pint1vhkLSMuxQvW-yU-3JVCKF3CWJ69j7_rL7XJiaeNIX4eOTT7Y7N3bViAhp1O66KdJf_B-LVKKyJ8bIKw6DbczdpXZ0mJUMDwZXtpg8MXAU7FCLMtkgIgQXPkP9OM7Hi_aRrPaDioYDjznt1v49K29xlR248cyM3uhTXFSwi1QTu2r5VD9R9HfuX64NDMggOj6H2S1mId0_KWnUsr2wcxy7R4nnFhenojzLVk2XlgOyAcwx053jr65EpqXVY_S5SBx3njSmtpo9dgl0W4Yc7TQrsq8krsrC3OsGpzmSKihk5mZ6brjpO_Onq-3uaeX_i7zUGYE048mkUF-mTX865VJyT08vAhJ-wb9Zi3HciVQF75LwCSw6soCe6gOBfYRLgLsmWg44830VuxAXKq1L7x_w8L_woFULWE-zlqN3h6ouAH9rqo795EfIB4Zyizc50VrRTy9eLUDOpZ8aSTLY24HTzBz-KQz5K8tNgq__Kn7hzxRx-bP48TPzWsE4GNhwRsNgDv43KMxbYo_aATWuZl5RKHSkHsUuQuO32xdakfpDFDKdtdFbIGSAuOgf89_fRVBNCrKOb3j3_yAeI1jz-WwAq9cehGPt8sJ37AW-nmvBb_Xd6KNGus&cid=CAQSKQDICaaN8gycL-7dkFKiciYB-s5bvOPP10wNUrUXSqAbRQZ1fqRXvGHnGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=1874402642365037300&adk=2789206706&idt=59&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:35:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame DFD9 31 KB
12 KB 30ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 04:49:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DFD9 41 KB
14 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 07:58:52 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 017C 42 B
64 B 68ms
63ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst39M7U5tUDZxLHMb8Ebe4JlvnFHBLFZdpciGrSzb9rC9pWtVUy52c_Xw6FStNc82BU4rdsv2b6KXh1SoZUXnhLqiZnYGp5gPznTKhxzeROnKzVGWQd&sig=Cg0ArKJSzH3IcLdosEaCEAE&id=lidar2&mcvt=1029&p=0,0,90,728&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700622849971&rpt=270&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FE08 1 KB
643 B 51ms
36ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DFD9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e169efa6f519ec1722196985e5e6878b9992db71f3e293fe1eccdf26402704a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 507F 38 KB
13 KB 28ms
27ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 69319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 07:58:52 GMT
expires: Wed, 20 Nov 2024 07:58:52 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame CF91 115 KB
14 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1katnhvg2b498aesp0z3kv3dx6656j0skcszrgpqqtk3j2mgwhy9868tadwsg5rgs1apafh4cbz9es61ebkyem2wc58wgqmeec0hy3mn73vccxbhe6rcaprr18kg1qy6w8tzjrt0d3rh7y00zjxdfj844e9kwc5w7j4310fa1p28wdzx5v7dbynqt4mdaqr6jtxyvt8xz9dkya5ey2abqvy03w2qe0wxrrfmhb8gg4v0cbc7sn49av9k1tb8rthc67tp3qe84db9p6cx5ee05t70g40rcqmsj0qdknrzxyk1dbgn0vp8w8n4e3sq6v8wzavtsdf3tcfht2fk8vgye2dg1egagxwf38xwqxze2tvx18fhd9exk5tvcgwa779nr2x65g16pmdbgs30q6wn6ccwbkfv2avx6ak19ezebjpme3kw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1katnhvg2b498aesp0z3kv3dx6656j0skcszrgpqqtk3j2mgwhy9868tadwsg5rgs1apafh4cbz9es61ebkyem2wc58wgqmeec0hy3mn73vccxbhe6rcaprr18kg1qy6w8tzjrt0d3rh7y00zjxdfj844e9kwc5w7j4310fa1p28wdzx5v7dbynqt4mdaqr6jtxyvt8xz9dkya5ey2abqvy03w2qe0wxrrfmhb8gg4v0cbc7sn49av9k1tb8rthc67tp3qe84db9p6cx5ee05t70g40rcqmsj0qdknrzxyk1dbgn0vp8w8n4e3sq6v8wzavtsdf3tcfht2fk8vgye2dg1egagxwf38xwqxze2tvx18fhd9exk5tvcgwa779nr2x65g16pmdbgs30q6wn6ccwbkfv2avx6ak19ezebjpme3kw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 866977
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5d6svTTr%2BlJ2qqgyzGTyxka9SOS9D3PJQVVKvQjMGYgDbhdEmUa0Awu%2Bt9HULiBVyshBxvGt%2BfhAblxR%2Bpkmi098SeO4KsSWQ0n0R0uxhunoF0ow%2F5cCwdWZPXBUTbAPrHL4K6rG8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 829e00353d871c1c-FRA
expires: Thu, 23 Nov 2023 03:14:11 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame CF91 25 KB
10 KB 61ms
34ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1katnhvg2b498aesp0z3kv3dx6656j0skcszrgpqqtk3j2mgwhy9868tadwsg5rgs1apafh4cbz9es61ebkyem2wc58wgqmeec0hy3mn73vccxbhe6rcaprr18kg1qy6w8tzjrt0d3rh7y00zjxdfj844e9kwc5w7j4310fa1p28wdzx5v7dbynqt4mdaqr6jtxyvt8xz9dkya5ey2abqvy03w2qe0wxrrfmhb8gg4v0cbc7sn49av9k1tb8rthc67tp3qe84db9p6cx5ee05t70g40rcqmsj0qdknrzxyk1dbgn0vp8w8n4e3sq6v8wzavtsdf3tcfht2fk8vgye2dg1egagxwf38xwqxze2tvx18fhd9exk5tvcgwa779nr2x65g16pmdbgs30q6wn6ccwbkfv2avx6ak19ezebjpme3kw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 160374
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aou9nxXMpa2UQlnueFga%2BjJjImHz1pZfpDGAlW0fhv8%2FlAYZW%2BF4VVJjo7k9wbBMOsCZQGdlNtMqK9YJ7OfSGh0MkzNq0qqQ1RfxB4w4eoU2NpeRDhETnAPMK8o5ZBQM7pqF5vc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 829e00355d921c1c-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 Nov 2023 06:41:17 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame FA31 0
187 B 141ms
30ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEO-ipPlBL-b-WKNHvd6wtTM&google_cver=1&google_push=AXcoOmRHvRBo22tInxgYcyXZAXyuxOeWUbND5Lz_sucTyVT_IxihMlDzqImeyjHFanWqk6q8RJUe-bJ0M8D1CaloHoei7Qa4qA1D
Requested by: Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA31
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHzvwMlAjmUgCDMpydQYjZs&google_cver=1&google_push=AXcoOmQMzN3HPt1lmAHfH_BF-dIMrnI8E7wP9NEH9LWRe-aGkoDJraggJFfcyranSV4wR4XVuAhFv-Xi08bXtlXaY8n4Dmi...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQMzN3HPt1lmAHfH_BF-dIMrnI8E7wP9NEH9LWRe-aGkoDJraggJFfcyranSV4wR4XVuAhFv-Xi08bXtlXaY8n4DmiGLWgM&google_hm=eS1hOEpQQ0RsRTJwRi4yT3...

170 B
188 B

40ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQMzN3HPt1lmAHfH_BF-dIMrnI8E7wP9NEH9LWRe-aGkoDJraggJFfcyranSV4wR4XVuAhFv-Xi08bXtlXaY8n4DmiGLWgM&google_hm=eS1hOEpQQ0RsRTJwRi4yT3hMUWxtQ1ZLbDdweHRVRnlPNX5B

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 03:14:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQMzN3HPt1lmAHfH_BF-dIMrnI8E7wP9NEH9LWRe-aGkoDJraggJFfcyranSV4wR4XVuAhFv-Xi08bXtlXaY8n4DmiGLWgM&google_hm=eS1hOEpQQ0RsRTJwRi4yT3hMUWxtQ1ZLbDdweHRVRnlPNX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA31
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEClO8s-h7kt9bDGkfRTXmek&google_cver=1&google_push=AXcoOmSEdC4JaS9rocU8P3AYIEgMbu3xxrUD2mHoprsccX6mreBBKRBaHAZ_QMC7oSkSvITu-Ix-JHyiN_l-NzSHamUxHSs...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEClO8s-h7kt9bDGkfRTXmek&google_cver=1&google_push=AXcoOmSEdC4JaS9rocU8P3AYIEgMbu3xxrUD2mHoprsccX6mreBBKRBaHAZ_QMC7oSkSvITu-Ix-JHyiN_l-NzSHamUxH...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSEdC4JaS9rocU8P3AYIEgMbu3xxrUD2mHoprsccX6mreBBKRBaHAZ_QMC7oSkSvITu-Ix-JHyiN_l-NzSHamUxHSsTmjGN

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSEdC4JaS9rocU8P3AYIEgMbu3xxrUD2mHoprsccX6mreBBKRBaHAZ_QMC7oSkSvITu-Ix-JHyiN_l-NzSHamUxHSsTmjGN

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSEdC4JaS9rocU8P3AYIEgMbu3xxrUD2mHoprsccX6mreBBKRBaHAZ_QMC7oSkSvITu-Ix-JHyiN_l-NzSHamUxHSsTmjGN
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA31
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKVStA6N8rwZ6ykC1PBVNDs&google_cver=1&google_push=AXcoOmTQ_s1Qc_WWv7Lwf4zmT99XYS52hH4XZAhM-7hvzNmfKNMc1ZMtpo8D5pFOnEHgR5lYmtFOhVNKoWFWR4F-r...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKVStA6N8rwZ6ykC1PBVNDs&google_cver=1&google_push=AXcoOmTQ_s1Qc_WWv7Lwf4zmT99XYS52hH4XZAhM-7hvzNmfKNMc1ZMtpo8D5pFOnEHgR5lYmtFOhVNKoWFWR4F-r...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTQ_s1Qc_WWv7Lwf4zmT99XYS52hH4XZAhM-7hvzNmfKNMc1ZMtpo8D5pFOnEHgR5lYmtFOhVNKoWFWR4F-rc0JCy9x0j0&google_hm=HslivGZHXNd2mN0bRz6il7dv

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTQ_s1Qc_WWv7Lwf4zmT99XYS52hH4XZAhM-7hvzNmfKNMc1ZMtpo8D5pFOnEHgR5lYmtFOhVNKoWFWR4F-rc0JCy9x0j0&google_hm=HslivGZHXNd2mN0bRz6il7dv

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Nov 2023 03:14:11 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTQ_s1Qc_WWv7Lwf4zmT99XYS52hH4XZAhM-7hvzNmfKNMc1ZMtpo8D5pFOnEHgR5lYmtFOhVNKoWFWR4F-rc0JCy9x0j0&google_hm=HslivGZHXNd2mN0bRz6il7dv
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA31
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJGdtAoEJzHg2YdrWy90doc&google_cver=1&google_push=AXcoOmRUrKsE-kF57xFojoprU-mCVZL3TEjurTjgt0Ynx2DY3i7ipbrHiTXQXcBeRQyMa28EtCL1J-WM246I...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRUrKsE-kF57xFojoprU-mCVZL3TEjurTjgt0Ynx2DY3i7ipbrHiTXQXcBeRQyMa28EtCL1J-WM246IpeB2EPL8Ocm5gj82

170 B
188 B

38ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRUrKsE-kF57xFojoprU-mCVZL3TEjurTjgt0Ynx2DY3i7ipbrHiTXQXcBeRQyMa28EtCL1J-WM246IpeB2EPL8Ocm5gj82

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRUrKsE-kF57xFojoprU-mCVZL3TEjurTjgt0Ynx2DY3i7ipbrHiTXQXcBeRQyMa28EtCL1J-WM246IpeB2EPL8Ocm5gj82
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA31
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG_9-j9r9M-XONCgYlOTYn4&google_cver=1&google_push=AXcoOmQrkw0Ej1Bt4tKC9QssIAMyZVhLOqPdXPTOJExPutoDyi9VvTaXN8iaV3vU7XKlnTZJjO56RVo6ezdp9_ID0S3wdhC71ta2
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQrkw0Ej1Bt4tKC9QssIAMyZVhLOqPdXPTOJExPutoDyi9VvTaXN8iaV3vU7XKlnTZJjO56RVo6ezdp9_ID0S3wdhC71ta...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg1MDY3MjE0NzM2OTQ0NTM2ODQ3Mg%3D%3D&google_push=AXcoOmQrkw0Ej1Bt4tKC9QssIAMyZVhLOqPdXPTOJExPutoDyi9VvTaX...

170 B
188 B

46ms
43ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg1MDY3MjE0NzM2OTQ0NTM2ODQ3Mg%3D%3D&google_push=AXcoOmQrkw0Ej1Bt4tKC9QssIAMyZVhLOqPdXPTOJExPutoDyi9VvTaXN8iaV3vU7XKlnTZJjO56RVo6ezdp9_ID0S3wdhC71ta2

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg1MDY3MjE0NzM2OTQ0NTM2ODQ3Mg%3D%3D&google_push=AXcoOmQrkw0Ej1Bt4tKC9QssIAMyZVhLOqPdXPTOJExPutoDyi9VvTaXN8iaV3vU7XKlnTZJjO56RVo6ezdp9_ID0S3wdhC71ta2
date: Wed, 22 Nov 2023 03:14:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA31
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOUkqB6Mv-unyP-Z9ChT-iQ&google_cver=1&google_push=AXcoOmSerD1yXVOi7...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODgwMTYzMjQ0ODY0NDkwMTM0Mg%3D%3D&google_gid=CAESEOUkqB6Mv-unyP-Z9ChT-iQ&google_cver=1&google_push=AXcoOmSerD1yXVOi7VqW0sv6ApJeYvAWfR...

170 B
188 B

45ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODgwMTYzMjQ0ODY0NDkwMTM0Mg%3D%3D&google_gid=CAESEOUkqB6Mv-unyP-Z9ChT-iQ&google_cver=1&google_push=AXcoOmSerD1yXVOi7VqW0sv6ApJeYvAWfRCvw9FKFWzyAX5MUqhK2BseCULAEZ8f6zVDGuCzbGaQ4ESiv36gvrE2GXausxdE4xNq

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
an-x-request-uuid: 82103bf7-206b-4d84-990d-2b6f156742f9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODgwMTYzMjQ0ODY0NDkwMTM0Mg%3D%3D&google_gid=CAESEOUkqB6Mv-unyP-Z9ChT-iQ&google_cver=1&google_push=AXcoOmSerD1yXVOi7VqW0sv6ApJeYvAWfRCvw9FKFWzyAX5MUqhK2BseCULAEZ8f6zVDGuCzbGaQ4ESiv36gvrE2GXausxdE4xNq
x-proxy-origin: 217.114.218.23; 217.114.218.23; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FA31 0
12 B 51ms
50ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgoZOg5dRzGSKilNzQCM3L8Sq00NFhjFtPs6kAMa5_ba_Xqb6Qxk0qqY8WvYCx5beEKnoqhQ

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/223378114309701365/ Frame AD51 283 KB
45 KB 90ms
32ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/223378114309701365/index.html?e=69&leftOffset=0&topOffset=0&c=Y7M5bK5sap&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2567903727c1ca3da3f25c9f2c51be71e0a3649c95286c2eeaad843926d570b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:11 GMT
expires: Thu, 21 Nov 2024 03:14:11 GMT
last-modified: Sat, 18 Nov 2023 23:10:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1B05 0
0 159ms
62ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstmX7QxEGFiK7w8_so50T4rAoE0Vpc2TWTBVagxj4btEYZGIRCb1ZYhvr6rrI_AYLzKVXrYOPKSdfYzg2n5UibbnpzemZAsAYReGgBGDV0mr1suOwYq_zinrwTF4mE6t-Q8dvUdB-c6wCVloj6-5h_AwexZqKbNKPDggsfsS7F4834rqGZNf3CNax14B8xAa74hiS5_xQYuolwDhHGgrETOlgN3_iufLNno7QYjvgNLL5MVhA8LbRhsXZFv_VT5br2B3dWy9d_NAIdMjfCEWcnLOwUIwFiudrpFWj5sB4wpUSybL3ny_YLSGABUQZU7UV6je2BkDJO01tVo8ix9F1Yu2Q4jNrLdjutwEauBGFrRMlViRGJ3FMBzXIxfFqaAtV6bs4v0Jg6at5oMogqInIShi7skTl3LpwFfqfaCHSGMqWDg6qpD0ib3NCaUR9vYq1Ugm2rrJnI_4vCuKktXr8N19nyIUrq1geQ2n2c2g0NjTwhOKj_MbydOTLizX274SRyM0mR_JJ993BxPbSSTyE-18GX-iWhPt0muXClMyPKUsa28OQx_wf4-zMZv_Wd7HRNvgvLy4Hqr6xIrk_X5gge71TuUL8Xcd0yAQHHKRntMt8Yb5eoM8xxS03LXxw9KjvfnjuZp9eEGKvHPLQYkXsbMNmbSE0bxIDW9NA27eh1Mr9_gZ04d9tGL2E9MTv7J81cIEknULC_n4g-pERVeqgcjaowbYjYZQUAEPrytOVBlk66rq6VbfUjdaAESWY6C5wrVy3OACBK1tMT8K7fzvs2SKBj3zn55P-23FrtZ7T9jv5Ur94X1o6qVIfZ3TNJvngf9Na23sxX6RyHUIsJBqptOqTb35soB1gBlePz-jRn4i7P_IawIi4PTtJ6Ghd1g4Xsa8Feh4wPjS8sONqJvfBSMtKeILQvpRWGVLI7_t3i__o-jWYL-rgUC8WT0y407_byyAj32v29Z8E0SpJU01enavA-mSzC5OqWr6j-SxZhRjcAdNesAG4zYM4DQvSHnvc7Go9RwFzsHiB1ydNbCslamMT4f6rYBv_xOoENscDfRcVjbwCU1no1q-mT0pvPaqVWsWobgq-6iobHbBZQRcjEKCZYGy57IsGJ036FCXRxrtUDPyw2Tjy_X-t0jkt9BQHsq9loXCBU4p5XCt7KzpTHHqu59o022Yih6Gtn8TMJXYGhGnU4y5r3SloeLFY-O2xce8KrtUQ7XL_ri9oKTH0aFj7LZt1So08qMZG65bZaRphlFU77eWBKwihU35ADBh35JKlyW79M0nBgZmdGYQ9KVuDe110zdoT5OHr2ApMXHLq1O4uEGHe9QP9ReCD8uEcx_cTfSqplIGBWlw0sHHBIw9-FtXoH4jcX6OVKqrxR7pj0xePFTbFqWiSGjhlFC2lgf_eO5E1CmE4zrrT5yG6c&sai=AMfl-YRRNQUx47YHxwh3RfXIKLzWIWtxPRgpHnwsjsm-TAV_2zhUEhZHlGnMt0WfnSm9UWvaTyLB8IUCuxWJhBhPsYC833UX2EZEb_VQnSoWWogNU9m3wisElxg2lmK0LNnlDz8kUTS9o3aq6UTF0q1Zkz8lx_J98DR6NDmPrHrimi115tHAOpealJEG_fIy3Pl-KrNvDwbrrI8ThrO0t97XuvDph9Vhsr8znXKT5p0GN4ihFK-bOZQnVfq3Fi2YCTcAOdXdiGVfRuHQi6SnCnS_cbShII-K8gO89DxaFBuDeQE-mv5a6UeMyduRny6JUrAcJhWFRKi0zVjQ4y92AhbACTtD&sig=Cg0ArKJSzLffz0FNiQMIEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zYW1zdW5nLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=363&cbvp=1&cstd=352&cisv=r20231109.86571&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

firstevent
samsung-germany.demdex.net/ Frame 1B05
Redirect Chain

https://samsung-germany.demdex.net/event?d_event=imp&d_src=38080&d_site=5313500&d_creative=189641794&d_adgroup=23233&d_placement=380729639&d_campaign=29651479&d_cb=1214064808
https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=189641794&d_adgroup=23233&d_placement=380729639&d_campaign=29651479&d_cb=1214064808

42 B
733 B

72ms
70ms

Image
image/gif

34.253.135.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=189641794&d_adgroup=23233&d_placement=380729639&d_campaign=29651479&d_cb=1214064808

Requested by

Host: 0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
URL: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

34.253.135.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-135-155.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-05348b51c.edge-irl1.demdex.com 5 ms
pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 88KQ939iTPo=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0ead1cbb3.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 6dgy7+qTSxQ=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=189641794&d_adgroup=23233&d_placement=380729639&d_campaign=29651479&d_cb=1214064808
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C9E 38 KB
13 KB 29ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 69319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 07:58:52 GMT
expires: Wed, 20 Nov 2024 07:58:52 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FE08
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1&google_push=AXcoOmRh60C7VOttcCNWfWRXTRCAG5Xf5Zvaxdl1PSkQ7ETB0O-R1QCmscXVHKCQfcEZt8pxtNAoPnhoYq1ySXWUqcT4MUhMsvW2
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc5NjU5NjIyNDgxNTgxMjI4OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1

43 B
398 B

60ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1
Requested by: Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Nov 2023 03:14:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJrC-q-yu7jZzIbuDdpLJ38&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE08
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAIlMxurZUOWgsMZuXpx8KY&google_cver=1&google_push=AXcoOmRr23PsSkH3hkRY7ZGgjDevhs1MCiDcDWJQ3W7jD1TOIO4nobWm268UEq-0BwQPwacVA9w77GeMLIL...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRr23PsSkH3hkRY7ZGgjDevhs1MCiDcDWJQ3W7jD1TOIO4nobWm268UEq-0BwQPwacVA9w77GeMLIL_u47V9y0p1jOx4LqHug&google_hm=TH154HTvQq-f-10Joh...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRr23PsSkH3hkRY7ZGgjDevhs1MCiDcDWJQ3W7jD1TOIO4nobWm268UEq-0BwQPwacVA9w77GeMLIL_u47V9y0p1jOx4LqHug&google_hm=TH154HTvQq-f-10JohCUaxc

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRr23PsSkH3hkRY7ZGgjDevhs1MCiDcDWJQ3W7jD1TOIO4nobWm268UEq-0BwQPwacVA9w77GeMLIL_u47V9y0p1jOx4LqHug&google_hm=TH154HTvQq-f-10JohCUaxc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE08
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAHZvASiNp_N56eA3I91vd0&google_cver=1&google_push=AXcoOmRyYKNwQb664RFe60VKV6mlt8PLCROr_IxuiRFAqhrU6TigaX-2LgdzHHoIMcb-REKcg0PjP2p3G3OKBffg...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7MH1LhAXRlcZ2okNTyNrqA&google_push=AXcoOmRyYKNwQb664RFe60VKV6mlt8PLCROr_IxuiRFAqhrU6TigaX-2LgdzHHoIMcb-REKcg0PjP2p3G3OKBffg8kcKvGT2MG4B-g

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7MH1LhAXRlcZ2okNTyNrqA&google_push=AXcoOmRyYKNwQb664RFe60VKV6mlt8PLCROr_IxuiRFAqhrU6TigaX-2LgdzHHoIMcb-REKcg0PjP2p3G3OKBffg8kcKvGT2MG4B-g

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 03:14:11 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7MH1LhAXRlcZ2okNTyNrqA&google_push=AXcoOmRyYKNwQb664RFe60VKV6mlt8PLCROr_IxuiRFAqhrU6TigaX-2LgdzHHoIMcb-REKcg0PjP2p3G3OKBffg8kcKvGT2MG4B-g
x-host: tde-deliveryengine-production-bb588bf9-rwjq5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame FE08 43 B
363 B 113ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQU4uSk4vM2-dH3ixwAw4n_jxudM1oleRLHlBfzBmrhEmi4xkfVlAPzPOH5tMFaEYhnwK0ey_U8xGfd6K5M3qwtysH-JjWkaA&google_gid=CAESELqe_omNrNe9rkA8pJt0gtE&google_cver=1

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:10 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 193793
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE08
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG_9-j9r9M-XONCgYlOTYn4&google_cver=1&google_push=AXcoOmRud7MAFVj6_1FX5Tys4RU_fp9_W7H83kZiKoaYmw_sAzKZUgn5OZONydeXeTH7-01_ml8bbOd55L-4EFyI4g-Z8voIfoXH
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRud7MAFVj6_1FX5Tys4RU_fp9_W7H83kZiKoaYmw_sAzKZUgn5OZONydeXeTH7-01_ml8bbOd55L-4EFyI4g-Z8voIfoX...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg1MDY3MjE0NzM2OTQ0NTM2ODQ3Mg%3D%3D&google_push=AXcoOmRud7MAFVj6_1FX5Tys4RU_fp9_W7H83kZiKoaYmw_sAzKZUgn5...

170 B
188 B

37ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg1MDY3MjE0NzM2OTQ0NTM2ODQ3Mg%3D%3D&google_push=AXcoOmRud7MAFVj6_1FX5Tys4RU_fp9_W7H83kZiKoaYmw_sAzKZUgn5OZONydeXeTH7-01_ml8bbOd55L-4EFyI4g-Z8voIfoXH

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg1MDY3MjE0NzM2OTQ0NTM2ODQ3Mg%3D%3D&google_push=AXcoOmRud7MAFVj6_1FX5Tys4RU_fp9_W7H83kZiKoaYmw_sAzKZUgn5OZONydeXeTH7-01_ml8bbOd55L-4EFyI4g-Z8voIfoXH
date: Wed, 22 Nov 2023 03:14:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

report
sync.teads.tv/um/ Frame FE08
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK-OR_FzWjPl...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSpk4W_D6Fm8aNt7Koy_G0bAChQbkM0f6LMYQUvR8uwvPpz3vp2g8upOzymF-HYluDZHcSuK7H7VPGM1rnLA6j45xTqRswHZj4
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

54ms
51ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Wed, 22 Nov 2023 03:14:11 GMT
pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE08
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ce8b0e6e-190e-4737-b9f9-beee787f3825&google_cver=1&google_gid=CAESEDTEPReTDmytHrP8ob4Yi9g&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ce8b0e6e-190e-4737-b9f9-beee787f3825&google_cver=1&google_gid=CAESEDTEPReTDmytHrP8ob4Yi9g&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSHP4PC9rQWZCPoVPNCImVTqFpCHQfyjg5lf0LcE-VHgxqrczYGedYJ8MD79ROfWCEGPEbEBtkXSDlSpFXD68CH7Lrea9loIXs&gdpr=${GDPR}

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ce8b0e6e-190e-4737-b9f9-beee787f3825&google_cver=1&google_gid=CAESEDTEPReTDmytHrP8ob4Yi9g&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSHP4PC9rQWZCPoVPNCImVTqFpCHQfyjg5lf0LcE-VHgxqrczYGedYJ8MD79ROfWCEGPEbEBtkXSDlSpFXD68CH7Lrea9loIXs&gdpr=${GDPR}
date: Wed, 22 Nov 2023 03:14:11 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FE08 0
12 B 42ms
40ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LwyUlJXu9PLrUzDLMN9PGbTbzYpS51bXNO0pR8aSEFkuFEZ9b7rgmVVklvffvPM9A_3quG4Rc

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html Show response
s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/ Frame D03E 8 KB
3 KB 40ms
24ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d086f6c1056d2d2b0cf70aa02f19fffb3ac9fd6f4a2ddb0652a6fa336501fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 133868
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2779
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 14:03:03 GMT
expires: Tue, 19 Nov 2024 14:03:03 GMT
last-modified: Fri, 27 Oct 2023 08:31:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DFD9 0
0 153ms
70ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5Q9GMRv5TV--t9bc62e8pJolO6RJ1vBCrKXM7-YMcFcytBzgLKv8GNriq7UU3J-bhkcv3YEye8tXf6AQgqKoaoBP2eP7stoki0aUilC1z9G3dt3DFRLN1dBoMiihGU77C4W2X_6iNaN_jUhFw0XQjEV4qeltsmPWVk8phcnUr08AmXl7CzuHaMuKMZtk8-WuaF9DTaVE_JACgLUJUsHzU8AjtOaGcbiEruNN1jItlCRwCuFL3otavUfG_32odwUGW7UHGA-YLUNSG0QYfTc8OpDvVJnfHCcqCiPh0EC_ESCeHiRBNHi2kcpLqtmlfeiTjmSy4LsLkvYZVdh3kph1pLHALnQ4_DX7lflh2KC0f0UY-doUTi5Mx5alAnCb1RC3FnB56sqWI-Y09ESvtSP0h_T9wlrfKnB7-cRob7D_9nCItGSVsjcRd504GLAaQmcTLx7zZzjRF2XNbz6cLgSBTy2mmJEZBoNY7b2s1QHPnhBMuQh3iHRVgBj46gApAEM2fnumQBpAAhbTChU-5fOfdGJ54Vot5rteAxIy4XDNdubGAjUozCpU-QWk0E8xhWf6Qitkv3fVVpdlLM1bh-zX64DDSnISBXusYV-ugSkpLsQZ1Sv5yZxR4NoerCAqQ4wt3tkVMerpUWuNy_KXvxIaOiWSDLkLDJQ99PXjU9MJUSWUX6uE2uX8P30B3P964CkeJ3uTkK-gxFrV7UNCllLBUPPWDkCSQK1lCgkEqCIYmDsVKYITQa8dQeczjPAuPw5n3P6ttMLPYSTLxkFi36PXvm9Oy3O-tj_XS25_S8RuiyfFt-Yk6nScrddBSbc5Erxqa5NxRNLz3Gri9mLzCjCCMpjauza5ANQ3f8wBeeotNW7jIQQnmqXJ_rleVillH-sSnTtIoe4sBiFQQgtHWsoQLQWFsCKP9yAm99jKMVOFAeDdLl4uWFUPyG3evdPplGQrTnJyxSJYKvV8jZq_PCkOfFAU-sC3FlBvyfVRi_7-vUcoVgQzFv5GyFsqHWtknTaiko-XayuuXjDX-H0SZEgO0oZitu_yM4x1QdO6HUBWdLBoAKVd_-4asW12uoIFq82w9c53rNOqrjLvDyNQSaQnDlRtn4g2y57t729h-WAgVgWjxm49ENVfNsOlh5BGa_gsKwKf9cVMdbhm8eNaRJWnbScYUZPDw9rK5lxS1ZpxH4Sek4N41rhtrEJNv0gdRUevAvwZ09tKudsMOjK5Wuz9Wv4neCcVzmR5tm5pHyyvSFb9aF-IcOiPxfW15XD1j5o4tNPNuZ3gjcyZMk3o33fV-DPzXWApkgCSp0XvZxKb7HnMxNNDI&sai=AMfl-YTDfwn9uB8OCMjjUzHSJBDF8eSPy4g7Y6tGGjUEDkQFb9fFxOmTIHoD_9KWE6S9cKkvZjXpPdfTJrZL3jxprt9bq3N7oKensAmmIaN89C66q-vZ2MBEHOEdAQtw5JtnGB0ZwNwwHvhx_HlY_JRkT7IJGSE5GeXPKLuCJKMMH-ECVh6pnvsKn-BV9sxpkcEDAqiXNfcrUumd&sig=Cg0ArKJSzCnKoNZSEIorEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=175&cbvp=1&cstd=172&cisv=r20231109.41829&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 44FB 0
127 B 39ms
38ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:14:10 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 507F 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F4F8 0
19 B 75ms
73ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CguOxAnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTMAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUvfOd_atZ62ujOUQqL82UUQHy1ezlSxDDy0PHcDAGWEnXC8z3PiDIAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=TzfRfIcIoVo&uach_m=%5BUACH%5D&cid=CAQSKQDICaaNWm_lCFrSYDwCt0zrVfJRZVmkf9weJkfjvQqnsE8kcGi9J3BuGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700622850269&bpp=217&bdt=217&idt=364&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&is_amp=1&correlator=2205&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575605023&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079605%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285%2C44809053%2C31079698&oid=2&pvsid=3840382749125815&tmod=1831003793&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b4q560hq2e96&fsb=1&dtd=379
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F4F8 0
103 B 111ms
34ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g11v3vdyhedfq1nah1b8fgdpf5knytpx7v6ycv9dk7e6v1jrde88egh94n85kmn2yevr1mrctbt2av4he2a43yv2q33zw4pja9y3xhzbz1rgnq3ex4cave0dk91dqm6qjzqecnerzrrj0en4vpa2tqd11xgphzxd437w8spnz2jgq8qtqapzw3m4wkfe19g41fprda6ne53kqrrg3g5cs1bsr586gswyf53q1m2wr59wwdbh5a37aqbg8t1ktr8cympe3e2jhjxj7fx7xxnmnq9h0zy54m2ham1km5rm2qh1h6h160508426c1vcjw3thza1hspwrqtknmryqkw3z2yjrcqryzpap03wxczjhhvvvtdx3ynj22142v0wkv2pfmzmtq4sg&b=ZV1yAgAKjpkKwlWWAAenY_dQmOehcVxFaqycuA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046730&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700622850269&bpp=217&bdt=217&idt=364&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&is_amp=1&correlator=2205&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575605023&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079605%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285%2C44809053%2C31079698&oid=2&pvsid=3840382749125815&tmod=1831003793&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b4q560hq2e96&fsb=1&dtd=379
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:14:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 frame.html Show response
ad4m.at/ Frame A7BC 2 KB
2 KB 35ms
34ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 693347
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 829e0035cf1c18c3-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 03:14:11 GMT
expires: Tue, 14 Nov 2023 03:24:58 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKstDGk5nbjy6kjNWwmeXwqOGldpArBLQBpGcIMdxzVyVQoHXuyfJAxqUMXfekV%2BdCyy0nFgokW6DL1Gcoc8Wb0C4kbT2PyfxRr90W%2Bbvw0GfjzCPpC09ZpjsSudv8ifLETZAxg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C9E 38 KB
15 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 479413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 14:03:58 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame D03E 236 KB
63 KB 105ms
38ms Script
text/javascript 2a02:26f0:480:f::213:7ed6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 22 Nov 2023 03:29:11 GMT

GET
H3 200 231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.js Show response
s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/ Frame D03E 13 KB
3 KB 30ms
24ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df69d3efe185435831b72f81877b1e33a1e37192a1ccaf1848d92fd7db6b3c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3211
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:31:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 14:03:03 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame AD51 120 KB
41 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/223378114309701365/index.html?e=69&leftOffset=0&topOffset=0&c=Y7M5bK5sap&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/223378114309701365/index.html?e=69&leftOffset=0&topOffset=0&c=Y7M5bK5sap&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 08:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 08:11:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AAF4 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNRSZVYNYfRdT0Ypgi8t2Cf_zIBxRSzwfZLfpRK6spr_ybRnUhlP1Fnpe1R3eNLKa2B7IHuj0HwzLIPISbrmtYH1HjB0sAAg7Mo6GYldMiT5C5_MmJ4s4AZDFbjR0BxrnG3CqJMUlmD2LU_XVen9KQIbo_0BB1WbXNxlVCsftN8CmDnQq46puEVlJXZXnCWP_q8Y-pAcrTTqZaGPsAfVIGPt5hFv3V1mLSUCTvUnjmLI_9gMHCtV4QCh3wsEgsw3nOIyYLHOlr-Myi46u4wvtGRsgaaHHpvKdmsQege0rokb3pzA6C1kK9i3v4pkk3sm0QreifBGu7r2EyS452DNDB-ND3yWiXceAVNE4r8SY638GPoI61D00BWmVIsd5liOGM1szCr5A&sai=AMfl-YQrrAh8bjMYwSEDqO7Z0t3YNQwrC6n3Y1mAR2q792fWbRPrb3E251cD7a2XrpI_u1i7eIXfqXlJjMEWxW0&sig=Cg0ArKJSzCjofEn27YuZEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Nov 2023 03:14:11 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AAF4 16 KB
12 KB 45ms
45ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76eb485b15817b02440b25b51c0ecd1b66295b8d3032c3a032c798ed06751ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12272
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AAF4 17 KB
6 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 03:14:11 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1B05 0
0 63ms
62ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstmX7QxEGFiK7w8_so50T4rAoE0Vpc2TWTBVagxj4btEYZGIRCb1ZYhvr6rrI_AYLzKVXrYOPKSdfYzg2n5UibbnpzemZAsAYReGgBGDV0mr1suOwYq_zinrwTF4mE6t-Q8dvUdB-c6wCVloj6-5h_AwexZqKbNKPDggsfsS7F4834rqGZNf3CNax14B8xAa74hiS5_xQYuolwDhHGgrETOlgN3_iufLNno7QYjvgNLL5MVhA8LbRhsXZFv_VT5br2B3dWy9d_NAIdMjfCEWcnLOwUIwFiudrpFWj5sB4wpUSybL3ny_YLSGABUQZU7UV6je2BkDJO01tVo8ix9F1Yu2Q4jNrLdjutwEauBGFrRMlViRGJ3FMBzXIxfFqaAtV6bs4v0Jg6at5oMogqInIShi7skTl3LpwFfqfaCHSGMqWDg6qpD0ib3NCaUR9vYq1Ugm2rrJnI_4vCuKktXr8N19nyIUrq1geQ2n2c2g0NjTwhOKj_MbydOTLizX274SRyM0mR_JJ993BxPbSSTyE-18GX-iWhPt0muXClMyPKUsa28OQx_wf4-zMZv_Wd7HRNvgvLy4Hqr6xIrk_X5gge71TuUL8Xcd0yAQHHKRntMt8Yb5eoM8xxS03LXxw9KjvfnjuZp9eEGKvHPLQYkXsbMNmbSE0bxIDW9NA27eh1Mr9_gZ04d9tGL2E9MTv7J81cIEknULC_n4g-pERVeqgcjaowbYjYZQUAEPrytOVBlk66rq6VbfUjdaAESWY6C5wrVy3OACBK1tMT8K7fzvs2SKBj3zn55P-23FrtZ7T9jv5Ur94X1o6qVIfZ3TNJvngf9Na23sxX6RyHUIsJBqptOqTb35soB1gBlePz-jRn4i7P_IawIi4PTtJ6Ghd1g4Xsa8Feh4wPjS8sONqJvfBSMtKeILQvpRWGVLI7_t3i__o-jWYL-rgUC8WT0y407_byyAj32v29Z8E0SpJU01enavA-mSzC5OqWr6j-SxZhRjcAdNesAG4zYM4DQvSHnvc7Go9RwFzsHiB1ydNbCslamMT4f6rYBv_xOoENscDfRcVjbwCU1no1q-mT0pvPaqVWsWobgq-6iobHbBZQRcjEKCZYGy57IsGJ036FCXRxrtUDPyw2Tjy_X-t0jkt9BQHsq9loXCBU4p5XCt7KzpTHHqu59o022Yih6Gtn8TMJXYGhGnU4y5r3SloeLFY-O2xce8KrtUQ7XL_ri9oKTH0aFj7LZt1So08qMZG65bZaRphlFU77eWBKwihU35ADBh35JKlyW79M0nBgZmdGYQ9KVuDe110zdoT5OHr2ApMXHLq1O4uEGHe9QP9ReCD8uEcx_cTfSqplIGBWlw0sHHBIw9-FtXoH4jcX6OVKqrxR7pj0xePFTbFqWiSGjhlFC2lgf_eO5E1CmE4zrrT5yG6c&sai=AMfl-YRRNQUx47YHxwh3RfXIKLzWIWtxPRgpHnwsjsm-TAV_2zhUEhZHlGnMt0WfnSm9UWvaTyLB8IUCuxWJhBhPsYC833UX2EZEb_VQnSoWWogNU9m3wisElxg2lmK0LNnlDz8kUTS9o3aq6UTF0q1Zkz8lx_J98DR6NDmPrHrimi115tHAOpealJEG_fIy3Pl-KrNvDwbrrI8ThrO0t97XuvDph9Vhsr8znXKT5p0GN4ihFK-bOZQnVfq3Fi2YCTcAOdXdiGVfRuHQi6SnCnS_cbShII-K8gO89DxaFBuDeQE-mv5a6UeMyduRny6JUrAcJhWFRKi0zVjQ4y92AhbACTtD&sig=Cg0ArKJSzLffz0FNiQMIEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zYW1zdW5nLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=599&vt=11&dtpt=236&dett=3&cstd=352&cisv=r20231109.86571&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AD51 8 KB
6 KB 46ms
42ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c82a7857403ce780dd944bd20137cef14aa0bf50599907ad70ec1324773b59a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5828
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame CF91 1 KB
1 KB 46ms
45ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c609dabffd019dabcc7d071649ea6e6e67d788c35f6e453c3c89a707673074d1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHlyifJ4N0xPZr7JzFQRhaRuFv0UmNoNWiQJCw%2BeUQnEot6DxHbVgKf%2B91vwqt5BfLjBM%2Bn3rbT%2F8sAU%2FVEvdQwNnIsH84BxLmVxLDxK2IGJER%2B3UUZjrjEC%2FtChlmWdoU5QfhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 829e0037ccb418e6-FRA
x-backend-server: aa-reachservice-group-europe-west1-49tp
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 91ms
46ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 829e00377c8918e6-FRA
content-length: 24
content-type: text/plain
date: Wed, 22 Nov 2023 03:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YP%2F20aQGkCGXV6pgmFkeMmdFUmLC8%2Byn9fAWLy37W%2BvQCUcnLZcdLGqCjYOEP0wMSzIY5CtpMFBYXdg89Xal4qmcdo0PWBu4eRn%2FH5HGiAt%2BILJO1Fdv0%2FbOoN1%2FU17bJxKZCs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-49tp

GET
H3 200 _2021_1027_deananddavidcesar133_Bearb_72dpi.png
s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/ Frame D03E 2 MB
2 MB 39ms
37ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/_2021_1027_deananddavidcesar133_Bearb_72dpi.png

Requested by

Host: 55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
URL: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b29b33a5074c4e6c43fa655110a8be60df844c2fdb96039ab88fd7a29ad1497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:03:03 GMT
x-content-type-options: nosniff
age: 133868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1627562
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:31:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 14:03:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DFD9 0
0 62ms
60ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5Q9GMRv5TV--t9bc62e8pJolO6RJ1vBCrKXM7-YMcFcytBzgLKv8GNriq7UU3J-bhkcv3YEye8tXf6AQgqKoaoBP2eP7stoki0aUilC1z9G3dt3DFRLN1dBoMiihGU77C4W2X_6iNaN_jUhFw0XQjEV4qeltsmPWVk8phcnUr08AmXl7CzuHaMuKMZtk8-WuaF9DTaVE_JACgLUJUsHzU8AjtOaGcbiEruNN1jItlCRwCuFL3otavUfG_32odwUGW7UHGA-YLUNSG0QYfTc8OpDvVJnfHCcqCiPh0EC_ESCeHiRBNHi2kcpLqtmlfeiTjmSy4LsLkvYZVdh3kph1pLHALnQ4_DX7lflh2KC0f0UY-doUTi5Mx5alAnCb1RC3FnB56sqWI-Y09ESvtSP0h_T9wlrfKnB7-cRob7D_9nCItGSVsjcRd504GLAaQmcTLx7zZzjRF2XNbz6cLgSBTy2mmJEZBoNY7b2s1QHPnhBMuQh3iHRVgBj46gApAEM2fnumQBpAAhbTChU-5fOfdGJ54Vot5rteAxIy4XDNdubGAjUozCpU-QWk0E8xhWf6Qitkv3fVVpdlLM1bh-zX64DDSnISBXusYV-ugSkpLsQZ1Sv5yZxR4NoerCAqQ4wt3tkVMerpUWuNy_KXvxIaOiWSDLkLDJQ99PXjU9MJUSWUX6uE2uX8P30B3P964CkeJ3uTkK-gxFrV7UNCllLBUPPWDkCSQK1lCgkEqCIYmDsVKYITQa8dQeczjPAuPw5n3P6ttMLPYSTLxkFi36PXvm9Oy3O-tj_XS25_S8RuiyfFt-Yk6nScrddBSbc5Erxqa5NxRNLz3Gri9mLzCjCCMpjauza5ANQ3f8wBeeotNW7jIQQnmqXJ_rleVillH-sSnTtIoe4sBiFQQgtHWsoQLQWFsCKP9yAm99jKMVOFAeDdLl4uWFUPyG3evdPplGQrTnJyxSJYKvV8jZq_PCkOfFAU-sC3FlBvyfVRi_7-vUcoVgQzFv5GyFsqHWtknTaiko-XayuuXjDX-H0SZEgO0oZitu_yM4x1QdO6HUBWdLBoAKVd_-4asW12uoIFq82w9c53rNOqrjLvDyNQSaQnDlRtn4g2y57t729h-WAgVgWjxm49ENVfNsOlh5BGa_gsKwKf9cVMdbhm8eNaRJWnbScYUZPDw9rK5lxS1ZpxH4Sek4N41rhtrEJNv0gdRUevAvwZ09tKudsMOjK5Wuz9Wv4neCcVzmR5tm5pHyyvSFb9aF-IcOiPxfW15XD1j5o4tNPNuZ3gjcyZMk3o33fV-DPzXWApkgCSp0XvZxKb7HnMxNNDI&sai=AMfl-YTDfwn9uB8OCMjjUzHSJBDF8eSPy4g7Y6tGGjUEDkQFb9fFxOmTIHoD_9KWE6S9cKkvZjXpPdfTJrZL3jxprt9bq3N7oKensAmmIaN89C66q-vZ2MBEHOEdAQtw5JtnGB0ZwNwwHvhx_HlY_JRkT7IJGSE5GeXPKLuCJKMMH-ECVh6pnvsKn-BV9sxpkcEDAqiXNfcrUumd&sig=Cg0ArKJSzCnKoNZSEIorEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=427&vt=11&dtpt=252&dett=3&cstd=172&cisv=r20231109.41829&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AD51 17 KB
6 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 03:14:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 33F0 0
0 63ms
60ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311140101&jk=2232162055958793&bg=!b2ylbCPNAAZxrfrxUa07ADQBe5WfON-34PkJEb_M_rnOHxjig0aBReJDh1Bhm0FCfarAHhPdVLI7JSwrHLkbqmbhyUANAgAAATNSAAAAA2gBB5kDB8e35_BPK2a9_3u1djl1U4xg_L395dwcJeYjCMmP-ID2WykV12SyQDXoytev4VZ2pIQiwdKNWoH3r0uNcIyBEgNhtse6tXVCJpaDcpi6-4h9f024m9WF8cKTldfJUDQNEbWsrIr3FpOsmumTYp-8kn9Oi7GyrcRkAGNXmQ2msZAEqUOYnDxMujMQfW7KAnrUupR7tQiY9MlBagHyrTBY2ETXITOiK4m6ryajYk5iwbNyiDOtTexeolaZOStjyBT0-mmrj4aN_RWn9vkFeO6P363QOlzjwseQNRMhs0leGyYY6FwVRIUy4-a6yHRu3v_JGu2hJwihDkBtr5C-s0jgi5J2nbVJAnMm7Ti9M38NcfLqcrLPUgTaGb3B0DlWYNQ8ZDjr08veR4M8O9l0jmK4gD12nic9XTeVrFMioFNfDzS_cdGNUQzCvER-w8bgmXdU80kSuBU6ji6tFTOt4706L2iTAsaamarLWpfpWlm0eOyEP-5IgW6zX1AP2O0LKPsvpew2YC-f1ywFG4WozAVmu2vY5qndvpCo4IsmQWJMyiD7F-259Zt3gqBOaNNoJHQmNspZqTdQoshbuO8rnTSuxsbEUVxdLsUg1uCueJc8SMSYsDAixTaitmY_zR4BTpj-NntOu7yb8zVzN7wVARP2GM63V8_zT5FGqCLFWHwmGcuO81Hh-dq9Y9MjRzODiEWat2jcTUJkdyQ7h6XFkhgHhQyUk4UoTHGL5JKrQV4MulMW_dkRGsXC60324HF-xo3Dmme2suV3ToX4LJ5GlmFUuJX7habq-Q6W4JH2ssFnKDTtt7MD1fk9FE8smMiYLow0_7_gYwwXzXjcxbU4sZt14O-7cG84L_ARYlEBFWu1-Da2Hxd2VexyesJLsYSl5ivZPRRYYE54ZEZM7SxtohIJnH_SM_cKUU6hU_G_W8rDwLwZCHGyF876f1H10T8AVoHwwpeaTNWVW9E8KG0PrlO0_VKzCgCbzHQLudFyIVOyfs28BE59s_sxmmJzLLb0dl4q8HhB7zTsehc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C3E2 0
0 64ms
59ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=1001667210739326&bg=!2dql2pXNAAZxrfrxUa07ADQBe5WfOIxlKrVi1GiWQoQLXpY5oHUYK-uPra2KuOZX6_UdKDa9nPWwEJajgaR4PN4xR9DkAgAAASRSAAAAA2gBB5kDCHchJxgwpZfBtDEQPJWT-igT0fydo7WurbQEcWXIdg8mAJpelWkw_vJSObJfvI58JSUoEQzHWzRynzthjHl5EKoZh0u-CC4UWmaZOke3mhSiFkf9HVlfcDK-e3ybQvaVQlu-v0aFSrqOsy5wy28FzHEbVSUchWzL8d25mZMSixkCSiWUkL_EKye0T8S-Wm5gSoM_y4Ut_YtOnYttt-0oHferr8f708Ml-GOc2-WQTTmiXdoK2y4Qk2G-fjWpiqzWhADuWnTdJ-1e1iD9bSHe6el302dUBhYOy3j2wj09kOWuppZR-ilqFM41-_6KtTJMEfxytsgMhwHun8XyxX3AFNVzDFOZhBR0ja1Zx8FXmczJuIDxRv4zrPTZn2WaAL0ErVXD8jSCV8yJ8zp72fWRxsnuuXccUHiMkozOV_fFHAsqMnjP_G6fdzbcmuxKX5jmb6eCjyYmV_q-5Y9dkf2HCg0t7Jjzs1BYs3Sa_etTfinSdutnr_aLSMcwNKrWuASHkRH1LPoQA9hPThARQ5v5gDIFiNwh8WYBZTcmx7PsiPbBV_eUv_ozCioIRMhxsEaWJACSO-PHWaf7mBnZlmcEBkXELMxnsGVur_6jACq3afW7PEqcsmYqytAVAH2hnioEB3V-d0pAMoxKpPQmX_7bxwVExDLFNU965vmz8q5_SqSqGnFdVSU9DcsMkA9UE2CE6CIBJI4ffXvdpnXdRXk_KoDCM4IPCyw4KT5J7wGDQKoMkL3QWXnfQFwjFFFnWgl-ujU6hyZaQvNeBQrfIfr7qm-BWJAbOaiZdrlK4mMq9wlZPa3sQHYlu6zmzXU9Bay9X3ngxQTGPdHkdrYfGZCA6zGje8O-INtitY6THb1u_6HZIe5eivLIa5YQcaiJSoNIjuqDFwYKqDKSJIYYKef_EjMpOIwy5dUb68MsncUFDMBqjjG3GPvFHv_sbBH0hHnI92ThNI_Uqw05HQOqfR9o_VhAmLUaM1R7i1Fe6kk7z3iOkaRdOgkhzTxm48BESyOhRWPAPX4mDw9Z
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AE26 13 KB
5 KB 25ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 23:21:42 GMT
expires: Wed, 20 Nov 2024 23:21:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49E6 829 B
559 B 77ms
73ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1955250cf5797b32a654ec60a93b60de676e676a23e7245b83634afdafa1ae50

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SaffgxaRwssG1KQ8_hXTRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SaffgxaRwssG1KQ8_hXTRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:11 GMT
expires: Wed, 22 Nov 2023 03:14:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 507F 0
20 B 65ms
64ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQv46AnJdZaCZJfWujuwP7JesMAAAAAA4AeAEAg&bg=!kJOlk9zNAAZxrfrxUa07ADQBe5WfOB8YEiP7wrSxnjF7ZpvMeDdwzhIbuOVWqtpqYsYIzyDdANoYtgk5K50hd5ygMjSpAgAAAQxSAAAABGgBBwoABHA3rMiZA014C_SxlGJSDvIh9mpusQT5EYBQmi4LZLJN3egIHd3FzqKujK9LR33g8YVSSFtP8PPKM4zKdIKTpco14KVbTsHhSTjVAzHynVe6x-_MNczR8GLM4Qybdr4MQHgYg5PVETPOOZoYyRNq_ZmVySg3vW4WJ87fsurtVaRLONzIHpvYSOvRmm-3yBkfV0_3hgSVaJ24GXnYy8PVJmItE-h7IK2SRUTVJWHeKS95v0gftWflOFLXHyx59Ed0HWia4aVqoYNo1Q0tgHS_2OSxyH4mi4bDXsaFlcbqtRIuwuaAHH0hUFoe-G1hDwMC-SXtWXSjx3o2eeBtnQigNoLFtP-sjT3NiVFwq9RN44ahuVrjhcJ6BgpL2GlrDWoP0cx3Zx6ZNVuPqHK27RCn58qlxI4Scd2EK-wTXsmup-w6LtiCfu_AqeoU_VL0bDYLKNtSRf3qZonMbtksBufkI9FlgXs7CoVewK3PoVCVuqPfxYMXQZD4LmnWuf0sVETqPwPHepF3n5evQcDMm4yWpFe8iwATOXhBJe0NU9WKrB9DeNf_AjdHJXL5-H_x5ppE4RlvocMfmx2S37ZgMhtYCTteF2eE4BlLMcFda4U96ud10DF2zg-XmHy9l7ZezFdwpEr_Lh-beu-xmpMpBtS5id6LBuTe3aDV1Z86yYX-5HEz0ckVj3j0cpIMyD_LlcH8bU7HbQylPry7IIOAKzgAumLcaAzWifLA3fLAuqQVLH2MjqxHUO7mmBUKU1PIA4kOU2vzuFVzLVthLDSUeN6iKrRSfNMIBQekY4BkXRfeqqG-r0rNhd5mIFbZXLJz8JHYzI1NcoDanaS0vUT6M_XbmulWajl192_XYs3EN74H6lPr7TLFxHZW_CxRFQUntUgRoMceU5WC7gLJYH4G4vxclecYyAeBx9CvvnpXfiUurhKzP-0AAxSzQ948J8RDJ82pQzLqKhbdMwKFYeILWs8Z6NH_A_3Azc5WhzyYW2GqjGrspEv3fewZuOxsAvObJxyQH99ijZo_ELYmvpQJAzr0cPFiRwQSEWjehcxiiYOd8Sp-y8Tuojzmx2p8b1t2PFGof4RBpXk6cFJBzwMVRNnxKmNwcS4l5OaJkv2RiWzSOkYXNS3mOw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AA1 39 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 3B20 3 KB
3 KB 44ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=537178&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27&c=320&d=50&e=&g=e766648ce51f9e59f31ecd5a4ce18494%2F14829723260315485766&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700622851821&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjche3dkm74xa98j9fcg74f791wbqq5bkwvacf6tmcm6s9qka3kh6m78dzhxm1twzexqj7a3hv62kqyvk4kyxhqtb0h29cb1babxbpgckrdd03t49vt41tpw0va7kv4yzqdx8d6cee1tcenjeetd1ctgqanwfk7ync95sngdewqekh5ddag3dk159gxf47y8v9v6zn4rz5aapycxmj0d521bdvg0kgb6gh75n1jcpwxkf5rvt9jsm7hkp6c0chwg0yb1m8qpbt9abrwkn9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90308b43902d6e71ea58833cc6d987c2649ba40cda8ba21310dffbd365e09564

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1katnhvg2b498aesp0z3kv3dx6656j0skcszrgpqqtk3j2mgwhy9868tadwsg5rgs1apafh4cbz9es61ebkyem2wc58wgqmeec0hy3mn73vccxbhe6rcaprr18kg1qy6w8tzjrt0d3rh7y00zjxdfj844e9kwc5w7j4310fa1p28wdzx5v7dbynqt4mdaqr6jtxyvt8xz9dkya5ey2abqvy03w2qe0wxrrfmhb8gg4v0cbc7sn49av9k1tb8rthc67tp3qe84db9p6cx5ee05t70g40rcqmsj0qdknrzxyk1dbgn0vp8w8n4e3sq6v8wzavtsdf3tcfht2fk8vgye2dg1egagxwf38xwqxze2tvx18fhd9exk5tvcgwa779nr2x65g16pmdbgs30q6wn6ccwbkfv2avx6ak19ezebjpme3kw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 829e0038382618c3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 03:14:11 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 _230925_Headline_RGB.png
s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/ Frame D03E 25 KB
25 KB 24ms
24ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/_230925_Headline_RGB.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1a40897b86701e1769938c6bc027bcf96487b397cfbe0927dd77d8206f14e4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:03:03 GMT
x-content-type-options: nosniff
age: 133868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25146
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:31:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 14:03:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C9E 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTW-ZA3JdZY3GBPrY7_UP__WbsA0AAAAAOAHgBAI&bg=!5-Sl5KvNAAYdLc6FPS07ADQBe5WfOAMnPWAyUC31F1w8ngNvSmRP99MnCEn-Qm_vUoQXj8L_jpJtFDXVwqQ0e8aLNcXyAgAAAQhSAAAABGgBB5kDSb9P0Nowb8rSR9OEgFJULppbN1tHT4oipfxjQcJ9mTs_liqt5l8zYwvOnNrjt4zgUvtBi7cwTRlhUCAx3puZswZxG4mv46_0WIB3Y2r6xByxkJwY6Xqm1EjzwVq_No0mhJBm05k14qa1E-k63uKxjeDwb7lQiVZfLdyucMhGGH3jXt-bi4td5XZT9OrVza2TS3d8eR6C_cyXbEnG3H18NoxzY6kmX2hUL2OBMORM6T1BTiTHlfcBT7UEMBLJYIKqk7f9SLJmqm92xwqQW6Rme0Zy2WDWShOGz2zvwb9x4L41TeLbGimLuyo3E6rQfwSrUjt_c9IS-PL2JJGTqhfS_vFFzi6x4Sd_yXeIGy4U8Y7lPnnZQo901p62CQ9pFOMzbR-cuMtB-99kx4XTtwzX8YIB3gjTTbOA6MmOBh3GbX_J_Xe7QPayq4nFc8ph8GRUKGldEcJyG_cxRQTX62yW04dTXkNSrGE7aPh0il24nae74OWm5LKZb1vrS9m_7DfsLITuAT87F1rxzHajqaBGtzm58DVv1CH-3AaRfE9OdhgJ9dW4_o_vaxqlehxsg86-acL867StF_ypoUWO_krpu_AJiDZe8a568HZlRZN2RHG60n4lx3KgH_TPf9FuUR5iCyWXW-aGQv7SnKY-qk8DmaE8UqbNsfX6O5_I3dN5U8D1R-EMWZsCY0LrfmQW-9eKxuXZ0fbM5Is5WFfPpuo4ky1PkTv-2vZIryyxBwMfoAHBAa-NZaLbcAwQem9KS2J_3Tlh6QK8oAL76Z5j4VYqMbj5NTRfqMY0Hh_VIOGtQIOKB5tnRrfKICRoZMTGvXwzZZmbmh7Z9UdWqZsRjMcGsYDIyvYREZBnZTvydspEnIzakysjy-Nxkc1E-uU6OWmROi2vCtIgbFZPTYBkbsQaaqeQSakOrKQ9FarJh317X5X28C1Kujoy4TXUTZXCJnnXM-O_Lqe1K6OyxKfzbMvDrNSsEtJNyDYqWCVYWIbI9_VOyk4M7xfJbJ8WiYIgDELon9fGS8-lpE89AEih9gsO-PL8yrPPj0z62qunxbWTnCXfb3dG2iicFI9bEtbh3eMeSOyz1vOCTUiDa621XIW3Adfexf4x_LlrpJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame AE26 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 13:05:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 49E6 0
0 56ms
56ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3840382749125815&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 3B20 115 KB
14 KB 34ms
31ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27&c=320&d=50&e=&g=e766648ce51f9e59f31ecd5a4ce18494%2F14829723260315485766&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700622851821&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjche3dkm74xa98j9fcg74f791wbqq5bkwvacf6tmcm6s9qka3kh6m78dzhxm1twzexqj7a3hv62kqyvk4kyxhqtb0h29cb1babxbpgckrdd03t49vt41tpw0va7kv4yzqdx8d6cee1tcenjeetd1ctgqanwfk7ync95sngdewqekh5ddag3dk159gxf47y8v9v6zn4rz5aapycxmj0d521bdvg0kgb6gh75n1jcpwxkf5rvt9jsm7hkp6c0chwg0yb1m8qpbt9abrwkn9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=537178&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27&c=320&d=50&e=&g=e766648ce51f9e59f31ecd5a4ce18494%2F14829723260315485766&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700622851821&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjche3dkm74xa98j9fcg74f791wbqq5bkwvacf6tmcm6s9qka3kh6m78dzhxm1twzexqj7a3hv62kqyvk4kyxhqtb0h29cb1babxbpgckrdd03t49vt41tpw0va7kv4yzqdx8d6cee1tcenjeetd1ctgqanwfk7ync95sngdewqekh5ddag3dk159gxf47y8v9v6zn4rz5aapycxmj0d521bdvg0kgb6gh75n1jcpwxkf5rvt9jsm7hkp6c0chwg0yb1m8qpbt9abrwkn9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1106870
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzMelA46%2FNI9wRzd0ljfdSmBWzpFShNztYEC%2BCakpsOi%2F2VrsgjO1PEkzk8wFI2jAmraF15Y5nwX4Y9H1dv7nortC7jA2YOdzbrOLHB1JatdhfcFA5Ei8RC2K78s9C3y1LqbFUv1Jrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 829e0038985a18c3-FRA
expires: Thu, 23 Nov 2023 03:14:11 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 3B20 7 KB
7 KB 62ms
43ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27&c=320&d=50&e=&g=e766648ce51f9e59f31ecd5a4ce18494%2F14829723260315485766&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700622851821&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjche3dkm74xa98j9fcg74f791wbqq5bkwvacf6tmcm6s9qka3kh6m78dzhxm1twzexqj7a3hv62kqyvk4kyxhqtb0h29cb1babxbpgckrdd03t49vt41tpw0va7kv4yzqdx8d6cee1tcenjeetd1ctgqanwfk7ync95sngdewqekh5ddag3dk159gxf47y8v9v6zn4rz5aapycxmj0d521bdvg0kgb6gh75n1jcpwxkf5rvt9jsm7hkp6c0chwg0yb1m8qpbt9abrwkn9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23490
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGGcJ9QRG%2FfaM8NxsWFCDmhNt9nBVZ9EHFk72qtzX%2BRgGhB93nXEcdgYsgqd90bi%2FFn4e52Wh0EVe0SMUawUYebsPKJ0U42Rdl10G%2BbmQy3FoiM78%2BpsKEuRGHPyYsRZ1eO4HoISQMsV1Zb5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829e0038bf061c1c-FRA

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame 3B20 47 KB
48 KB 63ms
44ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27&c=320&d=50&e=&g=e766648ce51f9e59f31ecd5a4ce18494%2F14829723260315485766&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700622851821&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjche3dkm74xa98j9fcg74f791wbqq5bkwvacf6tmcm6s9qka3kh6m78dzhxm1twzexqj7a3hv62kqyvk4kyxhqtb0h29cb1babxbpgckrdd03t49vt41tpw0va7kv4yzqdx8d6cee1tcenjeetd1ctgqanwfk7ync95sngdewqekh5ddag3dk159gxf47y8v9v6zn4rz5aapycxmj0d521bdvg0kgb6gh75n1jcpwxkf5rvt9jsm7hkp6c0chwg0yb1m8qpbt9abrwkn9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bff32dd048b316d009948f9bfbbfea796d0937be65e16aee4326dfba016f0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1035408
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 48495
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:05:30 GMT
server: cloudflare
etag: "c40a3621ab46b51d5d071ae70e4b755d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVv6NGVJPVrTO9iOn8c5dUTsYMF3lLAGkTQEug5T9EN26Fy5odmRnkxKRr1i54nIsv7QWkFGFXUgi7%2BKRLy1QXiGp9SWUPPNTkRQCzRTrX0WkSA5I2q2iliPtdxDW6QEyDPhF1ARmQyWBIPM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 829e0038bf071c1c-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 3B20
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzDoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1700622852_356edb90-88e5-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=

0
494 B

104ms
34ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1700622852_356edb90-88e5-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27&c=320&d=50&e=&g=e766648ce51f9e59f31ecd5a4ce18494%2F14829723260315485766&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700622851821&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjche3dkm74xa98j9fcg74f791wbqq5bkwvacf6tmcm6s9qka3kh6m78dzhxm1twzexqj7a3hv62kqyvk4kyxhqtb0h29cb1babxbpgckrdd03t49vt41tpw0va7kv4yzqdx8d6cee1tcenjeetd1ctgqanwfk7ync95sngdewqekh5ddag3dk159gxf47y8v9v6zn4rz5aapycxmj0d521bdvg0kgb6gh75n1jcpwxkf5rvt9jsm7hkp6c0chwg0yb1m8qpbt9abrwkn9g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCArn4AnJdZZmdKpariQbjzp6QDpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlNuIrwJT7I-qAMByAMCqgTPAU_QfAmkqUnolCvpEsrHOHcALDoW2bQpHb3wwCT0DnW5Pt4R7e6MLf02sNpxIzmai4cI8PpN6R4BRO-IfvTiAvjz9mQSwXVsD-DXEGbIeZGCvBQTzsThOvIEN3oUHgN8lvTBAlNJMB62Edl8Q6zkuxZR3PGnYUAYWzQpSBUyUKny-llgd_gROaSBoP2ReQHic924LkTqCOavRMXO_NSUImHhA4fLTUudO_5IYmcx-vsTCjQmkNfiJjlUY16fFOE0_j6R-PGasWhpE-yixGHzIoAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0wJn8HAmOevC6wss79onvRl2vmBg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:12 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 829e003a0f5f049b-FRA
content-length: 0
expires: -1

Redirect headers

Date: Wed, 22 Nov 2023 03:14:12 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1700622852_356edb90-88e5-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 CTA_728x90.png
s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/ Frame D03E 19 KB
19 KB 24ms
23ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/CTA_728x90.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b8c199bdc8726f25e2d3c4ddd3afa6d42d67f80aae38fd033e5940bcf25aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:03:03 GMT
x-content-type-options: nosniff
age: 133868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19008
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:31:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 14:03:03 GMT

GET
H3 200 dd_Logo_RGB_Ani.png
s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/ Frame D03E 38 KB
38 KB 31ms
30ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/dd_Logo_RGB_Ani.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8684d776db844928f4ce38a0d253f36aa4b55292d58710f676e73ad1837aa6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:03:03 GMT
x-content-type-options: nosniff
age: 133868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38451
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:31:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 14:03:03 GMT

GET
H3 200 DD_Preis_Stoerer_Deal_V212_nur_gross.png
s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/ Frame D03E 25 KB
25 KB 24ms
23ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/DD_Preis_Stoerer_Deal_V212_nur_gross.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afa3febec50d831db3e1ba24ae8ed0c21dbd1540c94d3ef554e80f3a596e7a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:03:03 GMT
x-content-type-options: nosniff
age: 133869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25092
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:31:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 14:03:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AE26 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?afy8NA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:14:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Text_CaesarChickenSalad_728x90.png
s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/ Frame D03E 32 KB
32 KB 24ms
24ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/images/Text_CaesarChickenSalad_728x90.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed267df65f6cc47f2e6ee628a4f989ad0dd8ff3d4a2acbcebbc2c4017bb705f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4140034827702278186/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90/231006_DD_DealoftheWeek_AdBundle_CaesarChickenSalad_728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:03:03 GMT
x-content-type-options: nosniff
age: 133869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32651
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:31:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 14:03:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AAF4 0
0 60ms
60ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3840382749125815&bg=!ycqlyoXNAAZxrfrxUa07ADQBe5WfONE_SG_sS56j8I-sAtxJNUanyGjIdzwLoYWKJyRxUxL2ayRnuNYlBhBL2OFO2xbwAgAAAI5SAAAABGgBB5kDB0UXAYvtSJjvkW48CU62qo3yCuhNeUiHSlKuCBzNS2NWMQqh1OVpg0MVRIlKVMZNvQcF0KvINfNu_LKJoi7tI0ygV2s8OBLaECt24-4v3_WNLnZHUun9r_PzOXvF1R778clN7GNJsaTBljlDvQJmYyqqoXk9p01ezxGNxPr7IHXB8uw9XXJ-uczN5i66irKWBasRaSWhZ00Zt7KM8oy7xOh07WXbI6QINnjQ2d1egptlZETBg7fbhmLVYRkq5K1G3gdgHdQpguhMDT2YbcBOeFZ7Y8ulzYlRrRqm2UPaggFLf0lLxccHzZ4FZXfwkQB4vG-XHoM6BWnsUjdftEOYke11QJZFREmPZrCFPGP_9CSNEBYPLlCMN1Jk-wDAZfMSZi6LD4VkyP2HGWDVYjc0Moa3nt3luiyO9drs-8aClzYfhISr7JEHLW5tyNi_KLulFPuKxKl5ZKDUw651jWETQrzG-CKvW2u07fPslkU01wJIqpeVzjkIavtc3fyaNpEYcD_Yldh_6TYiTYum06UvChro5VQz7CKYTde5GVaKJ7ySNJGzwwFQ_xFwKabJbqP3foF0-1pxGu8tjYG6qO0X5CLCIufHw14riW5X7_x7Uv3oiex_Qy6rS8nbMxh5sFKJAMYTyCR5WlgoGZpT1sSQb397kzeThh1FHMfcP2da5IwgmNF_zQhduDo_X1jZjiLMZeipIXCU39zePVhQWvlfi7lEbxlatZJN_i2e3bimA5YpGF9aPo4HEol_PkF85mrbbxkzj8o_PSPYlTHxzE_9i4N9MaHWhKb0kcWx3kH2w1WrKUsUCjxwwLU4sBGw0oWuo7s4DiUhP8ZP7FF26QqLQ8bvksBUVXsBtcw9ZFsJTsPzIeuCSyzsfetuksUDoRqIqcJ5XJSr45vtszOjGeLPgZ4Sb77rQuS-UWayBu-hmkQnaxt7I78OeWC5K5FXoKvsJvOf6knbEeRtMWDsI82FQXQtJRR31g-Qa2Y2ZTGrOVAewxplkkOJZQT5qZRfCgq_VvVOUCnCR7Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFD9 0
22 B 56ms
56ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3604607394347&version=m202309260101&ct=119&x=1&cor=1874402642365037300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 03:14:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 44FB 0
127 B 39ms
38ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 03:14:17 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 01:59:42	Name: is_unique Value: sc12916097.1700622848.0
.statcounter.com/	1970-01-21 01:59:42	Name: is_visitor_unique Value: 1700622848384594032
.xgcartoon.com/	1970-01-21 01:09:18	Name: _ga Value: amp-1B-06Wjk2wGk0cpzmpPzSA
.doubleclick.net/	1970-01-21 01:45:18	Name: IDE Value: AHWqTUnG6eo-6uD6KE1mDbilr9_EEYYftfiTwleT5oS6psHoAB6We760cE0MPW4bHeA
.doubleclick.net/	1970-01-20 16:23:46	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 20:42:54	Name: APC Value: AfxxVi6tkjsZlUf3w3Yh0x9_zRe9oijoOSDwqKRifrl89n2c-KHryQ
.casalemedia.com/	1970-01-21 01:09:18	Name: CMID Value: ZV1yA7myFZqoipqncjd4NQAA
.casalemedia.com/	1970-01-20 18:33:18	Name: CMPS Value: 1122
.casalemedia.com/	1970-01-20 18:33:18	Name: CMPRO Value: 1122
.adnxs.com/	1970-01-20 18:33:18	Name: uuid2 Value: 8801632448644901342
.adnxs.com/	1970-01-20 18:33:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaRnv9>r!@wnfH8K6pQK`!5=E<L5?%M1ib)Sg^k.t6f_Guv7STs4i+a!j>s`].k5_[#%nugO%v4VB%nniy2Jt4
.csync.loopme.me/	1970-01-20 18:36:11	Name: viewer_token Value: ce8b0e6e-190e-4737-b9f9-beee787f3825
.adform.net/	1970-01-20 17:06:54	Name: C Value: 1
.turn.com/	1970-01-20 20:42:54	Name: uid Value: 7796596224815812288
.3lift.com/	1970-01-20 18:33:18	Name: tluid Value: 1850672147369445368472
.adform.net/	1970-01-20 17:50:06	Name: uid Value: 267147926412545146
.lijit.com/	1970-01-21 01:09:18	Name: ljt_reader Value: HslivGZHXNd2mN0bRz6il7dv
.de17a.com/	1970-01-21 01:02:06	Name: guid Value: 1.8537921496605551550
.ctnsnet.com/	1970-01-21 01:09:18	Name: cid_4c7d79e074ef42af9ffb5d09a210946b Value: 1
.ctnsnet.com/	1970-01-21 01:09:18	Name: gid_CAESEAIlMxurZUOWgsMZuXpx8KY Value: 1
.travelaudience.com/	1970-01-21 01:53:57	Name: _tracker Value: %7B%22UUID%22%3A%22ECC1F52E-1017-4657-19DA-890D4F236BA8%22%7D
.yahoo.com/	1970-01-21 01:09:40	Name: A3 Value: d=AQABBANyXWUCEGAYVgecY2tAgWVeR-tprAkFEgEBAQHDXmVnZQAAAAAA_eMAAA&S=AQAAArbaHN9JWsEMrdJ4N9QShHk
.demdex.net/	1970-01-20 20:42:54	Name: demdex Value: 10771535112603091362480593253218163991
.samsung-germany.demdex.net/	1970-01-20 20:42:54	Name: samsung-germany Value: 10771535112603091362480593253218163991
.tribalfusion.com/	1970-01-20 18:33:18	Name: ANON_ID Value: abntuJxlqLlnJVsPTan62uQ2Za7U8ZbCUSmKZdyrVQSJ40dngZaV2ZcTVjw5AD7Gug7GZabVrae6990vQElDYSpDQcfGjM
.awin1.com/	1970-01-20 16:28:02	Name: awpv11354 Value: 412871\|1700622852\|356edb90-88e5-11ee-84cc-223908f3a6a6
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 16:28:02	Name: HTLP_timestamp Value: 1700622852171
www.conrad.de/	1970-01-20 16:28:02	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 16:23:44	Name: __cf_bm Value: nCN3B97zJ6B5tE2_6StdslCGdXvGvzkP.2qg.65qGwk-1700622852-0-AXFfgDmZ3NsCV4EwhjBzYNQhWHAKl1QDFAMX0yRvTO6NO8+LwGBrL8cfsjRxuu2fAJij2P2fwEZmoSvAxFY4m/E=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
javascript	warning	URL: https://www.xgcartoon.com/detail/jinhuazhanjijinhuarenriyu-miguliangzhi Message: The resource https://8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0932bd683f05bc4fa72a71cd46f4b5ee.safeframe.googlesyndication.com
55493517f8f7de3fa88cfa88591f741f.safeframe.googlesyndication.com
8f0f3233ac806f7bfe95e1c03662af74.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
c.statcounter.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.ampproject.org
cm.g.doubleclick.net
code.createjs.com
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imageproxy.eu.criteo.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s.tribalfusion.com
s0.2mdn.net
samsung-germany.demdex.net
secure.adnxs.com
securepubads.g.doubleclick.net
static-a.xgcartoon.com
static.criteo.net
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.awin1.com
www.conrad.de
www.google.com
www.googletagservices.com
www.xgcartoon.com
104.102.45.165
104.18.36.155
104.20.218.77
142.250.185.98
15.197.193.217
169.150.222.217
172.217.16.134
178.250.1.6
178.250.1.9
185.89.210.20
2.16.97.41
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.169
216.52.2.39
216.58.212.162
2600:1901:0:76b9::
2606:4700:20::681a:3f3
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6810:c0cb
2606:4700::6812:19ad
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2001
2a00:1450:4001:829::2001
2a00:1450:4001:829::2006
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a02:26f0:480:f::213:7ed6
2a05:d018:d29:3602:8101:fe84:3355:65
34.253.135.155
34.98.64.218
35.186.193.173
35.190.0.66
35.214.220.248
37.157.6.243
51.38.120.206
76.223.111.18
98.98.134.242
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096e5af117be6289f79270963f52d315a65710d1cd48f95935c2a16171c4e080
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6d0728952d6838d4265a88ad53c20bce319ea25c8db4c7ef873699d7866e72
136abe5a5e2bc44d9d5e0b914b4e89c433c6f26fb969bccc5a4614ca4e345bf9
13eb07e1962399c8d1bd190595af2a4dc41d7a19600301260826001259e12da2
147123f5636ab90ebbad7dd0bad22ee2abc80dd6b019e413908f8c2d846a2ffc
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1821196f2abbf6fa928f4417ca0a90dde7cd24983c28fe50d9eea66356475100
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1955250cf5797b32a654ec60a93b60de676e676a23e7245b83634afdafa1ae50
1af0eaedbf2589b79e2b2bbb6b85480ca3e3706e772c7cdd8aee5b768dfacf8d
1bea159f9bfd8a5f0ab88e7fc340ed7b2e64639222b47b5a3e8de709ce91294c
1cb866edd013587dddc6140975c99e16467cc693cdf2011726ed3ea85e34318a
1d0226100df3d2fa77d0ca26140de33676d2678f1348850d4dc031f23d390ef0
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
24979159d22e669183d56e2d4bc17586bc3ad62f94c87ce4226f7bc5437f2303
2567903727c1ca3da3f25c9f2c51be71e0a3649c95286c2eeaad843926d570b4
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39ca6342887029556b06f279d9e7536aabebba9fcbb7c326893b85404bec4e93
3b29b33a5074c4e6c43fa655110a8be60df844c2fdb96039ab88fd7a29ad1497
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d5a213935cfae539406701049774133266c4e376ad3551037194a1f0a181a19
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
4275ea022a0e90532f54dc4404924799572718262aeb639849354587f51a95a4
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bff32dd048b316d009948f9bfbbfea796d0937be65e16aee4326dfba016f0f3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
525a02f1c31210195898fe91d5842d80e195b585cc1c76fcaf5de348a20f096a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b8c199bdc8726f25e2d3c4ddd3afa6d42d67f80aae38fd033e5940bcf25aae
5aacd03f1ad46351376066570cff333848f66dcf64153fd31752fc6de3cc6a71
5d086f6c1056d2d2b0cf70aa02f19fffb3ac9fd6f4a2ddb0652a6fa336501fbc
5e46753fbc48c3cccaa132ee230c29fc1233357aa4943994ae528fa67a371888
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6221253ad9714c013d8ad0fe4630839bac19c58e88ea423d4cf2a1b9e0f79aac
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
626c1a26fcdb2ba6bd3889eccac4f109cd1a6482d97e177b53030f6e67452bca
62ade288f2abf7a6aa32dd1342efedc3ae89cd69a61d55011e3ef07881bfcad4
6428ad454d38fea0c344634cff185057c0111181bdebe2873b48d357c27bb49f
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76eb485b15817b02440b25b51c0ecd1b66295b8d3032c3a032c798ed06751ccb
77c6dee173dbcd40c080cead582b57052fd7e065707a79315dae083647df4723
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8684d776db844928f4ce38a0d253f36aa4b55292d58710f676e73ad1837aa6db
874f35c9081209c3c48dc059db9004bd350e635094696f6fca5b256344fbd13c
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
90308b43902d6e71ea58833cc6d987c2649ba40cda8ba21310dffbd365e09564
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
961f7df9a55477821e0e58f4bdcb0e74496fd11ff296572a1cdf18a504c5b8a2
9775f872c78a013224e8a6ed90c47cd32f8a7295065826ea943198fbdfa61f02
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a34742cf62432547e92893047c4c29a4ae2df50188f41e5c3d0ca0de758d9fff
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
acb8a3e7cadc2c0a9f16959000f631136b580a9f7a5eb4a7095eb49ab38cb5e0
af4d8c2eb95db499b8efc4d2a327b0fc9f6bf61a6466e35a5a9e7fb1f32df0bb
afa3febec50d831db3e1ba24ae8ed0c21dbd1540c94d3ef554e80f3a596e7a07
afe48129d69d1636977964c86ba5a17bc8105402afa294c0a61300f6df050a63
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756
bcccb99202620830eb72555609352e59f36ee70374044a1c6671d1ace613d08e
bf1d3e6c74f29513274854308f7afada9930bf9319788639e00fdf557aeb5e9d
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
bfddd60b28325e6db46c365acb1aedfe4f11f43c34badbc2cfa3a3639b6c38ed
c1a40897b86701e1769938c6bc027bcf96487b397cfbe0927dd77d8206f14e4d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c609dabffd019dabcc7d071649ea6e6e67d788c35f6e453c3c89a707673074d1
c641878f4049cfaf6aa6a1ebe88176bf609e506a4fa45a461b4e3ef056a60951
c80037aeed66b1de77e82789686d5d65393f0e67dbb0d848434151e4c9a6011d
c82a7857403ce780dd944bd20137cef14aa0bf50599907ad70ec1324773b59a9
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
cd7bb4fd8d7bbef0aa1444d580657cc75c63bdc4806b619d2b8b08f857824e1a
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d231dab03e0f5f208538cec3a7809ccafe18021983a419c628ecda4b02fa5998
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
de77969ba046f1d65becf2c6edaba80b74522e1cc9afee70661066fc471420eb
df69d3efe185435831b72f81877b1e33a1e37192a1ccaf1848d92fd7db6b3c5e
e0d006d3b93ee93e669d0b6b3b2b29bc4da89483eef6007c90ab91598a8bf701
e169efa6f519ec1722196985e5e6878b9992db71f3e293fe1eccdf26402704a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e78823d29ca02eb8ad1eabe7bd3f3fd7ea01d721e95ee303a407d437b084c1
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed267df65f6cc47f2e6ee628a4f989ad0dd8ff3d4a2acbcebbc2c4017bb705f5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b81a123e01781ec59d4493e7db19cdbcbc911f51009356b1c808d56ad343b1
f0bf3a91a1bdc8d77bb4f115ea8e8c0ef7f2a7ca66b700649937e437720c769f
f280711898dd279348bbdf0fd10d7b22f9d0de316a5597b9cb4e1d8c86c5d3b2
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fb46bcad23b265c49414fc7775ac6682b71eb7c44dceb90da68322df575da5b3
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

221 Requests

88 %HTTPS

51 %IPv6

34 Domains

53 Subdomains

38 IPs

10 Countries

4750 kBTransfer

9743 kBSize

30 Cookies

1 Outgoing links

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

88 %
HTTPS

51 %
IPv6

34
Domains

53
Subdomains

38
IPs

10
Countries

4750 kB
Transfer

9743 kB
Size

30
Cookies

221 HTTP transactions
12 data transactions