urlscan.io logo urlscan.io
SecurityTrails logo

www.xgcartoon.com Open in urlscan Pro
169.150.222.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianb...
Submission: On December 24 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 7 countries across 19 domains to perform 146 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 169.150.222.217 60068 (CDN77 ^_^)
12 2a00:1450:400... 15169 (GOOGLE)
1 104.20.94.138 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 23.35.237.86 16625 (AKAMAI-AS)
21 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
3 213.227.153.220 60781 (LEASEWEB-...)
1 146.75.122.132 54113 (FASTLY)
1 213.227.153.221 60781 (LEASEWEB-...)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 11 142.250.184.226 15169 (GOOGLE)
3 5 104.18.36.155 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 139.162.40.113 63949 (AKAMAI-LI...)
2 2 3.124.161.201 16509 (AMAZON-02)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 1 124.146.153.166 2514 (INFOSPHER...)
2 142.250.186.130 15169 (GOOGLE)
146 21
5    169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com
www.xgcartoon.com
12    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)
c.statcounter.com
5    2606:4700:20::681a:3f3 (United States)

ASN13335 (CLOUDFLARENET, US)
static-a.xgcartoon.com
14    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
21    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
39    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1t-eudc1.zemanta.com
1    146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
1    213.227.153.221 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net
b1-eudc1.zemanta.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
11    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
5    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
4    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    139.162.40.113 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1453-113.members.linode.com
a.c.appier.net
2    3.124.161.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-161-201.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
cs.media.net
1    124.146.153.166 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
66 googlesyndication.com
060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
1 MB
34 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
127 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
251 KB
10 xgcartoon.com
www.xgcartoon.com
static-a.xgcartoon.com
441 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
386 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
3 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
130 KB
4 zemanta.com
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 25865
b1-eudc1.zemanta.com — Cisco Umbrella Rank: 27582
544 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
1 KB
2 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2138
15 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
1 KB
1 media.net
cs.media.net — Cisco Umbrella Rank: 1381
878 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 8865
597 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 55430
661 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
612 B
1 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 3815
9 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
256 B
1 statcounter.com
c.statcounter.com — Cisco Umbrella Rank: 10182
471 B
146 19
Domain Requested by
39 pagead2.googlesyndication.com 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
21 tpc.googlesyndication.com 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.xgcartoon.com
14 securepubads.g.doubleclick.net cdn.ampproject.org
060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
www.googletagservices.com
12 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
11 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 www.googletagservices.com 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com cdn.ampproject.org
5 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
5 static-a.xgcartoon.com www.xgcartoon.com
5 www.xgcartoon.com www.xgcartoon.com
cdn.ampproject.org
4 s0.2mdn.net www.xgcartoon.com
googleads.g.doubleclick.net
s0.2mdn.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
3 b1t-eudc1.zemanta.com 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
widgets.outbrain.com
2 googleads4.g.doubleclick.net www.xgcartoon.com
2 x.bidswitch.net 2 redirects
2 widgets.outbrain.com 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
1 tg.socdm.com 1 redirects
1 cs.media.net 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 a.c.appier.net 1 redirects
1 sync.fout.jp 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 b1-eudc1.zemanta.com
1 zem.outbrainimg.com 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
1 region1.google-analytics.com cdn.ampproject.org
1 c.statcounter.com www.xgcartoon.com
146 27

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G4		 2023-09-24 -
2024-10-25		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
xgcartoon.com
GTS CA 1P5		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.outbrainimg.com
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 23 frames:

Primary Page: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Frame ID: AEC62C3639B0325DFD7C834C92493B2F
Requests: 38 HTTP requests in this frame

Frame: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 08ED1FB037CE198A251778351BBF41C5
Requests: 14 HTTP requests in this frame

Frame: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 19DB35E08E7E32F7296630B9321D730E
Requests: 11 HTTP requests in this frame

Frame: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 4B1997BA72CAE72823BB123369E40C11
Requests: 10 HTTP requests in this frame

Frame: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: C7CE8C01AE14C898EEE170CAE0854123
Requests: 11 HTTP requests in this frame

Frame: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: C119D7B57D05506D559CE08FA27F789F
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: C257E693AF2C0D5082F119C6C7A83951
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046731&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065338&bpp=163&bdt=148&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2884240352&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320885&oid=2&pvsid=4498352084104870&tmod=1917028976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktfhb8brq4je&fsb=1&dtd=381
Frame ID: 63754C2526DC524F15372882C735B540
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065410&bpp=140&bdt=220&idt=386&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4047894944&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=4390902465437407&tmod=413608648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8gpnzauppoq1&fsb=1&dtd=395
Frame ID: 0531BCB858E363689E6FAB31D59C4E11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Frame ID: 9A344163BD0AC38DD5B85794477711B3
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046729&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065412&bpp=187&bdt=222&idt=522&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4047894944&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44785294%2C95320869%2C95320885&oid=2&pvsid=2909463998820045&tmod=971625820&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rw7l1opmq2ui&fsb=1&dtd=525
Frame ID: FE1C071620F9A344195A2BB63A1CAFF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNXePQin3LJDmbWaxG8obXpfM6i8h0c0xxTPEoIw81KCrQFg5e1_-b7JpKlxLw7VbPNJNwYsTQajzczPqjcgMq4-WHJVkg
Frame ID: 6C2CD859D191B7C2DCFEC94C8DA68143
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88BA5CFD1474D8CC255222FE2E771930
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 22AD5ABD3526693F0436014E8A92527E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7FE8ED82D38AF64134FE2317BBBCB773
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D63862723F9822F0259F218ED435C79B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 46945BBB19F0F4166714502A624F59A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D98E151694CAE710D4F934D6FC2491CD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 57A25B0969879968F07652DD5C998E96
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 06410371BB5D9B1EA32495C7FCFC09C0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250
Frame ID: BFFD339693FBB03D201C80FCFEC73D9C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 91475D0738BFB4534F6E708FB97E4264
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3E433BDCD1528F16E5C9B992CDB13E1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🍴機動戰士高達【劇場版】雷霆宙域(機動戰士敢達、鋼彈 雷霆宙域戰線)BANDIT FLOWER【日語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

146
Requests

94 %
HTTPS

42 %
IPv6

19
Domains

27
Subdomains

21
IPs

7
Countries

2438 kB
Transfer

6264 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECW1np-vbSbo-rD7BB3okkY&google_cver=1
Request Chain 106
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYipWro9b-c1NRMhTtqkgwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECW1np-vbSbo-rD7BB3okkY&google_cver=1
Request Chain 129
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEPi8GgIIldrdz5i2wpcTRNU&google_cver=1&google_push=AXcoOmQ1AJMXiMEFF-evIBLFuMj48ks5UGH1c8XR7q1EOnEyXXH3zER7Z-iJKP8HEgKLYfyxr_bbyP8xRf1txKLoBaZ16MWCL96D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQ1AJMXiMEFF-evIBLFuMj48ks5UGH1c8XR7q1EOnEyXXH3zER7Z-iJKP8HEgKLYfyxr_bbyP8xRf1txKLoBaZ16MWCL96D&google_hm=knUNAETmRX2eN_Xi4t9UIN0
Request Chain 130
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEC54ulETFgGN1wZ-JQBcdB0&google_cver=1&google_push=AXcoOmTGm7TU0nqVJwEC4ZNN3iQyggu6gWUiItAo_qyUUKDuED8vTKeRBb8l-_0PFEsxgIM4KlmYuTQ-OeeFXQ7I3vAt1uGAUXao HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTGm7TU0nqVJwEC4ZNN3iQyggu6gWUiItAo_qyUUKDuED8vTKeRBb8l-_0PFEsxgIM4KlmYuTQ-OeeFXQ7I3vAt1uGAUXao&google_hm=cTFFMV85ZW5kSFlxdEJVem56VTZYOWVFT1lF&from_google=sp1
Request Chain 131
  • https://a.c.appier.net/gcm?google_gid=CAESECGgTEocpexmnd6-7mfSZCw&google_cver=1&google_push=AXcoOmTRO17j67Z83RYLPIlW5QNeivSBTS4x2QiGfi7JDy-FnnIhhnvFPz0xkatsfQBYw_HkxiXnTwm2NOzRA4MAQRRIL3dYyoc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bVV5dVpUanpDUkcyTGJLUVc2bUlaUQ%3D%3D&google_push=AXcoOmTRO17j67Z83RYLPIlW5QNeivSBTS4x2QiGfi7JDy-FnnIhhnvFPz0xkatsfQBYw_HkxiXnTwm2NOzRA4MAQRRIL3dYyoc
Request Chain 132
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEKzQnlLX1O4dRz5VEwo7Xg8&google_cver=1&google_push=AXcoOmSfGnF_5JybPwEWtLweGUAXrfXD29E2IEF4pKKsO0u9Ogelwwsnzw40BTvZ7PgeK0-KEou_yVv2pPQAj5QYgrAzEJnErAmn HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEKzQnlLX1O4dRz5VEwo7Xg8&google_cver=1&google_push=AXcoOmSfGnF_5JybPwEWtLweGUAXrfXD29E2IEF4pKKsO0u9Ogelwwsnzw40BTvZ7PgeK0-KEou_yVv2pPQAj5QYgrAzEJnErAmn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSfGnF_5JybPwEWtLweGUAXrfXD29E2IEF4pKKsO0u9Ogelwwsnzw40BTvZ7PgeK0-KEou_yVv2pPQAj5QYgrAzEJnErAmn&google_hm=iAXE56egS0m12UySbymd7g==
Request Chain 133
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ2_sjX55N4o6DSYN5mAE88&google_cver=1&google_push=AXcoOmT5E3uGzEPGkWG2kb63sXBAvBqn2g5OzBzdYV9K7bBoUIHXMRRhTEkcIsSvfbW4HcAU-46v-oeZHBIheUCN9MFOBUEzjTI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ2_sjX55N4o6DSYN5mAE88&google_hm=ZYipWro9b_c1NRMhTtqkgwAAFHMAAAIB&google_nid=index&google_push=AXcoOmT5E3uGzEPGkWG2kb63sXBAvBqn2g5OzBzdYV9K7bBoUIHXMRRhTEkcIsSvfbW4HcAU-46v-oeZHBIheUCN9MFOBUEzjTI
Request Chain 134
  • https://cs.media.net/cksync?type=g&google_gid=CAESENSZglYXL7VRPXKqvJpv5_Y&google_cver=1&google_push=AXcoOmQAgjEWBtErK4eteM4dOJNAwdUekxtGOvvHX5Kf4AMWOzJk_vCJgwLBNVvoL1F2WQTiONNwHy6SKWGRUQMbapjs6S77FmhC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ2NDU2NjY3ODI4Nzc4MTAwMFYxMA%3d%3d&mn_hm=MzQ2NDU2NjY3ODI4Nzc4MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQAgjEWBtErK4eteM4dOJNAwdUekxtGOvvHX5Kf4AMWOzJk_vCJgwLBNVvoL1F2WQTiONNwHy6SKWGRUQMbapjs6S77FmhC&gdpr=&gdpr_consent=
Request Chain 135
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELY_RsxDnDKTpsV1xEIGhbs&google_cver=1&google_push=AXcoOmQ68n2dxX2xHpcay1lodg-Qkx22GyNRCBoyaM3MeQbegIVIQgS6Uep0MT1w_wHTLjxOYrbtGrqIIvqM-nnbpabg5MTIyfo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ68n2dxX2xHpcay1lodg-Qkx22GyNRCBoyaM3MeQbegIVIQgS6Uep0MT1w_wHTLjxOYrbtGrqIIvqM-nnbpabg5MTIyfo&google_hm=WllpcFc4Q284WDBBQUtiRElvd0FBQUFB

146 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
www.xgcartoon.com/detail/ 		77 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9d2fecca4efe503a81b55561828639b0b327eb41fb8f18f87123dd5647a58043

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 21:57:43 GMT
etag
"13468-FN1iMy5IAUbD1vUKXtCayB6rddE"
expires
Sun, 24 Dec 2023 21:58:43 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 21:57:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73141
x-xss-protection
0
server
sffe
etag
"20620290c9309704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Dec 2023 21:57:43 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 21:57:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23125
x-xss-protection
0
server
sffe
etag
"03885caa855825de"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Dec 2023 21:57:43 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 21:57:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9459
x-xss-protection
0
server
sffe
etag
"8a483731af74fd28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Dec 2023 21:57:43 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 21:57:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14979
x-xss-protection
0
server
sffe
etag
"5c37322451a9f07d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Dec 2023 21:57:43 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 21:57:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15383
x-xss-protection
0
server
sffe
etag
"10ecb1b2e6eeaabe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Dec 2023 21:57:43 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 21:57:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4740
x-xss-protection
0
server
sffe
etag
"e23d2a0d990fab56"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Dec 2023 21:57:43 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 21:57:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10344
x-xss-protection
0
server
sffe
etag
"710c75735c511774"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Dec 2023 21:57:43 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 21:57:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32187
x-xss-protection
0
server
sffe
etag
"f62e83b3b94bc414"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Dec 2023 21:57:43 GMT
/
c.statcounter.com/12916097/0/c55d9f9f/1/ 		49 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray
83ac1a03afa90e62-MXP
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT
logo.png
www.xgcartoon.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:43 GMT
last-modified
Sun, 28 Aug 2022 14:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"3473-182e4ca3706"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
13427
expires
Sun, 24 Dec 2023 22:00:43 GMT
jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji.jpg
static-a.xgcartoon.com/cover/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c655b1dc3cfb3947af3ec7685dc9cac14010234c561bdaf017c385f553aa65

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:44 GMT
cf-cache-status
HIT
last-modified
Sun, 19 Feb 2023 11:14:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2FC43E4213D1AB2573020D56ECD5B7BA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XZhroXOCHdENUt%2BE%2FjYvT%2BthIazvKdOn2q15Xx0dszZNii8XgjvjvuljUu0fMa%2Fk%2BNFgUK8Cv5oSVnQRo9Hu9hlebSWR0%2BNq4NPpCY%2BB6II0nLHReXqZC2Tx8Kg%2BbhOxStSJ6C8wXfCkitWbo1a8QPQo8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
83ac1a054fbebadf-MXP
content-length
163176
expires
Sat, 23 Dec 2023 05:09:41 GMT
play.png
www.xgcartoon.com/img/ 		470 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:43 GMT
last-modified
Wed, 17 Aug 2022 11:09:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1d6-182ab7e5700"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
470
expires
Sun, 24 Dec 2023 22:00:43 GMT
star.png
www.xgcartoon.com/img/ 		424 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:43 GMT
last-modified
Wed, 17 Aug 2022 11:09:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1a8-182ab7e37c0"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
424
expires
Sun, 24 Dec 2023 22:00:43 GMT
shengjianxueyuandemojianshishengjianxueyuanlidemojianshiriyu-zhiruiyou.jpg
static-a.xgcartoon.com/cover/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/shengjianxueyuandemojianshishengjianxueyuanlidemojianshiriyu-zhiruiyou.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe7f8b5af893b8519fd614ca225aeb8fa85f9b27d4abf503053765115b64ac8f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:44 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 07:57:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5F254965BCA7F741CE243B234E74DD9B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZywdByXhljIRqBQsi%2B75KXlOnOm9ntpkFjajfWy280eXcZqV0gZ%2Fg7%2FaY951o5GeHvi5HR6jXLNj1x4EJdLAdgGeSIKPNCKE4KYzttDiLovcUF7nje3VauwjG%2FOhrF4oxPuuNhodx9vWVDCKE42aEQKUrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
83ac1a055fbfbadf-MXP
content-length
86372
expires
Tue, 26 Dec 2023 15:09:16 GMT
zhoushuhuizhan-jiejianxiaxia.jpg
static-a.xgcartoon.com/cover/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/zhoushuhuizhan-jiejianxiaxia.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a47408ff054278b19bb17a56b91db90a6f563f6f1c29fa5cafce25e7af03e44

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:44 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 07 Jul 2023 07:42:41 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"9F40B7D213C68FA2D767A6DA77698EFA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XB0%2BP3wqCPZbwmi%2Fia57USC21mvIq%2F3twPVGzsqngvlQlXax2RtoWTKJNSGT%2FxRAjverH%2FbJ1AXaJXu5TL6Jaad%2BnPNVKBYdANoKaz4nUjIxFjUKuE9mcR5Jmt3GIq%2BIaCYXwZToJe85FQBTqxDru9w6Ctw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
83ac1a055fc4badf-MXP
content-length
8981
expires
Tue, 26 Dec 2023 05:39:19 GMT
jialidunxixuejideyumenjialidunxixuegongzhudefanmenriyu-xiaolinhudi.jpg
static-a.xgcartoon.com/cover/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/jialidunxixuejideyumenjialidunxixuegongzhudefanmenriyu-xiaolinhudi.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b14bbe876d4550c783a01aeb8730d5e6a07a8e988b7055628cb5aa03347634

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:43 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 07:39:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
14925
etag
"E66C40E5AF277A75AB8084F28FA09B4A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUcx8unS3%2BMePDyWH6C4BnjHi3hlnQejNJC%2BQ8AIjbQUUoTL%2F24fHne7hzeL6uzp8xgojKtB4D4PFqZ3QnPB3iUqi37C72zOSJAXrW0RM7PCUYruVTyowAACB2bkBYXFTGF5VKpvbEHpTLwejikxH7MWEvA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
83ac1a055fc1badf-MXP
content-length
68584
expires
Wed, 27 Dec 2023 06:27:44 GMT
jidongzhanshigaodadi08msxiaoduijidongzhanshi08xiaoduiriyu-shilizhaofuyeyouyouji.jpg
static-a.xgcartoon.com/cover/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/jidongzhanshigaodadi08msxiaoduijidongzhanshi08xiaoduiriyu-shilizhaofuyeyouyouji.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40dd0e08680fc6d39c0ffb93eaffc0d5ca5399b9f9414ed6425e876d89b32669

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:44 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 09:32:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D59739C1308A930DC1D0E5EE4921F3B0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYvwEDB0WiZ5jABfQvwJ9OkU%2FaTKLV%2Fwo47OcJ5p93%2FzfExD7CzHPW%2Ft8eKubipHxV8lyBhrB0SlNPv90OIAJui5k%2FTfnL3LWuwRLhIqGO3%2BVwxO5LzPeocqG7yeiXdYYEfti8LA7Az7stPYYV1e8fq%2FFJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
83ac1a055fc5badf-MXP
content-length
87427
expires
Wed, 27 Dec 2023 15:27:08 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 23 Dec 2023 22:23:51 GMT
age
84832
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"a9f93cfafa19b094"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 22 Dec 2024 22:23:51 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		953 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		792 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		440 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		394 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		227 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		154 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		237 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Dec 2023 17:16:24 GMT
age
448879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63654
x-xss-protection
0
server
sffe
etag
"7d5e78ba8c7d5e5d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Dec 2024 17:16:24 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Dec 2023 06:27:05 GMT
age
574238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3942
x-xss-protection
0
server
sffe
etag
"4694a1430564add5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 17 Dec 2024 06:27:05 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		39 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=468009388&ga_cid=amp-4PpudNcojFrWY6O8AIrSLw&ga_hid=9388&dt=1703455063932&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji&bdt=384&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f663b814fe9fe6eff5a25bf5a4a8cc55cd555cbbd19d9c522fc5ea5e1c1485d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16040
x-xss-protection
0
google-lineitem-id
-1
x-qqid
CNCJ-s-IqYMDFeeR_Qcd9YIB1A
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 24 Dec 2023 21:57:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=855&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=468009388&ga_cid=amp-4PpudNcojFrWY6O8AIrSLw&ga_hid=9388&dt=1703455063933&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji&bdt=385&dtd=12&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3d85069356016486364db5829946de6148408ee00de3827eec749b4c12309d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
google-mediationgroup-id
-2
x-creativesize
120x600
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13684
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CPX87s-IqYMDFSPFuwgd2VEJ7w
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138351399062
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 24 Dec 2023 21:57:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=468009388&ga_cid=amp-4PpudNcojFrWY6O8AIrSLw&ga_hid=9388&dt=1703455063933&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji&bdt=385&dtd=12&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4eea7c35e45f1e15de08f19f9a1b6fb39961a74ab411ecfdbba38521081d455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
120x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13703
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CLqK78-IqYMDFX-j_QcdouYBTA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138351399041
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 24 Dec 2023 21:57:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=468009388&ga_cid=amp-4PpudNcojFrWY6O8AIrSLw&ga_hid=9388&dt=1703455063933&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji&bdt=385&dtd=13&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20f6a46bf404a5841dbbcd881b03ccaf23d291340d83169c2d8fad4160c42270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
336x280
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13714
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CK2S78-IqYMDFe_FuwgdbNoPUA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324663412
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 24 Dec 2023 21:57:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=1033&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=468009388&ga_cid=amp-4PpudNcojFrWY6O8AIrSLw&ga_hid=9388&dt=1703455063933&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji&bdt=385&dtd=13&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
765b22fb9014a3a3e717b722842dc8338d01bbacad4c16463365e7882d7f1306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
google-mediationgroup-id
-2
x-creativesize
728x90
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13704
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CISV78-IqYMDFXTRuwgdiCIG7w
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027453313
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 24 Dec 2023 21:57:44 GMT
container.html
060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
googleanalytics.json
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Dec 2023 16:06:47 GMT
age
280257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"e666ca0e175b1b23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 20 Dec 2024 16:06:47 GMT
ga4.json
www.xgcartoon.com/js/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
AMP-Same-Origin
true
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:44 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 10:49:40 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"11d8-187c255423d"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cache-control
max-age=180
accept-ranges
bytes
expires
Sun, 24 Dec 2023 22:00:44 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=9388&cid=amp-4PpudNcojFrWY6O8AIrSLw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fjidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji&dr=&dt=%F0%9F%8D%B4%E6%A9%9F%E5%8B%95%E6%88%B0%E5%A3%AB%E9%AB%98%E9%81%94%E3%80%90%E5%8A%87%E5%A0%B4%E7%89%88%E3%80%91%E9%9B%B7%E9%9C%86%E5%AE%99%E5%9F%9F%EF%BC%88%E6%A9%9F%E5%8B%95%E6%88%B0%E5%A3%AB%E6%95%A2%E9%81%94%E3%80%81%E9%8B%BC%E5%BD%88%20%E9%9B%B7%E9%9C%86%E5%AE%99%E5%9F%9F%E6%88%B0%E7%B7%9A%EF%BC%89BANDIT%20FLOWER%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1703455065&sct=1&seg=1&_et=1000&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 08ED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:45 GMT
expires
Mon, 23 Dec 2024 21:57:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 19DB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:45 GMT
expires
Mon, 23 Dec 2024 21:57:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B19 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:45 GMT
expires
Mon, 23 Dec 2024 21:57:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C7CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:45 GMT
expires
Mon, 23 Dec 2024 21:57:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C119 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:45 GMT
expires
Mon, 23 Dec 2024 21:57:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
widget.js
widgets.outbrain.com/n2d/widget/ Frame 08ED 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
86d45e218fa301b4e1f81d6ecad50c1a8f847e669aa2d9c91f0b487ceb56b67f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
gzip
content-length
13570
last-modified
Thu, 21 Dec 2023 11:55:58 GMT
server
AkamaiNetStorage
etag
"0870125456b597823ee2a02abcdfe5cb:1703160319.705865"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 25 Dec 2023 01:57:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 08ED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 20:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
4546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 20:41:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 08ED 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
72206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 01:54:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 08ED 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
214801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Dec 2024 10:17:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 08ED 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 19DB 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ae56bf7ed6a1b512a9e91eb3a9bde38a640f12e9cb2305fa22c27c672eee48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10276
x-xss-protection
0
server
cafe
etag
7421675374042392167
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 19DB 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 19DB 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjqq5ZWdsqgYhyNbBMBS6of9Mcnqk-UqDpH3QPu7dAPM0XrB1MzxiH_LB_WJ6_K3j-QFZz9wa_z6WuiRmcB94__ROToq7oFcUtJPTdCAViXmTqufX4BPm2crgLxERjkI6Q6o9OdKOqHD4Hqqnkslb5YHpceJ3yAiOQKkaaT1aUYI-RVeJmaNCa4U-7N-OujputPBvVA0KvfMCaWaYV8RMjGRMto9vSyLNKh67drkAhdLf-nbZgmAP4-UB0UVyJGFi1wdUKZ3QPwKfhYMRqmelKFNWgs_nKd4t_MA8JBvrloXcMDLZukykBSfvDHi8GA6J1P5H6eGLMpHhDXGHzGChiW78CgadBMxRS3V4PqtBKlNTzBKk3fngPnXZGZ64uxixI-JtOOSF7xB4Bg5-wTA&sai=AMfl-YTH40nkAhosiNrvjYWfIWgQN_pVZo6vEIEAlaJKe0Oh80eGSzuf4h77BLkPvcHmtV5Ii-YeBzrwyaBXlQs&sig=Cg0ArKJSzHKyYPu4Y4jMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 21:57:45 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 4B19 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ecba293bbe768ad2ed68b2ebf4c8005b461ec9931529b164ecdd24b95c4eb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10281
x-xss-protection
0
server
cafe
etag
15207393576646646684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4B19 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B19 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv41LHamc3Zi0sDjyF8-nnkgnYXSj_-oAyzXtQsl6DmcPw5f6VB3tcDusz_Gzu520hEuXiFlXGHZlJ4OOfdoAIH7da4G8sshz4BePgqC6Wp_PJVHaoqhpBO7cTdwXLQzYipEJ12IhOrKKIulCzapUis1RIg4JieeA9-1LsLELQcwd5RfBOo4f97qJ4uKri9NAky_2gOWjKGmE2Ec3VXH9XbtkEj6Xy7Ma8eDlGqrSyqThEMPzERNmxtNUhE2JB7-MPEDENCQCy51oOh3zuUNbuxs1_KGFGlyWxvoIy0dJy61ZAJ0YpBTeMOvTR9eYPway-cciV36sCi-ZCRye3DD88X2T4-bKL6BzHhCHuoYk2AjO3mzaHBX51aRY6qh22QcgNB61yRAAffUtvNSNxm&sai=AMfl-YRcnFqBaY-Xn3KiRVsv6-TvIdgWA9-8RoPEtuCU3H3fKnop1LeF151AuM6dQLxZxrU8Yd7rRg9darn7NNw&sig=Cg0ArKJSzNV38n-lrIDVEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 21:57:45 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C7CE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
214801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Dec 2024 10:17:44 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C7CE 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ecba293bbe768ad2ed68b2ebf4c8005b461ec9931529b164ecdd24b95c4eb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10281
x-xss-protection
0
server
cafe
etag
15207393576646646684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C7CE 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C119 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
214801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Dec 2024 10:17:44 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C119 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ecba293bbe768ad2ed68b2ebf4c8005b461ec9931529b164ecdd24b95c4eb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10281
x-xss-protection
0
server
cafe
etag
15207393576646646684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C119 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 08ED 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 23 Jan 2024 21:57:45 GMT
date
Sun, 24 Dec 2023 21:57:45 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
b1t-eudc1.zemanta.com/t/imp/impression/W6A5RGPINA4SVSOA3I5XUDSSD5ZCQG5VF7QCD4XWDVYQKXU4NSQL5ZX32BWGCURPEWZUC23QJEVGMNAKHRFSOADX5QMALHVIFOXMHHFPW2RNBI5HQXEVHNY7BTNW6Z4NTPS35TCAPQRXQBAIX56NNXVTSZ6HOV... Frame 08ED 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/W6A5RGPINA4SVSOA3I5XUDSSD5ZCQG5VF7QCD4XWDVYQKXU4NSQL5ZX32BWGCURPEWZUC23QJEVGMNAKHRFSOADX5QMALHVIFOXMHHFPW2RNBI5HQXEVHNY7BTNW6Z4NTPS35TCAPQRXQBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5A4QAUSIREDQK2JFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWNE52KR6WTMP3G6ENXUS3CDXNFPL6UBIBCT4UXR3WRJPKBVYL6VOPFL6Q6A5NODPR6KO7EPUHYQD3VQ/?
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 21:57:45 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
0aee8a2ffe083c2e2cd0b56c86bc6928c4.png
zem.outbrainimg.com/p/srv/sha/77/c7/72/ Frame 08ED 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/77/c7/72/0aee8a2ffe083c2e2cd0b56c86bc6928c4.png?fit=crop&crop=faces&w=180&h=90&fm=jpg
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
24d18bcf8211d5ae00302987ae9d022aa37207d9adf7209fea35a98b52612c4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
2083615
x-cache
HIT, MISS, HIT
x-imgix-id
17580994ae37060fdac910812b5fb148904c3c2d
cross-origin-resource-policy
cross-origin
content-length
8452
x-served-by
cache-sjc10044-SJC, cache-fra-eddf8230045-FRA, cache-fra-etou8220097-FRA
x-imgix-render-farm
01.140328
last-modified
Thu, 30 Nov 2023 19:10:50 GMT
server
imgix
x-timer
S1703455065.408466,VS0,VE2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
truncated
/ Frame 08ED 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2055d4682c7dc0752f6133c4e79a324014e4ca26a1f96022bdd2705438419337

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C7CE 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst26UifNLoPid9smSKxT5cwBxTJQNdkDugtX7VrL_bgrbGhlgTkoZCwkZMLtO4bh6wJFe_h67PlHLbGa8gAf60aDnNCppIVK1CWHX0YvMaz4poCnwqDwQqccT4GogN8-iii2C0BQ2oQMIFs3EN-VlcPRTpGI-_O5iI3NfuV0_WJFyfRYQsAbURH_MZbSS4HqN7xNhGJ1XVXlbpGmVVb7mN-iskUV8SiXApvx6SxOlS3CNJ0VDlz64MvjTR2KW3tWSmEXES4Dl6hsjDt36MQurO4Jbp3BMw8NuIsdB4ELV6cByEuEWhIV4vI2Cpi6_ZFsLUFeFbCY9Dee4MAGkUrn_ntZJRIB-OO5F7ZcPQdK-AiLNBqgQvXZccsVFrty2PVg1QXUsbcjaG5BrcrVWW8&sai=AMfl-YTCQN3CI8QuMYErJapBU8Lr04B0hBIbpD8mjgDeEkt1HizBHAwyOK1MfQL9avKKkOW8RLh9g4PFD213i-E&sig=Cg0ArKJSzJv4pyZFrZlnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C119 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCVWlNUedzUbueoBLFJB3HdGoZ8pD9afbmxmN4qeLEHvx6KwRoyCRwmeZ7GZaHbq_93QdeHzTQi3bhBaWdbKc-h6gcTKEZjIk2qzhqJThLZWfK6lyI_33rIQ2pXZUxsvBWHTpVrEyvsb7xuqvga9nc1l728TSMjXQGOWybiIVJs8ufjuqOVUUwW9xFCJyRZwpBj41Pg4HDIVsGt8LBTEgsnHoX2ID1rLyGkD7sDd3NgmBIgYzJFUrv37AutqCFs7ErpJHnljXC0ktj11bSIJBn3uI5jb6Oa-eZ0hdGbUX42h6LlGhF9gaQTWldlJAl6mUyvGDG39omSeVowSGMlq8irzwl8s-GEAap1fuXRyFu8fcfNG-T42JUHBvjnq-9ZSr7qOvCCrOxIJuojuU1IA&sai=AMfl-YRL4fM74OKCYUCm2jzYcJjSQsNmdvWKEwXJG-WCJUp_sspR1JpqxK6AMhtF-3wbalJqIZgFTyf5hl4bvTY&sig=Cg0ArKJSzOQQijHVp3G_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
URL: https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 19DB 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b27f9a154b4c1992617995da1b88ad1b4e8aacfc31b0f3359141b350ef4a29e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51239
x-xss-protection
0
server
cafe
etag
2479606642327209870
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4B19 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
507cf8d108ea1c02ceeb5e54b26cd2a663c15d7e8f73ba131e0612aa4fb3d869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51238
x-xss-protection
0
server
cafe
etag
17734499181957742928
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C7CE 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61ecdba64380f902d45682665e446b83b21a57ecd2c7452ea47f7947cdb0942a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51242
x-xss-protection
0
server
cafe
etag
1362128435964382072
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C119 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ff7ff41927ffd98320c602cf33a38b1af45c8a2836120d08f4d41b064961ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51238
x-xss-protection
0
server
cafe
etag
11084595041191469102
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 08ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9fEGWKmIZdD9Deej9u8P9YWGoA3XrJyCbsrq_Lz9EMCNtwEQASAAYPUFggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQngAgCoAwHIAwKqBPoCT9AQchjcTaqAgMC5dUFEXiKRBFvwKn0vGcX7H4cm11pXblM80cHIzWCag5YDXKObBfCEnzgVJkHSF7PuniSs26fxe8TnKSG4-jCLBvTH9eB431zLW9JV3MKevcgcpQDpfG8zthL3__0yUujsFs7KjoGsfk6sO2rJmjXAMMhSvx6yjH7rYPotfrhxH2kkIWEO5tdMEzQxb79JxbnrAn9A978JH7RBu7GQoxI4uwHorZqqIZ83JGuCQkWavvSXkIo2CJuyn5WHO7c-jXL5xqWUlYbKm8GbxXVxqFiw3XeFtBy5SRTDvYHTDX9NMGsSXAdVxetW2N3WjybnasL5lxK13StrZ6aPEFEbHm6jy6RRHW3T1xFh-pKJW6r3XnOFVdBo0L22S1GNqFlwvCgDWtm7pc8HfjBZ0msQ5HCG9aLc_RyQ3EdVq5y7PcsWCGYuSYf0U_c5FPH02zkWpKJYm9AUB0OFNK2YP_3nD3k_TKxB8_sEGyDAit86L6Bu4AQBgAb6hfnvkKbCuuIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKvh7s-IqYMDgAoD-gsCCAGADAHiDRMIuY3vz4ipgwMV55H9Bx31ggHU0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=RGXvWo5lD38&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf_MnOjB9NMiXCul2wQzOX1XQ2ycnkP8hgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
b1-eudc1.zemanta.com/bidder/win/googleadx_display/7778e725-a2a7-11ee-9d24-0590bddfef56/ZYipWAADftAH_ZHnAAGC9RlJEeYlfmUFI4XPEQ/OSL63XYHIDJQ7E5FJVEQ4K2GYTIBSNFMNDB64NPUREDT4KLDAZYFTMEO2CJUKEOX54PQXZK... Frame 08ED 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/7778e725-a2a7-11ee-9d24-0590bddfef56/ZYipWAADftAH_ZHnAAGC9RlJEeYlfmUFI4XPEQ/OSL63XYHIDJQ7E5FJVEQ4K2GYTIBSNFMNDB64NPUREDT4KLDAZYFTMEO2CJUKEOX54PQXZKWTHIY5YRP3F77VSRTM7IPFAGFYSRXIGGEUW2FYBDVY6INB752WRNLUU2WFZAHZUZOMTY6I4TCWPZQWREISQYOKEEE4UWTRMXVG525AB3K7JANIMXHA22DA6TLCO6HQP2SZJDVEUZPYDKMR77FFD4EZC2PDLPW64UAUJY3Z2HIMVRMMXPRFERGQBYSIJ66562TDGILKUO6C7RBPPIMDNHI2PKZFFFXMRGS3JJPTBTEPJDWSZK45IHBBXGTH27JZQDANYOVDTLDLCSQLTP373A5RXOPC2FLTLZCTTFBXOZFI7T4LM32WBNYFF3OU4FA4SBBH7ZSC3Q6EAUISUF7XOVVAODUHA2ATWLHXFOA2D2RA5KYADAQBAOHS7LFBHXOJJWUTQ2EPHI7PXADEAR4JZ5J3CKG5KD3Q7XKTGWIAHDA47YKMWVAKKSMN6RT/?amtw=&cbvp=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 24 Dec 2023 21:57:45 GMT
Content-Length
0
truncated
/ Frame C119 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64f1326537134424af5d971f0c1e6dab6960278b432e0d2105f71da4938fe8a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 19DB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1e4dd7d0a7d76d64cd47a7293a125a55b24836f8b81b112ca038dbabe317852

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 19DB 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
698bcb134accc02c2a6d8ea90c2bb1eed8ac90ebbd55ddb99441cf9898c99733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137924
x-xss-protection
0
server
cafe
etag
11781895738544162849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame C257 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
81532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Sat, 06 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 4B19 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137924
x-xss-protection
0
server
cafe
etag
12092095142277381491
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame C7CE 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
698bcb134accc02c2a6d8ea90c2bb1eed8ac90ebbd55ddb99441cf9898c99733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137924
x-xss-protection
0
server
cafe
etag
11781895738544162849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame C119 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
698bcb134accc02c2a6d8ea90c2bb1eed8ac90ebbd55ddb99441cf9898c99733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137924
x-xss-protection
0
server
cafe
etag
11781895738544162849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:45 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6375 		603 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046731&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065338&bpp=163&bdt=148&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2884240352&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320885&oid=2&pvsid=4498352084104870&tmod=1917028976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktfhb8brq4je&fsb=1&dtd=381
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0531 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065410&bpp=140&bdt=220&idt=386&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4047894944&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=4390902465437407&tmod=413608648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8gpnzauppoq1&fsb=1&dtd=395
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9A34 		24 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ab5c8dd7168a1903d4a6e6467745d39f5ac2a9c5cab07d287ec5230829463ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11517
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FE1C 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046729&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065412&bpp=187&bdt=222&idt=522&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4047894944&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44785294%2C95320869%2C95320885&oid=2&pvsid=2909463998820045&tmod=971625820&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rw7l1opmq2ui&fsb=1&dtd=525
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 19DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUSRNNpqPxQ6x5nLGiUwirt2q2rt8Th8qMEjT7S8vkdVCnMOaDic2ggweZoJw4a9IiJwmJoXxqayB51EnUyWeyzmSG5BDyO-S1lWgcwn5EYBVywy33kQkHXfJiUh-MqrY0Grlr2MKq9S4MLrXFvahjvvszg-7XYIu9zXQSK3B4nxp3f9sI1v_trZ0M_sbLvCpsih3_Jn6JGqzqBbwjiWyh7ZtHJC0PSe7qykDHqKeOXYCRyose8F8S2WsNvqKX7yGqNi47acpdzfd7PoulJZFW_SOn3odChXbguZf9ZR5mnHt2Du2mEgwDmamv8IoT8iTUZEH0lcZMHvW9eEPeC-HbRsnUfR0Y5Zu1XQsyL45KBHfwSCic4fBrW77HDzDw5RuJWOrlB42ZEx-SLrogn_6S&sai=AMfl-YSv9fN1O7JM_EQLHIqYsgL-BfX9oZ-7ZNdRcZE2Lj5glB9SoPkpVOcJaewLINCUt0yAr5pMaJNm6zGrc7Y&sig=Cg0ArKJSzKkahF5zgZO6EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 21:57:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 19DB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1e103392ea991bc63f9c8c29c574961aa49cce855469ef466891b3120403667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12144
x-xss-protection
0
/
b1t-eudc1.zemanta.com/t/imp/view/W6A5RGPINA4SVSOA3I5XUDSSD5ZCQG5VF7QCD4XWDVYQKXU4NSQL5ZX32BWGCURPEWZUC23QJEVGMNAKHRFSOADX5QMALHVIFOXMHHFPW2RNBI5HQXEVHNY7BTNW6Z4NTPS35TCAPQRXQBAIX56NNXVTSZ6HOVWAHYFI... Frame 08ED 		26 B
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/W6A5RGPINA4SVSOA3I5XUDSSD5ZCQG5VF7QCD4XWDVYQKXU4NSQL5ZX32BWGCURPEWZUC23QJEVGMNAKHRFSOADX5QMALHVIFOXMHHFPW2RNBI5HQXEVHNY7BTNW6Z4NTPS35TCAPQRXQBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5A4QAUSIREDQK2JFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWNE52KR6WTMP3G6ENXUS3CDXNFPL6UBIBCT4UXR3WRJPKBVYL6VOPFL6Q6A5NODPR6KO7EPUHYQD3VQ/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
Date
Sun, 24 Dec 2023 21:57:46 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
/
b1t-eudc1.zemanta.com/t/imp/view/W6A5RGPINA4SVSOA3I5XUDSSD5ZCQG5VF7QCD4XWDVYQKXU4NSQL5ZX32BWGCURPEWZUC23QJEVGMNAKHRFSOADX5QMALHVIFOXMHHFPW2RNBI5HQXEVHNY7BTNW6Z4NTPS35TCAPQRXQBAIX56NNXVTSZ6HOVWAHYFI... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/W6A5RGPINA4SVSOA3I5XUDSSD5ZCQG5VF7QCD4XWDVYQKXU4NSQL5ZX32BWGCURPEWZUC23QJEVGMNAKHRFSOADX5QMALHVIFOXMHHFPW2RNBI5HQXEVHNY7BTNW6Z4NTPS35TCAPQRXQBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5A4QAUSIREDQK2JFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWNE52KR6WTMP3G6ENXUS3CDXNFPL6UBIBCT4UXR3WRJPKBVYL6VOPFL6Q6A5NODPR6KO7EPUHYQD3VQ/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD, GET, OPTIONS
Access-Control-Allow-Origin
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
Access-Control-Max-Age
600
Connection
keep-alive
Date
Sun, 24 Dec 2023 21:57:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B19 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzoo6Gyub6a_J4qHFaA-vdGV_NzI_rBG9e8xuimfQ09Ai4vFehaUiTEcjbdMycZsVEdFlyrH0KImEc2cnzUnbOpoRo0OIKxhScD8mqAp0Y3tBnXXnIedovL3ZKnc9uQO_S8kMTadNQdegK-7B--QBG6uhEChrv0QCYNJd1wweHfYb4xRcLwDEKtjjbOF7kSX4_0TGjtkjrU-I118tBwuKzvxWstsZkFJK0IUAqzxUGClPfbLnxvdV-9R5-2KCxh_QG6DZp_dQiSmmfOWBrWas6d6K9e40QpUj5Q2V95omnpgJzpxoYrTapMJ1qo1L37fweDo9OdsYw-ldKJu1RABpLtmsnpEkSeFN-eBmdfc_-V9CgFKgsQvoFxND3GcbFdF-NhcQaxSUg0fXSZmzxeRQ&sai=AMfl-YRYa80Ur9nkBFUlavqqzIj-HjsuU5-VxGB8YF33FLBggaijYsWsgPnBL_PdN38d0NQyffmm5V8-3lvklSM&sig=Cg0ArKJSzPqdA5G9HVvvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 21:57:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4B19 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e67e3f305f97fe4aee4e45d650fba96b7bc8c5a378b55d00984241600878927c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12317
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A34 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4hwoZLhV4KyxCukP-bJLf8xm3V7Uca3mjsX9sUJ7b8mWPxBMJGs8jVSAAUOqTWdVxPynFwU9JFk7tKqWHnwd4umYtxrQpVPMcKuD9Nx1SaLQ0vi4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9A34 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9A34 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 20:41:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
4547
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 20:41:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9A34 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
72207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 9A34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaEY8khNGiRj6oDdK8CqCjMkc_ckEODqmiH1aMSVrLWlpfylMuRN73vKbrNseRxWc7hmCia9KMSd1wSztenC4AJ2CgfA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9A34 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 21:57:46 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6C2C 		478 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNXePQin3LJDmbWaxG8obXpfM6i8h0c0xxTPEoIw81KCrQFg5e1_-b7JpKlxLw7VbPNJNwYsTQajzczPqjcgMq4-WHJVkg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4B19 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 21:57:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 19DB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 21:57:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C7CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVrRiKr7EJYm-u1zEtXT3OBclqxHYHwrrOnPqlMtak584EhE00O_qPK-D6MknmphFPaSgABxpy6U1Z-qHo7L1DwTrEY9cWu5YbjBo23lXl30Yvwv1FhXpZfSxaKg2M1_hs-YoSlU4C3SrDcV_HYKdvi6SdZ2pZM_Ng2YNsVEv46tsuCoKD_XY2sie2YHuCkCvSz0hFJqHIHUw_Z9nqPlQq9sQ5OS7mqd6ooxRlUPfVhpk25lj4oF3dRPEaIkIP3477IlhTQRvPV5aL2bI8OhJlcqp20LSaThTT4jO6CUIdCYEgAr21gAqIBtVOmqWt9XRUH7Tigg7nCi0_M_kv-2dNFTsBsdh16mxiPshyoemmWB0bJUUlcPl4zsxhJ-NIWGSSNmeN4fOcpDO9t_83tpQ&sai=AMfl-YRPEsEovCnmfI9vt7wM_E3QjnojM3pt4xjSnA8Zl8optRaabnax9MMAciAlUXZRFPPvzxqD_gPnQQChwrs&sig=Cg0ArKJSzOTxw-9_QkKaEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 21:57:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C7CE 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c78948e5c4e140eed85dedab8ba7511a9a5015376943c5facfac5712b0eb466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12342
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 08ED 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvextADkl4Uuo3nRefyUK6NoBgyhkXxRqdau5C_G0kzUVLngQunI7UGYGMXNqey1elJqbihDF-rRJCMw9I5kuoFWgZWkUNEf0SBGiHbmLxRlHThLKqwPkYR&sig=Cg0ArKJSzFGR3QxmJwerEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703455065114&rpt=330&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 88BA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
29954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 13:38:32 GMT
expires
Mon, 23 Dec 2024 13:38:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 22AD 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ef8ef2878bbdd32b444d66065acdb5841e6d19ea6d46b1d62e3df327d6f381c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UIrRE9JYdrV2p_h_-66Qyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UIrRE9JYdrV2p_h_-66Qyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:46 GMT
expires
Sun, 24 Dec 2023 21:57:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7FE8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
29954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 13:38:32 GMT
expires
Mon, 23 Dec 2024 13:38:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D638 		829 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b25ad4d523b279ed46bdd0c7d5d60e9bc517b135cd9f1c80bf262140cf08f9c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ruD20_tkWC1GvyKBuKGBUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ruD20_tkWC1GvyKBuKGBUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:46 GMT
expires
Sun, 24 Dec 2023 21:57:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 6C2C 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNXePQin3LJDmbWaxG8obXpfM6i8h0c0xxTPEoIw81KCrQFg5e1_-b7JpKlxLw7VbPNJNwYsTQajzczPqjcgMq4-WHJVkg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6C2C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECW1np-vbSbo-rD7BB3okkY&google_cver=1
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECW1np-vbSbo-rD7BB3okkY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNXePQin3LJDmbWaxG8obXpfM6i8h0c0xxTPEoIw81KCrQFg5e1_-b7JpKlxLw7VbPNJNwYsTQajzczPqjcgMq4-WHJVkg
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwRNdQNMNGGkkjLekYy%2FZCKf9838pbxegfl2NHHnmzfMNtqVGeup4Eku1Ey0X0tw8SY69nZqok1KNMjUyDe4Mtg2yYN5p37NZxZHWwRyawVZgdeiD6BqGNB1vLFAM9l0JAW%2Bmp%2F9J9P%2F%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83ac1a167eaa0221-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECW1np-vbSbo-rD7BB3okkY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6C2C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYipWro9b-c1NRMhTtqkgwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECW1np-vbSbo-rD7BB3okkY&google_cver=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECW1np-vbSbo-rD7BB3okkY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCooNGLAxiQ0qOAAjAB&v=APEucNXePQin3LJDmbWaxG8obXpfM6i8h0c0xxTPEoIw81KCrQFg5e1_-b7JpKlxLw7VbPNJNwYsTQajzczPqjcgMq4-WHJVkg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1%2F9vVINl6u9AV3XPEEO62SwrxOxS1TY%2FY%2Fg4ouQTyeIKGyls8XsrrIRpLQCPeTamreGtHyKQXzDvFks1mx%2BUrKBe1NSLjg5jggIPYrGNXlQwS4W%2BVx9VmF533BGh1b95ze3crE6f8M86Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83ac1a170faf01db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECW1np-vbSbo-rD7BB3okkY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 88BA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:29:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
1675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Dec 2024 21:29:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A34 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2353032604123&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A34 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2353032604123&version=m202309260101&ct=119&x=1&cor=7995899919274809000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9A34 		90 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXPSCKdHr3oB2v-WYQP-sp9N_F34vh0W1lvVV662SjVcxMPC0pQ87Ibiau8DX91jH7kZLK-aKJlj1JaO3tNdn2eztTIXnJJQahmu1A_fw8eHKvEAtkLMEqE--LcAmDIiNyILojcxeoJAw0WCYmxOgjixDW-jC15_JEof-8pWXSi3lqRHd9oTYGeREngqgoUjIXFFPx&cry=1&dbm_d=AKAmf-A3mQLMVvPNHeWubgQM-wZEs_OIhcl_RSlJ6hTi8SMklPsd717VJcLodui8On0DT_UU0_XKKEPyd19qHgQJ92UZk9JxtbF1BnGsS514pXZYYpPixOa7UmS_VcR5zPAm2iJEMZPoeCR6k-hH8mtKjfazPJ3iZTELnqw9cVpwvFLhp4z5_8deneDRyWsQhXr1r-BrYPthdDpmW_6oiNgJMu2u7rS_BtWqrAJ0HAiF57rWAzG0QrD824qZTWVFPuCoWbvfq3nnmhwH1LJ7GYa8FDsw10E8JcOex9hxMlgj7g-HtVAJpxQGM5Vdn5EVCE5ee432-kn0h9Sjexr_zIa2LLqCIJqHNgP_CJDwDQnOCmpN-yu1zHEWZaIlzLS8OhqaSE-2ZnQufISjTNbcEMyFhFeoS_FSKtyhDGUoFmgVgNcutCukUlKLssLQR-s0tL8yERercK3GUDYGhH6uREYqThbO-ORbhyXImV35o3EarbspB0JRFgC94Z5RcTeL0yJgHoWra7aKeY0_0pnxzwfkUu7cvKXmvrEs-_VqzjaG7cq-MEYxjGVUHaf7CQ30Ypgpv3ZQkaJXhSy9rrhzvjViflauKGsiGhzIiADtINkMTpTn0t_8QVIdkiJZiES8A9lRm0-pVuiSj6As2IpPUh89c3qjwTGSVYu0oKrd7UAPHSvO8mmO12Wa0a__doJoMxlsvLuGhxwRBk8eIvZkd0F-mH3ozoqn-gXP_d3cnjJoyv1BmzpqO6A82lMMeC15LwBIGyIj6uwX1fstSdmndjvIngLizBw3cCVW5f30JeDHRPKhnWSctePnoo0ldmjzKhBQPn5770HGZTF24yU43iMIgO_p5rhefP6XTkCuS65y6B95CDcSEd4QPUVpPqZYXJsqxGs-DzjptWKZQlWGCUy7cd8HUGv3AB2yZzgR5A0L0pli2u_ilzjuCiE3qcZVPpKfNP8jPDnJZKEmRas5hqATnw7fc7mJHpJOZQosoziX9-qEYxc1gLpQ6ewsKOa2hDgz_AdIhf4ifBwpRzUKdlICBED0vGNMvP5oz_0LomlJZO9BS1-pRfPIXG7Ry-KMwFoEJS_YVq3wxoulDtJeKHZtI_ZM3tlU2ce6x1-mg1TbKR7jo7tGI8_kNgDE_oMP8bstlCCT4JVZ2P19bhsA-MM36hl502nmULgPKZ5zwvSlu8kW-Vz4f3CMtcQoLuBjYJrFyWJLZeDMagAUXWyfQM541SSs0oh1cQ0C7VnTlVIFr_usXuSZFA8oDg-qWpDUe0DlYxrttZbcZgSZZidccS2Veu3Ksk9QvcwHBhT8SX-TrnMocfuEWGjjNPQU2KoNoSOnHP0bxnIP8aAVZci6d7afHjXtQQjl4sspKFTG28Xeq_aBzhM_v8BvPO62KEtRau9s4G3y3K2226HqHTDAMrdXMi475oOqNxx_jSbCqssrdFiwERH9giZ2sYCH36GnQvceN30_vFH6GOfJDNSsmdFvMpWfp5j56kELpEvpz99CnZdJhXOLStvXUqUNnBXF3gQJ7pWdxLeAccTEMKUFkCgTTeMaHqOcmKl02OMYV-ehTpWJWN9wHL8ULW33liup6LgMZlmY93ByT3C0zYESRr0xS6rYBkCeF_eT7tgmnEgDyHitaVHiEisdoo1u6j2HHmdj7_PKK9W_xPbRATyKxqd7o3hdcxe75a5qCF0xlwDK70ZFFji3hL5OUGut8w0AASsQXRd7fdGsfbmdrWNdLyoFccMmGVDxees3BGfhmSoZvE-AY7SkRa1N8RuoXYLWPns84_0vtGGv_r9R3eNABuAT0JbkEENeb2jrqtXrYKzu4NzwYwULPk_Uy3eNc0iIXT8eJG1BFFJeuyJICoyxJlntb4Hsi4fgRyEVfkrwlUL84JNChVogHKbve6WpxJ6txCn2hTTwbXiyaS6gllUlrXB9O0Ero8KFabC73tZPFLYxDLYTylBfA-VZXcHVf_xFzXFELznSeRaWSiRlRxehH_1tBH7NejCSoL6rt99QFtAc4OH56BaLm1tjsb7pOOXvpek70N-2UX9v85b_oMM0rB9Tspc5BtIp7UnOdX_xP4_5F9NEK1HclEiVbA_kGfxBP-a4sqAWXQsXzmUf6wsnRkG5eRZ9YEXsVrjZLgS6KaMqZC7huzVYq1MngIBQqkKdgVd2d6NkQXCvjzbDQY-YkGSI27-i8L6CSXgsAQqLO1PeWMEYVgKi7Znt24OoHjZYZPRM_uoMBe7J-iviqwNv-ROQDcwhiflLI4WdyrZc1oN3jE9A0YLeeOL7KrLurUv80D6KPx4Iio-nDxSMLJxp7gz5JobL2psXK2IfKBXDJixeA0FuONrv6bqcRHigNSG7gF7cVcnQQf9yQcHr7v5jZuWNd_p4ANhQ00H3Zak8EpLo6zPOY9rJVX3x93Kmw3iuJrYMlbRiEwwrzjbt4t_mXGF9sVny1-SSr8Dk2oSQbBjwmQlyd_5OyXjzT5AZHgRFWvyyaGeFWJG3-kAk7a7QkjEqEJcBFbEIt0vwgM5hoEFSVvfpN2DzzP28_MMu4pNBSezqgfckLwMQONgXSIncGe7KqmrwwOsvbjYtQBMcyzzjxrecIbizwa_NZmhNtHt6K2AArkg2DE8jY8-ZSB6eQzLOnJ9y_KKXV5DqmTgHzVb3qvpiYLQeFiBkM-k3LFnVX_YMmS3wKpJH71eOupoqDAA_wWQA2rruqb3h1fY1zzyDSgkABS4wrnI5y3aK0fqSt4SCPKR5-5Xoi9hM-5ZoRHNIUvLyMoudIO_36W_gtuHuxLtCUtLWIV7wRr7MiviBrTP7exPoGPnip5AVmKbWIZ3KFaLvFWURcTGc3Kr56-5wENZYmxEJwH-A47Z8vluz9wak8X9pJ1VGuVL9JdfcJ1bZwqGAqFGMIFKaDG9_V0PgJ1Ox0dm_MERKxYxiVgLWJdKry6V1FRwgLc_XgFxWANglURSeENqxPwVQ9tHhH47LLfsfBiSxz---Wzg9wFAlMh3dbsFDnqUREnBavVFx-iHLod6_pgPWhIVyQYEISBoRudpIYAE248Ijyg8e_NJpDa3EovA_rUHktbcaJqxm7jnzowQk8AjyzR0cgiZUMB_d19eArH_FoZj8K6OWMlNdmJvzEjFI6iKRJhpMHc49SihiadnbQT8C8WMPM7V-4MVH4yYmSOFfw5T9hTP5rTVTozaVbd8SNJRKrVxcpkyNbnTjRNLQZ2KrigZHhCHoh2Hb-RMt6Zj9KnwH8kSyLhN8nQLFzakiXz183Lnf9bwRBRkh18DE3CqCfup4j9ZIMQkXFSLnFKtPpUtXTCpd-6dKDMnBhy9O3-NxYlnb3oPH1RBrqj1xFSthHLouGKcusz9o0HLUPRaIvKb2hoHIJ5O5R3tWfLZ_3fAmelcNwjx4hhZdRiGc2L4CPMNrOD82Tsv3weT-Ltj3XOaFY0j4vrf42pkbhKaC6xvhIIrUfQepo-v5X5VWdUBS6T8E0LZVt1cOS3881_WzwHLaoimPT6pnVFdBmx56-oHmUmv9rh0aPzFuJk5WA_IVV5BryoCrCEs6mg7ZI1QWYYLvZ0SoFiqO7-aru6wb3wiRngZIMRuGGeji9SOJbAFF2agOklsz4QaoJOpocqzjgGy6vZOJKhO_o4g1H0nEDjRNRdEqFi_uYOaQkg5k8zwoaEuOGp9Q9oHbXu2DoSXhHKaYLKseM0Fwppxyr5UEHrQ-DGZ2u6M94Fc_WVpIuQT8Ww0z-oU9du-RPzgVOjDY18c4exCKSgZoOTg1cdew3NTWR1pfP7uuTAljBd2nbGKFW1mbTeV4-wC8y1YXL7I8hS26ObWOotkbD5Eel_6Y3Qxs&cid=CAQSKQAvHhf_5ffSjxBmBLCpksQyARTmXH2NNFfze2EG9rLYrVMB6TP2T8GFGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=7995899919274809000&adk=1761367584&idt=99&cac=0&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d459e7217d77c1366998152177c93851a7123f0c0d2b8261e42c200f1ab2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38321
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C7CE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 21:57:46 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7FE8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:29:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
1675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Dec 2024 21:29:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 22AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4390902465437407&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D638 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4498352084104870&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4694 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
29954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 13:38:32 GMT
expires
Mon, 23 Dec 2024 13:38:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D98E 		829 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
288ca5f8ba706ed101a61c05ab8a3f1faa382e8a283076d85de5776cecbb34e8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5xDvycpSgtWJ8fnh7YBtQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5xDvycpSgtWJ8fnh7YBtQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:46 GMT
expires
Sun, 24 Dec 2023 21:57:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 88BA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ITBRpw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 7FE8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zA3sDg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D98E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2909463998820045&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4694 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:29:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
1675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Dec 2024 21:29:51 GMT
generate_204
tpc.googlesyndication.com/ Frame 4694 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gknTsw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 9A34 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 20:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Dec 2023 20:46:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 9A34 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXPSCKdHr3oB2v-WYQP-sp9N_F34vh0W1lvVV662SjVcxMPC0pQ87Ibiau8DX91jH7kZLK-aKJlj1JaO3tNdn2eztTIXnJJQahmu1A_fw8eHKvEAtkLMEqE--LcAmDIiNyILojcxeoJAw0WCYmxOgjixDW-jC15_JEof-8pWXSi3lqRHd9oTYGeREngqgoUjIXFFPx&cry=1&dbm_d=AKAmf-A3mQLMVvPNHeWubgQM-wZEs_OIhcl_RSlJ6hTi8SMklPsd717VJcLodui8On0DT_UU0_XKKEPyd19qHgQJ92UZk9JxtbF1BnGsS514pXZYYpPixOa7UmS_VcR5zPAm2iJEMZPoeCR6k-hH8mtKjfazPJ3iZTELnqw9cVpwvFLhp4z5_8deneDRyWsQhXr1r-BrYPthdDpmW_6oiNgJMu2u7rS_BtWqrAJ0HAiF57rWAzG0QrD824qZTWVFPuCoWbvfq3nnmhwH1LJ7GYa8FDsw10E8JcOex9hxMlgj7g-HtVAJpxQGM5Vdn5EVCE5ee432-kn0h9Sjexr_zIa2LLqCIJqHNgP_CJDwDQnOCmpN-yu1zHEWZaIlzLS8OhqaSE-2ZnQufISjTNbcEMyFhFeoS_FSKtyhDGUoFmgVgNcutCukUlKLssLQR-s0tL8yERercK3GUDYGhH6uREYqThbO-ORbhyXImV35o3EarbspB0JRFgC94Z5RcTeL0yJgHoWra7aKeY0_0pnxzwfkUu7cvKXmvrEs-_VqzjaG7cq-MEYxjGVUHaf7CQ30Ypgpv3ZQkaJXhSy9rrhzvjViflauKGsiGhzIiADtINkMTpTn0t_8QVIdkiJZiES8A9lRm0-pVuiSj6As2IpPUh89c3qjwTGSVYu0oKrd7UAPHSvO8mmO12Wa0a__doJoMxlsvLuGhxwRBk8eIvZkd0F-mH3ozoqn-gXP_d3cnjJoyv1BmzpqO6A82lMMeC15LwBIGyIj6uwX1fstSdmndjvIngLizBw3cCVW5f30JeDHRPKhnWSctePnoo0ldmjzKhBQPn5770HGZTF24yU43iMIgO_p5rhefP6XTkCuS65y6B95CDcSEd4QPUVpPqZYXJsqxGs-DzjptWKZQlWGCUy7cd8HUGv3AB2yZzgR5A0L0pli2u_ilzjuCiE3qcZVPpKfNP8jPDnJZKEmRas5hqATnw7fc7mJHpJOZQosoziX9-qEYxc1gLpQ6ewsKOa2hDgz_AdIhf4ifBwpRzUKdlICBED0vGNMvP5oz_0LomlJZO9BS1-pRfPIXG7Ry-KMwFoEJS_YVq3wxoulDtJeKHZtI_ZM3tlU2ce6x1-mg1TbKR7jo7tGI8_kNgDE_oMP8bstlCCT4JVZ2P19bhsA-MM36hl502nmULgPKZ5zwvSlu8kW-Vz4f3CMtcQoLuBjYJrFyWJLZeDMagAUXWyfQM541SSs0oh1cQ0C7VnTlVIFr_usXuSZFA8oDg-qWpDUe0DlYxrttZbcZgSZZidccS2Veu3Ksk9QvcwHBhT8SX-TrnMocfuEWGjjNPQU2KoNoSOnHP0bxnIP8aAVZci6d7afHjXtQQjl4sspKFTG28Xeq_aBzhM_v8BvPO62KEtRau9s4G3y3K2226HqHTDAMrdXMi475oOqNxx_jSbCqssrdFiwERH9giZ2sYCH36GnQvceN30_vFH6GOfJDNSsmdFvMpWfp5j56kELpEvpz99CnZdJhXOLStvXUqUNnBXF3gQJ7pWdxLeAccTEMKUFkCgTTeMaHqOcmKl02OMYV-ehTpWJWN9wHL8ULW33liup6LgMZlmY93ByT3C0zYESRr0xS6rYBkCeF_eT7tgmnEgDyHitaVHiEisdoo1u6j2HHmdj7_PKK9W_xPbRATyKxqd7o3hdcxe75a5qCF0xlwDK70ZFFji3hL5OUGut8w0AASsQXRd7fdGsfbmdrWNdLyoFccMmGVDxees3BGfhmSoZvE-AY7SkRa1N8RuoXYLWPns84_0vtGGv_r9R3eNABuAT0JbkEENeb2jrqtXrYKzu4NzwYwULPk_Uy3eNc0iIXT8eJG1BFFJeuyJICoyxJlntb4Hsi4fgRyEVfkrwlUL84JNChVogHKbve6WpxJ6txCn2hTTwbXiyaS6gllUlrXB9O0Ero8KFabC73tZPFLYxDLYTylBfA-VZXcHVf_xFzXFELznSeRaWSiRlRxehH_1tBH7NejCSoL6rt99QFtAc4OH56BaLm1tjsb7pOOXvpek70N-2UX9v85b_oMM0rB9Tspc5BtIp7UnOdX_xP4_5F9NEK1HclEiVbA_kGfxBP-a4sqAWXQsXzmUf6wsnRkG5eRZ9YEXsVrjZLgS6KaMqZC7huzVYq1MngIBQqkKdgVd2d6NkQXCvjzbDQY-YkGSI27-i8L6CSXgsAQqLO1PeWMEYVgKi7Znt24OoHjZYZPRM_uoMBe7J-iviqwNv-ROQDcwhiflLI4WdyrZc1oN3jE9A0YLeeOL7KrLurUv80D6KPx4Iio-nDxSMLJxp7gz5JobL2psXK2IfKBXDJixeA0FuONrv6bqcRHigNSG7gF7cVcnQQf9yQcHr7v5jZuWNd_p4ANhQ00H3Zak8EpLo6zPOY9rJVX3x93Kmw3iuJrYMlbRiEwwrzjbt4t_mXGF9sVny1-SSr8Dk2oSQbBjwmQlyd_5OyXjzT5AZHgRFWvyyaGeFWJG3-kAk7a7QkjEqEJcBFbEIt0vwgM5hoEFSVvfpN2DzzP28_MMu4pNBSezqgfckLwMQONgXSIncGe7KqmrwwOsvbjYtQBMcyzzjxrecIbizwa_NZmhNtHt6K2AArkg2DE8jY8-ZSB6eQzLOnJ9y_KKXV5DqmTgHzVb3qvpiYLQeFiBkM-k3LFnVX_YMmS3wKpJH71eOupoqDAA_wWQA2rruqb3h1fY1zzyDSgkABS4wrnI5y3aK0fqSt4SCPKR5-5Xoi9hM-5ZoRHNIUvLyMoudIO_36W_gtuHuxLtCUtLWIV7wRr7MiviBrTP7exPoGPnip5AVmKbWIZ3KFaLvFWURcTGc3Kr56-5wENZYmxEJwH-A47Z8vluz9wak8X9pJ1VGuVL9JdfcJ1bZwqGAqFGMIFKaDG9_V0PgJ1Ox0dm_MERKxYxiVgLWJdKry6V1FRwgLc_XgFxWANglURSeENqxPwVQ9tHhH47LLfsfBiSxz---Wzg9wFAlMh3dbsFDnqUREnBavVFx-iHLod6_pgPWhIVyQYEISBoRudpIYAE248Ijyg8e_NJpDa3EovA_rUHktbcaJqxm7jnzowQk8AjyzR0cgiZUMB_d19eArH_FoZj8K6OWMlNdmJvzEjFI6iKRJhpMHc49SihiadnbQT8C8WMPM7V-4MVH4yYmSOFfw5T9hTP5rTVTozaVbd8SNJRKrVxcpkyNbnTjRNLQZ2KrigZHhCHoh2Hb-RMt6Zj9KnwH8kSyLhN8nQLFzakiXz183Lnf9bwRBRkh18DE3CqCfup4j9ZIMQkXFSLnFKtPpUtXTCpd-6dKDMnBhy9O3-NxYlnb3oPH1RBrqj1xFSthHLouGKcusz9o0HLUPRaIvKb2hoHIJ5O5R3tWfLZ_3fAmelcNwjx4hhZdRiGc2L4CPMNrOD82Tsv3weT-Ltj3XOaFY0j4vrf42pkbhKaC6xvhIIrUfQepo-v5X5VWdUBS6T8E0LZVt1cOS3881_WzwHLaoimPT6pnVFdBmx56-oHmUmv9rh0aPzFuJk5WA_IVV5BryoCrCEs6mg7ZI1QWYYLvZ0SoFiqO7-aru6wb3wiRngZIMRuGGeji9SOJbAFF2agOklsz4QaoJOpocqzjgGy6vZOJKhO_o4g1H0nEDjRNRdEqFi_uYOaQkg5k8zwoaEuOGp9Q9oHbXu2DoSXhHKaYLKseM0Fwppxyr5UEHrQ-DGZ2u6M94Fc_WVpIuQT8Ww0z-oU9du-RPzgVOjDY18c4exCKSgZoOTg1cdew3NTWR1pfP7uuTAljBd2nbGKFW1mbTeV4-wC8y1YXL7I8hS26ObWOotkbD5Eel_6Y3Qxs&cid=CAQSKQAvHhf_5ffSjxBmBLCpksQyARTmXH2NNFfze2EG9rLYrVMB6TP2T8GFGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=7995899919274809000&adk=1761367584&idt=99&cac=0&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 21:44:08 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 9A34 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXPSCKdHr3oB2v-WYQP-sp9N_F34vh0W1lvVV662SjVcxMPC0pQ87Ibiau8DX91jH7kZLK-aKJlj1JaO3tNdn2eztTIXnJJQahmu1A_fw8eHKvEAtkLMEqE--LcAmDIiNyILojcxeoJAw0WCYmxOgjixDW-jC15_JEof-8pWXSi3lqRHd9oTYGeREngqgoUjIXFFPx&cry=1&dbm_d=AKAmf-A3mQLMVvPNHeWubgQM-wZEs_OIhcl_RSlJ6hTi8SMklPsd717VJcLodui8On0DT_UU0_XKKEPyd19qHgQJ92UZk9JxtbF1BnGsS514pXZYYpPixOa7UmS_VcR5zPAm2iJEMZPoeCR6k-hH8mtKjfazPJ3iZTELnqw9cVpwvFLhp4z5_8deneDRyWsQhXr1r-BrYPthdDpmW_6oiNgJMu2u7rS_BtWqrAJ0HAiF57rWAzG0QrD824qZTWVFPuCoWbvfq3nnmhwH1LJ7GYa8FDsw10E8JcOex9hxMlgj7g-HtVAJpxQGM5Vdn5EVCE5ee432-kn0h9Sjexr_zIa2LLqCIJqHNgP_CJDwDQnOCmpN-yu1zHEWZaIlzLS8OhqaSE-2ZnQufISjTNbcEMyFhFeoS_FSKtyhDGUoFmgVgNcutCukUlKLssLQR-s0tL8yERercK3GUDYGhH6uREYqThbO-ORbhyXImV35o3EarbspB0JRFgC94Z5RcTeL0yJgHoWra7aKeY0_0pnxzwfkUu7cvKXmvrEs-_VqzjaG7cq-MEYxjGVUHaf7CQ30Ypgpv3ZQkaJXhSy9rrhzvjViflauKGsiGhzIiADtINkMTpTn0t_8QVIdkiJZiES8A9lRm0-pVuiSj6As2IpPUh89c3qjwTGSVYu0oKrd7UAPHSvO8mmO12Wa0a__doJoMxlsvLuGhxwRBk8eIvZkd0F-mH3ozoqn-gXP_d3cnjJoyv1BmzpqO6A82lMMeC15LwBIGyIj6uwX1fstSdmndjvIngLizBw3cCVW5f30JeDHRPKhnWSctePnoo0ldmjzKhBQPn5770HGZTF24yU43iMIgO_p5rhefP6XTkCuS65y6B95CDcSEd4QPUVpPqZYXJsqxGs-DzjptWKZQlWGCUy7cd8HUGv3AB2yZzgR5A0L0pli2u_ilzjuCiE3qcZVPpKfNP8jPDnJZKEmRas5hqATnw7fc7mJHpJOZQosoziX9-qEYxc1gLpQ6ewsKOa2hDgz_AdIhf4ifBwpRzUKdlICBED0vGNMvP5oz_0LomlJZO9BS1-pRfPIXG7Ry-KMwFoEJS_YVq3wxoulDtJeKHZtI_ZM3tlU2ce6x1-mg1TbKR7jo7tGI8_kNgDE_oMP8bstlCCT4JVZ2P19bhsA-MM36hl502nmULgPKZ5zwvSlu8kW-Vz4f3CMtcQoLuBjYJrFyWJLZeDMagAUXWyfQM541SSs0oh1cQ0C7VnTlVIFr_usXuSZFA8oDg-qWpDUe0DlYxrttZbcZgSZZidccS2Veu3Ksk9QvcwHBhT8SX-TrnMocfuEWGjjNPQU2KoNoSOnHP0bxnIP8aAVZci6d7afHjXtQQjl4sspKFTG28Xeq_aBzhM_v8BvPO62KEtRau9s4G3y3K2226HqHTDAMrdXMi475oOqNxx_jSbCqssrdFiwERH9giZ2sYCH36GnQvceN30_vFH6GOfJDNSsmdFvMpWfp5j56kELpEvpz99CnZdJhXOLStvXUqUNnBXF3gQJ7pWdxLeAccTEMKUFkCgTTeMaHqOcmKl02OMYV-ehTpWJWN9wHL8ULW33liup6LgMZlmY93ByT3C0zYESRr0xS6rYBkCeF_eT7tgmnEgDyHitaVHiEisdoo1u6j2HHmdj7_PKK9W_xPbRATyKxqd7o3hdcxe75a5qCF0xlwDK70ZFFji3hL5OUGut8w0AASsQXRd7fdGsfbmdrWNdLyoFccMmGVDxees3BGfhmSoZvE-AY7SkRa1N8RuoXYLWPns84_0vtGGv_r9R3eNABuAT0JbkEENeb2jrqtXrYKzu4NzwYwULPk_Uy3eNc0iIXT8eJG1BFFJeuyJICoyxJlntb4Hsi4fgRyEVfkrwlUL84JNChVogHKbve6WpxJ6txCn2hTTwbXiyaS6gllUlrXB9O0Ero8KFabC73tZPFLYxDLYTylBfA-VZXcHVf_xFzXFELznSeRaWSiRlRxehH_1tBH7NejCSoL6rt99QFtAc4OH56BaLm1tjsb7pOOXvpek70N-2UX9v85b_oMM0rB9Tspc5BtIp7UnOdX_xP4_5F9NEK1HclEiVbA_kGfxBP-a4sqAWXQsXzmUf6wsnRkG5eRZ9YEXsVrjZLgS6KaMqZC7huzVYq1MngIBQqkKdgVd2d6NkQXCvjzbDQY-YkGSI27-i8L6CSXgsAQqLO1PeWMEYVgKi7Znt24OoHjZYZPRM_uoMBe7J-iviqwNv-ROQDcwhiflLI4WdyrZc1oN3jE9A0YLeeOL7KrLurUv80D6KPx4Iio-nDxSMLJxp7gz5JobL2psXK2IfKBXDJixeA0FuONrv6bqcRHigNSG7gF7cVcnQQf9yQcHr7v5jZuWNd_p4ANhQ00H3Zak8EpLo6zPOY9rJVX3x93Kmw3iuJrYMlbRiEwwrzjbt4t_mXGF9sVny1-SSr8Dk2oSQbBjwmQlyd_5OyXjzT5AZHgRFWvyyaGeFWJG3-kAk7a7QkjEqEJcBFbEIt0vwgM5hoEFSVvfpN2DzzP28_MMu4pNBSezqgfckLwMQONgXSIncGe7KqmrwwOsvbjYtQBMcyzzjxrecIbizwa_NZmhNtHt6K2AArkg2DE8jY8-ZSB6eQzLOnJ9y_KKXV5DqmTgHzVb3qvpiYLQeFiBkM-k3LFnVX_YMmS3wKpJH71eOupoqDAA_wWQA2rruqb3h1fY1zzyDSgkABS4wrnI5y3aK0fqSt4SCPKR5-5Xoi9hM-5ZoRHNIUvLyMoudIO_36W_gtuHuxLtCUtLWIV7wRr7MiviBrTP7exPoGPnip5AVmKbWIZ3KFaLvFWURcTGc3Kr56-5wENZYmxEJwH-A47Z8vluz9wak8X9pJ1VGuVL9JdfcJ1bZwqGAqFGMIFKaDG9_V0PgJ1Ox0dm_MERKxYxiVgLWJdKry6V1FRwgLc_XgFxWANglURSeENqxPwVQ9tHhH47LLfsfBiSxz---Wzg9wFAlMh3dbsFDnqUREnBavVFx-iHLod6_pgPWhIVyQYEISBoRudpIYAE248Ijyg8e_NJpDa3EovA_rUHktbcaJqxm7jnzowQk8AjyzR0cgiZUMB_d19eArH_FoZj8K6OWMlNdmJvzEjFI6iKRJhpMHc49SihiadnbQT8C8WMPM7V-4MVH4yYmSOFfw5T9hTP5rTVTozaVbd8SNJRKrVxcpkyNbnTjRNLQZ2KrigZHhCHoh2Hb-RMt6Zj9KnwH8kSyLhN8nQLFzakiXz183Lnf9bwRBRkh18DE3CqCfup4j9ZIMQkXFSLnFKtPpUtXTCpd-6dKDMnBhy9O3-NxYlnb3oPH1RBrqj1xFSthHLouGKcusz9o0HLUPRaIvKb2hoHIJ5O5R3tWfLZ_3fAmelcNwjx4hhZdRiGc2L4CPMNrOD82Tsv3weT-Ltj3XOaFY0j4vrf42pkbhKaC6xvhIIrUfQepo-v5X5VWdUBS6T8E0LZVt1cOS3881_WzwHLaoimPT6pnVFdBmx56-oHmUmv9rh0aPzFuJk5WA_IVV5BryoCrCEs6mg7ZI1QWYYLvZ0SoFiqO7-aru6wb3wiRngZIMRuGGeji9SOJbAFF2agOklsz4QaoJOpocqzjgGy6vZOJKhO_o4g1H0nEDjRNRdEqFi_uYOaQkg5k8zwoaEuOGp9Q9oHbXu2DoSXhHKaYLKseM0Fwppxyr5UEHrQ-DGZ2u6M94Fc_WVpIuQT8Ww0z-oU9du-RPzgVOjDY18c4exCKSgZoOTg1cdew3NTWR1pfP7uuTAljBd2nbGKFW1mbTeV4-wC8y1YXL7I8hS26ObWOotkbD5Eel_6Y3Qxs&cid=CAQSKQAvHhf_5ffSjxBmBLCpksQyARTmXH2NNFfze2EG9rLYrVMB6TP2T8GFGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=7995899919274809000&adk=1761367584&idt=99&cac=0&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
72836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 01:43:50 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9A34 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
186758
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 18:05:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 57A2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
45856
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 09:13:30 GMT
etag
48472445140208031
expires
Mon, 25 Dec 2023 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9A34 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a93db92e6b1731ce808e5f77b60790dce07c4dfa5eecf216b491b5e891462882

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0641 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
477859
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 09:13:27 GMT
expires
Wed, 18 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 57A2
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEPi8GgIIldrdz5i2wpcTRNU&google_cver=1&google_push=AXcoOmQ1AJMXiMEFF-evIBLFuMj48ks5UGH1c8XR7q1EOnEyXXH3zER7Z-iJKP8HEgKLYfyxr_bbyP8...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQ1AJMXiMEFF-evIBLFuMj48ks5UGH1c8XR7q1EOnEyXXH3zER7Z-iJKP8HEgKLYfyxr_bbyP8xRf1txKLoBaZ16MWCL96D&google_hm=knUNAETmRX2eN_Xi4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQ1AJMXiMEFF-evIBLFuMj48ks5UGH1c8XR7q1EOnEyXXH3zER7Z-iJKP8HEgKLYfyxr_bbyP8xRf1txKLoBaZ16MWCL96D&google_hm=knUNAETmRX2eN_Xi4t9UIN0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQ1AJMXiMEFF-evIBLFuMj48ks5UGH1c8XR7q1EOnEyXXH3zER7Z-iJKP8HEgKLYfyxr_bbyP8xRf1txKLoBaZ16MWCL96D&google_hm=knUNAETmRX2eN_Xi4t9UIN0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 57A2
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEC54ulETFgGN1wZ-JQBcdB0&google_cver=1&google_push=AXcoOmTGm7TU0nqVJwEC4ZNN3iQyggu6gWUiItAo_qyUUKDuED8vTKeRBb8l-_0PFEsxgIM4KlmYu...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTGm7TU0nqVJwEC4ZNN3iQyggu6gWUiItAo_qyUUKDuED8vTKeRBb8l-_0PFEsxgIM4KlmYuTQ-OeeFXQ7I3vAt1uGAUXao&google_hm=cTFFMV85ZW5kSFlxdEJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTGm7TU0nqVJwEC4ZNN3iQyggu6gWUiItAo_qyUUKDuED8vTKeRBb8l-_0PFEsxgIM4KlmYuTQ-OeeFXQ7I3vAt1uGAUXao&google_hm=cTFFMV85ZW5kSFlxdEJVem56VTZYOWVFT1lF&from_google=sp1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 21:57:47 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTGm7TU0nqVJwEC4ZNN3iQyggu6gWUiItAo_qyUUKDuED8vTKeRBb8l-_0PFEsxgIM4KlmYuTQ-OeeFXQ7I3vAt1uGAUXao&google_hm=cTFFMV85ZW5kSFlxdEJVem56VTZYOWVFT1lF&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 57A2
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESECGgTEocpexmnd6-7mfSZCw&google_cver=1&google_push=AXcoOmTRO17j67Z83RYLPIlW5QNeivSBTS4x2QiGfi7JDy-FnnIhhnvFPz0xkatsfQBYw_HkxiXnTwm2NOzRA4MAQRRIL3dYyoc
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bVV5dVpUanpDUkcyTGJLUVc2bUlaUQ%3D%3D&google_push=AXcoOmTRO17j67Z83RYLPIlW5QNeivSBTS4x2QiGfi7JDy-FnnIhhnvFPz0xkatsfQBYw_HkxiXnTwm2NOzRA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bVV5dVpUanpDUkcyTGJLUVc2bUlaUQ%3D%3D&google_push=AXcoOmTRO17j67Z83RYLPIlW5QNeivSBTS4x2QiGfi7JDy-FnnIhhnvFPz0xkatsfQBYw_HkxiXnTwm2NOzRA4MAQRRIL3dYyoc
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 24 Dec 2023 21:57:47 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bVV5dVpUanpDUkcyTGJLUVc2bUlaUQ%3D%3D&google_push=AXcoOmTRO17j67Z83RYLPIlW5QNeivSBTS4x2QiGfi7JDy-FnnIhhnvFPz0xkatsfQBYw_HkxiXnTwm2NOzRA4MAQRRIL3dYyoc
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
242
pixel
cm.g.doubleclick.net/ Frame 57A2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEKzQnlLX1O4dRz5VEwo7Xg8&google_cver=1&google_push=AXcoOmSfGnF_5JybPwEWtLweGUAXrfXD29E2IEF4pKKsO0u9Ogelwwsnzw40BTvZ7PgeK0-KEou_yVv2pPQAj5QYg...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEKzQnlLX1O4dRz5VEwo7Xg8&google_cver=1&google_push=AXcoOmSfGnF_5JybPwEWtLweGUAXrfXD29E2IEF4pKKsO0u9Ogelwwsnzw40BTvZ7PgeK0-KEou_yVv2pPQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSfGnF_5JybPwEWtLweGUAXrfXD29E2IEF4pKKsO0u9Ogelwwsnzw40BTvZ7PgeK0-KEou_yVv2pPQAj5QYgrAzEJnErAmn&google_hm=iAXE56egS0m12U...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSfGnF_5JybPwEWtLweGUAXrfXD29E2IEF4pKKsO0u9Ogelwwsnzw40BTvZ7PgeK0-KEou_yVv2pPQAj5QYgrAzEJnErAmn&google_hm=iAXE56egS0m12UySbymd7g==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSfGnF_5JybPwEWtLweGUAXrfXD29E2IEF4pKKsO0u9Ogelwwsnzw40BTvZ7PgeK0-KEou_yVv2pPQAj5QYgrAzEJnErAmn&google_hm=iAXE56egS0m12UySbymd7g==
date
Sun, 24 Dec 2023 21:57:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 57A2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ2_sjX55N4o6DSYN5mAE88&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ2_sjX55N4o6DSYN5mAE88&google_hm=ZYipWro9b_c1NRMhTtqkgwAAFHMAAAIB&google_nid=index&google_push=AXcoOmT5E3uGzEPGkWG2kb63sXBAvBqn2g5Oz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ2_sjX55N4o6DSYN5mAE88&google_hm=ZYipWro9b_c1NRMhTtqkgwAAFHMAAAIB&google_nid=index&google_push=AXcoOmT5E3uGzEPGkWG2kb63sXBAvBqn2g5OzBzdYV9K7bBoUIHXMRRhTEkcIsSvfbW4HcAU-46v-oeZHBIheUCN9MFOBUEzjTI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiHrRBaGjUIf1da777kGCxQzksmyq2rlMeovbfz%2FePoRWQ8wIB0flPayNirB%2BB1%2BHhEXhqTnS0fqlOPG5FIJspxlJFh0%2Bsw2le3w0ltOX8f1%2Fj%2F5vWz1hmf7FFwzpuU9VtoturMJrTDhDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ2_sjX55N4o6DSYN5mAE88&google_hm=ZYipWro9b_c1NRMhTtqkgwAAFHMAAAIB&google_nid=index&google_push=AXcoOmT5E3uGzEPGkWG2kb63sXBAvBqn2g5OzBzdYV9K7bBoUIHXMRRhTEkcIsSvfbW4HcAU-46v-oeZHBIheUCN9MFOBUEzjTI
cache-control
no-cache
cf-ray
83ac1a1889950221-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 57A2
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESENSZglYXL7VRPXKqvJpv5_Y&google_cver=1&google_push=AXcoOmQAgjEWBtErK4eteM4dOJNAwdUekxtGOvvHX5Kf4AMWOzJk_vCJgwLBNVvoL1F2WQTiONNwHy6SKWGRUQMbapjs6S77FmhC
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ2NDU2NjY3ODI4Nzc4MTAwMFYxMA%3d%3d&mn_hm=MzQ2NDU2NjY3ODI4Nzc4MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQAgjEWBtErK4eteM4dOJNAwdU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ2NDU2NjY3ODI4Nzc4MTAwMFYxMA%3d%3d&mn_hm=MzQ2NDU2NjY3ODI4Nzc4MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQAgjEWBtErK4eteM4dOJNAwdUekxtGOvvHX5Kf4AMWOzJk_vCJgwLBNVvoL1F2WQTiONNwHy6SKWGRUQMbapjs6S77FmhC&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 21:57:47 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ2NDU2NjY3ODI4Nzc4MTAwMFYxMA%3d%3d&mn_hm=MzQ2NDU2NjY3ODI4Nzc4MTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQAgjEWBtErK4eteM4dOJNAwdUekxtGOvvHX5Kf4AMWOzJk_vCJgwLBNVvoL1F2WQTiONNwHy6SKWGRUQMbapjs6S77FmhC&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 24 Dec 2023 21:57:47 GMT
pixel
cm.g.doubleclick.net/ Frame 57A2
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELY_RsxDnDKTpsV1xEIGhbs&google_cver=1&google_push=AXcoOmQ68n2dxX2xHpcay1lodg-Qkx22GyNRCBoyaM3MeQbegIVIQgS6Uep0MT1w_wHTLjxOYrbtG...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ68n2dxX2xHpcay1lodg-Qkx22GyNRCBoyaM3MeQbegIVIQgS6Uep0MT1w_wHTLjxOYrbtGrqIIvqM-nnbpabg5MTIyfo&google_hm=WllpcFc4Q284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ68n2dxX2xHpcay1lodg-Qkx22GyNRCBoyaM3MeQbegIVIQgS6Uep0MT1w_wHTLjxOYrbtGrqIIvqM-nnbpabg5MTIyfo&google_hm=WllpcFc4Q284WDBBQUtiRElvd0FBQUFB
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 24 Dec 2023 21:57:47 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESELY_RsxDnDKTpsV1xEIGhbs&google_cver=1&google_push=AXcoOmQ68n2dxX2xHpcay1lodg-Qkx22GyNRCBoyaM3MeQbegIVIQgS6Uep0MT1w_wHTLjxOYrbtGrqIIvqM-nnbpabg5MTIyfo","cluster_id":0,"gdpr":false,"ipv4":"185.195.71.221","key":"ZYipW8Co8X0AAKbDIowAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad355"}
X-SO-Key
ZYipW8Co8X0AAKbDIowAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad355
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ68n2dxX2xHpcay1lodg-Qkx22GyNRCBoyaM3MeQbegIVIQgS6Uep0MT1w_wHTLjxOYrbtGrqIIvqM-nnbpabg5MTIyfo&google_hm=WllpcFc4Q284WDBBQUtiRElvd0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad355.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
185.195.71.221
attr
cm.g.doubleclick.net/pixel/ Frame 57A2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jhiz8StQgQ8Z4BSjJ7bH5a42VDda_4U4Jxy9064GZpdZ7uLN1MNtw3JBGPw1rvKIS-htiB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0641 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:29:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
1675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Dec 2024 21:29:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9A34 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst98zELY_rnnvJgKRwKiOXE8BSwuzxZ7qOhntHuOSwKWYpYl49BPyOVVuiZ_4odXAvxEUna-giL5N5FMzztFitsCHUQDsA0CUgTr9xOc_J_Rh-bTbjPkCvoXddis6MaIPi-UyZuHc16esjb_6xv2Clz8PGSvc9QvppRPnDMB41BdAR4Lq02Jjo9H6OutLbo7LpFkoA6RyYkmOHzNUrZWFpvQl5qhMdbkjobSAcGj7LHff6qoE15zrk5sV33ZlRLbXWyB-7YmKB_Qk-pMIGiN-gf6V5fqrG00xOq70VGfyaHnD8R-pP2cAWEAlTp944TkecP02nk1cX4HzGkKMiXsrrkyrK338od2iuNcb6jyK4GIjebrjUliBhSaPNVffiPXlBQJUTKw1RkUf1gzftg2Q0q5s8XpvGhBA501WFwpsdcE1cdrQP6qo_GlO4WIZwC6RToYY7iNjoSsjUR5ctYWX0f_f0zIg5AgihV-TynmUWWJ3Y68stUC_Zzb9yfRdaUpp7mgtvE1zKu63BikwNjALFpDf_BSkHlF7lW5OjGaQopwiU14-TteKHqdkFXLVvjE0g4ZDY_rdN5YcsLwhuA9t7eG0nR0EUbwuN8lyrV6rZf7MZVGFLvIG23rf-ysN3tbuocpvOWghmDKeELsxDDR48GoXtyrDabwnerwlipV35SEIm_Y-dJ6d529OiRLC9RklIVuiVPcnIbZ5NdTvt1SIRCLtSDnIkSIitXILv1fmTC4Lz3pm5qd0B93nMr9Nl8gEDc5f5oenmMnCqUAK0GuiHHf6wSGgiN3f3_RnKac3y62Eqksd2ww9wEMjDlmFMJomZq-Olh-7Y-cpCapmFkdo1fFpvP5UtUP3UXVGwgbnSU3Ly-wHz5ra_b8UEPlZbcBa9GpR8gihOQ7KwcRyDkk5imjem-co-Hlp4gbbhjHBGn0oSZw6AALaN31RyUpOYQb0_BfjATcjtZyzgWetZ57SVi9l7If-RbMGmRXAkdZ4ctH9YWOn_osbj2HYzjx3yq-Chda_2jALabGQLg41d3izwxTi0_sL_YFmYV7iUG-h0e6rl3zDQwVMfvLW6bVwg5oqxFuZDGdiDBej0RcPKs8TC8Biv75WJZ25eYVw1aQI2e6PPJ0n4BnF_qOIqkP61pJQMUL7KUSo2Ew4sD3YT8zViXJPIlMzSbHhS5fsWeYF00BiI0emE9_YgwCEhz9UdxFNwHJpXIg1htGR13l2LvHZ7lytlCh1ehL9zBHmUaSVn8bzLWwHgwMLQSzNVnRxu9YnD5mjdvLpsRAWLEcsiUNUyzFX-7neRcs1bT4cZKWwTxDVJqxQQzu6wNFRoEhG7-hnep0UDm3X8G&sai=AMfl-YRWoowcivsc2vtIEGRsAbBmAzAGSSs6H_cnVBV2LnHrEFKGmlTcdOXFeUw74nVSJtTZyCCD0-2-vbFak_80qttU3w2NSiBEPxycVJZiFZWjTwCW8mG-SSki40SHqe1jIEXkhAqHAqj0TXOyM8HusHzqI01hl76cihgZS-mK6jsJdj8S2SYNaP_7E4fCOgAThTnAQqMyb-qU&sig=Cg0ArKJSzMH8Ljuz9TBsEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=186&cbvp=1&cisv=r20231207.40285&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 24 Dec 2023 21:57:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
12846158605548682008
s0.2mdn.net/simgad/ Frame 9A34 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12846158605548682008
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0fb85ae75acb3d64c6228059ba66a899a7844a7a04fa9878c4b73415805f612
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 21 Dec 2024 01:56:01 GMT
date
Fri, 22 Dec 2023 01:56:01 GMT
x-content-type-options
nosniff
age
244906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47381
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 12:49:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0641 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BprzlWqmIZcrxI9ygjuwPq6SKuAQAAAAAOAHgBAI&bg=!0NOl05zNAAY3kmNgF5I7ADQBe5WfOJgFUP2ESl6fvTSpAfON7vdd3Hhj0ak3mGXc2ofutjozE1wJQUMrS4WaJZjBiJCpAgAAAEdSAAAAAmgBB5kDL8BNQArSLKnpDCUXKMXwKl1AgZgvkUzOQW8g-A0X38al5V4ViElKTon1rT8-fNVhO3jh_i0ZRLm5pBE2n3sN0GapbyPY5DwOfOr1nChMA7YT6iWMCg7xb2MufvJRJ51oCLnTGq7aT0PJpypYTkq-GcjGYzgnHcheDNyl7zHtLkwELDIAWcEi0RsSVRkjpC5UwACsmGE_xfc1iEtCxguoVoNrnvFvM2wjMyJuKCSSwleq2cp_KID-4qbVxzc02Ixa7g4Jy8SWng_0ds6o8GtTo6Adxmjz58dChJj5Kg25rOvpthzy0U2j_heKFWNW9HfX56tGeAXH1WN3D4O1H7qg9ICM-bAw4-4ipKokfmN-IAWFsHU-6ODSjkhBqQ7pQxRRJBPsN6NU9e4a3UlGXdodXzBql3OHnaeAgZBVODyQb7mnAkmEVX68nWOTRi-uS0oRr6AGu8K_5MKsdVRHTJLsO5uTZMMy2U5oTK4BY_r5dYPzvnLeXqx6Xv2wj91G9NBt4f6BfloiWjcT-saRKKFceLIm410rQsdv624MNRy4FZahDiLt6EfvwEOHopRc0umlvn0-pvJyFcMw60GPqVsCnil1B3SfnZY3kJTbUGE5BB8mSmszBI3h22Gu4Jwl0AbNcV8LVsFkHKLmaU6kwWb58hdUvrpSo248LocshHaL0Q0miJFB8ONpzhO2ufQT4Xwe9IV-TO65gsrcU0MMgOyKMRWdbbhx8FOCbGvR4VzjZVxaNOVFNo6YWZObDK2wV34ObuzIEWhUChW_UNn9La_7PS6zHUkjQW8zGbBqsH77KC1NtjSANr0W_pBWSdriiRss0wSOhQh2N-Bpb3j0WHcwqHk9bpb9maXpCTWT8oUMQ4Vf6bwdvsa42gDN0MCfDKH2w9HcAICcjEdaeCEMpPfU3r10S7vbszKN9tpapfzFj8WW1L6wWqe2-R-vNdKfIKSepmM9zXhC6BXT7ZeNMO6MOWgyoe1V_8KUZpLiiPzKxysQRB9LBOUpjNgXXgszTDGeedzn4LdyaAkNGhupncZMW8Dt9hwS0zimO3l1HpTW71F24NQP7PBwTryjL9OoWzQu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703455065413&bpp=229&bdt=222&idt=485&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=9388&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=2885407685&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C95320885&oid=2&pvsid=3717400706011164&tmod=336928635&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lbq4222ormou&fsb=1&dtd=489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4B19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4390902465437407&bg=!MjGlMX7NAAY3kmNgF5I7ADQBe5WfOGho9KSmgcMg2Y1f0Qg76h3kVgeeiFE5KFfCI42Wbd_Ncx4TnC6qb_hAnGXn4HHfAgAAAE1SAAAAAmgBB5kDDApXOCTv-HnepStCQyL1n-PhGIkG_6HdkjtPYcgx6kysUkzUoRO580ggiAX2Ta-z_Y3rpUm3_gDd6Y9bEmH6L0hQRrwsvVMWsZAkvLbUo9bNdnuV8Ne09osS06gxBjG_PW806iQnnvP00r31ObJDxiLsYgNbIzVL_mpJVl_4Mjm2RKEVSImL0NqMLx1PBRGJ3j8MpWKPpizVFIKsLMVxnOL-X06m0cgL3C-k2uKNc0G1Uju2lafBUMLRO8iIzmkEV9aa6COPk_D2_8inCir1eF923CJgA0CTlAObKwptXYAQ4O_ltjPNfs3gwZJRoYM2KDJOTJ33wL9NC_iCOUdUZJsFpVO7vEnZAk1NDQlTiaZvHuAHdOVtfnMnKRbxhP3MLC-6q5MHEBFeagWY09qSqv3ZTPhAHpWpL95YIcTgKkmk8UaGVY35vJDD9H5InJMvvgqrpIJKX9H59Wagv-JsxEpBvRean9J8N-9WsmLZGxlU5oC5DUi0CmZ4VFDY5Okn9O7gzmdY39REYDwci4E9mriD-UWr0s3wnspGpjRyAd4SvVXi7Kw7M7K21zxbnlG8a-gp56mRc4LBESzkm3CK_DI-Fpfo95hfSy6H3dTgJOHFnfop5zcv5GpJsB84J0QELkRXKzCiTMQ2qj4pVbTKLCAKafHYVPscQyGWFL_dtR4nspBULRHbUg1g060QloIH2mw9gWD9-NLGI-Z9N2qGdOJHQHauacoTYWOxYyhidRhU5GGezXVWpTAg9vlvv880bhplIHofPEOuYoVOTHV5jXRclv0ejqNo1G1CQudY_EeioTLcVsw5rc_AREXdV_0iHz9O1s6Dr1EKNbBCmnQEwkBOIxzeqldDPnKNzHN-lDV0OK29rSRrVPU5t7H-eawTasv1ogJi7eOd73ZL3M2q-wXG3zNo32zZeK31weevEkG1VXbcYfnlIej_aOuDZuS_m-NAlNxbAv0-XzGTSaYA1MzzAX3IBOV3rW7P_6cAzvDOsz02HX9KAluQCYY0w4_IHiLbIgktRBpLQJQeIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 19DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4498352084104870&bg=!5Oel56jNAAY3kmNgF5I7ADQBe5WfOIt-oxnWnh8DS54pOZeSh7HkSPz8CflnXLCisamqIt2pp-titM2IKM5kUSqVLJR_AgAAAEtSAAAAAmgBBwoAGqeKmzHp4ZfFaq_6VLPahxnaFKm5TrhejNX4mQL8l3fms7ggT-yq9PnkuKhlLnHhHYBsjCkYq1Tz2nmfev4wIqygZ6ZuxPeFwNWSTFxcEUwzt-OWVtkIWYvQLKpc4lNlgBKZBDGWJZNQuK-DBkwzkgcshpAxLTCkHcdMnjOVZCrmcfWSJ4Pqv-7XyF-PC3ct0kg1QdnmTN61AiiC3TWXyxj579LP5EWRew6AZ0ByD8GmCXIRs_JUvZJEanIV32uB78-yz2aA71wovv8UMcVBQ_t2eJguzX37-HxORphSJY4ZNRzTCezJnOAavv5uUcbLfBWKctErIXiukTH2qJuTJoDeHqm42me3m-CjcI1Y5SjwV6INhSrBEDumkMZRISAfQrfc1of-c2pETaotu5m4CieT_i4XhbppK4Zd9w1WKMKH4TS8-Sgb7PCZd0cN32CNnoOjXHZ9lhSicUUVM6AfNRx7froFSSSgVpsDsqrIYzfOkL4YvRwQh3YUp9ycPlo1yhlc5gNJKwJkgdO1gJpP2IZWHUzXHlpCVAowhva5YvgG3IKvujEuUt6k6KWsgthxcApKKq9SVSwDdL5kTjo1ONNfXTeFZWwVoxbVhRHiLyfUmKMIzyTmRVDqsrpd1KwpMXtWKKYdB4u3hpOBNJJHG423dsgHNFPVnlV6YBpxKjELQmJq6HhQndsMsbfCT1_zYy1mjDzAsqNTunPAmSmsfuiCZ_EWp1Q2hCpVDu044_5XR8OdWBRfqkBLu1NIPUbcY9HmmUzMetuqBQEa05opyXItsIrj98_aPiSibveR4RKfWm-HipeKU0fK_Cpojx0yZaJVUpyZ7cG7GRz8vJCAVFlOUznkAlbQmQbOFtWF-bf8oeF4QQc4WmDXAv_52CecMlnKrrXjomKlTDSO4uUCnxfDMm7fpUUhOO3Bf9n7B3UQFcU-vmMDNjJS3GL0T6PLFR0ydhrun73YJ4SRmuIr-vh4u5efR_RNGVgHvYYP0_BFkyJ-VkUu2WsEi-ia1jJwNDaBeH84855J3pINheXvys549NUxWus4l7Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame C119 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9pxLHnU3a7ilx9ZsnjpKBjcikTgq3dp2yPmfJbsM6ZdyhVQAmHa_lfMe09RT0wN-TtRFqtNofsqVGpMbraDZZrNRZL7mPzuidYfDYnCTAZ39cePrCVViOeziv01F1cxRWLBHdg-Nm3o25Vban9PeKC589ft2x_hJK5C-72yR0RxV2XWNH309YmEr0ZCGplh0yamAYkpe6jKlgIIE5OKjCyOwJuRjDnB2DKF3cKy4hz2EvTBspUhIAdujQ-qfBEQCxO00vuHrZD0H7qV-OuW4VDHDViI__Djfc0lcUUtPpYWdwqEO_QGZddXKupsXKyvUtKYg4tEiulNylNJqpw4OiTo0qyJYvgtF_cnzFWy5Wa3tJ7sL-eRmekupf8qzGj3cyNnRZ0McPMmFe-zJRWeIi&sai=AMfl-YQzzHjmAKFj_VKHkOCpdr-GnMnja6Ex-s_7RxR88UY9ekgib-rCIw0U8YG3NGPzNw5Pk7mjbw5CQdAVs9A&sig=Cg0ArKJSzJY08sALsTnuEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 21:57:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C119 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7207c8b4b055a0a12167345d840c0e850aadfd9185dedb3f01e486d93a2b4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12323
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9A34 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst98zELY_rnnvJgKRwKiOXE8BSwuzxZ7qOhntHuOSwKWYpYl49BPyOVVuiZ_4odXAvxEUna-giL5N5FMzztFitsCHUQDsA0CUgTr9xOc_J_Rh-bTbjPkCvoXddis6MaIPi-UyZuHc16esjb_6xv2Clz8PGSvc9QvppRPnDMB41BdAR4Lq02Jjo9H6OutLbo7LpFkoA6RyYkmOHzNUrZWFpvQl5qhMdbkjobSAcGj7LHff6qoE15zrk5sV33ZlRLbXWyB-7YmKB_Qk-pMIGiN-gf6V5fqrG00xOq70VGfyaHnD8R-pP2cAWEAlTp944TkecP02nk1cX4HzGkKMiXsrrkyrK338od2iuNcb6jyK4GIjebrjUliBhSaPNVffiPXlBQJUTKw1RkUf1gzftg2Q0q5s8XpvGhBA501WFwpsdcE1cdrQP6qo_GlO4WIZwC6RToYY7iNjoSsjUR5ctYWX0f_f0zIg5AgihV-TynmUWWJ3Y68stUC_Zzb9yfRdaUpp7mgtvE1zKu63BikwNjALFpDf_BSkHlF7lW5OjGaQopwiU14-TteKHqdkFXLVvjE0g4ZDY_rdN5YcsLwhuA9t7eG0nR0EUbwuN8lyrV6rZf7MZVGFLvIG23rf-ysN3tbuocpvOWghmDKeELsxDDR48GoXtyrDabwnerwlipV35SEIm_Y-dJ6d529OiRLC9RklIVuiVPcnIbZ5NdTvt1SIRCLtSDnIkSIitXILv1fmTC4Lz3pm5qd0B93nMr9Nl8gEDc5f5oenmMnCqUAK0GuiHHf6wSGgiN3f3_RnKac3y62Eqksd2ww9wEMjDlmFMJomZq-Olh-7Y-cpCapmFkdo1fFpvP5UtUP3UXVGwgbnSU3Ly-wHz5ra_b8UEPlZbcBa9GpR8gihOQ7KwcRyDkk5imjem-co-Hlp4gbbhjHBGn0oSZw6AALaN31RyUpOYQb0_BfjATcjtZyzgWetZ57SVi9l7If-RbMGmRXAkdZ4ctH9YWOn_osbj2HYzjx3yq-Chda_2jALabGQLg41d3izwxTi0_sL_YFmYV7iUG-h0e6rl3zDQwVMfvLW6bVwg5oqxFuZDGdiDBej0RcPKs8TC8Biv75WJZ25eYVw1aQI2e6PPJ0n4BnF_qOIqkP61pJQMUL7KUSo2Ew4sD3YT8zViXJPIlMzSbHhS5fsWeYF00BiI0emE9_YgwCEhz9UdxFNwHJpXIg1htGR13l2LvHZ7lytlCh1ehL9zBHmUaSVn8bzLWwHgwMLQSzNVnRxu9YnD5mjdvLpsRAWLEcsiUNUyzFX-7neRcs1bT4cZKWwTxDVJqxQQzu6wNFRoEhG7-hnep0UDm3X8G&sai=AMfl-YRWoowcivsc2vtIEGRsAbBmAzAGSSs6H_cnVBV2LnHrEFKGmlTcdOXFeUw74nVSJtTZyCCD0-2-vbFak_80qttU3w2NSiBEPxycVJZiFZWjTwCW8mG-SSki40SHqe1jIEXkhAqHAqj0TXOyM8HusHzqI01hl76cihgZS-mK6jsJdj8S2SYNaP_7E4fCOgAThTnAQqMyb-qU&sig=Cg0ArKJSzMH8Ljuz9TBsEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=381&vt=11&dtpt=195&dett=3&cstd=377&cisv=r20231207.40285&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/jidongzhanshigaodajuchangbanleitingzhouyujidongzhanshigandagangdan_leitingzhouyuzhanxianbandit_flowerriyu-fuyeyouyouji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/9773374219424694350/ Frame BFFD 		87 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a37bc11fdf609de932d79f7d0441cb76c4bd54e1f51b2e36b1d4c890dc610754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
478071
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23552
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 09:09:56 GMT
expires
Wed, 18 Dec 2024 09:09:56 GMT
last-modified
Fri, 01 Dec 2023 12:49:40 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C7CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2909463998820045&bg=!4OOl46zNAAY3kmNgF5I7ADQBe5WfOMY-pX8PFmgBVv84J9vmgpBD6rh0YGSo1aeaRY3ezusXRLbAN0kEZxDtl1LduD9LAgAAADBSAAAAAmgBB5kC_SziJXRvXgDc7hDB2v1I11DonBQY5coez3C32q3tXjpfB9Hp9Tl_JRiy_XwG80jVy_Q8iy2GfL7nO__WB3rH2fO-912wgd1_fv6qnKvAZjotoyCogq-QroSHT6tMT6aeEiu9TAVcNiMN3fyu807fwuStyFuZvNu8yNE-R2GsAqMhX9sO9D07dO-DD0ffuxqBH5fB_7YE8ICkVo92sC2isi-Fk419WS8F8GkVBytjDNaokU1LO9rfxoIM1LyupqTxhcUaXkZDBOLDBPzTHRr9T1331Nr0t1FLOxEaWAB9M5BVslhRQscm19cRsuTlqvBMfsK_zvkegOBc2RQ0-spe85IYJd_Rl9lw9iP_Xm23e6n71JRd0wpcbSCSghxfA28aGHZ9jVeJzcZfz6xaR-jdX4DRpBV1wAXJM89rfYOJhU1oqyq1_aSlD4S1geV0Ydy9kWAsQ-ww8JGpgyQYQIBu9yZ3FcHQBAac_JqWH-ho5KKk5e7Wyt7hjBchu58MA_lzheOvrye5WxW0h9uDv4Ote3R88EBBc8JVASejQNEO5018OEJj7bVAudu90GBebZJM_5l9x4Mj30ecXFXh4snPYpnhQJ1NiEBx18OpIzxdBZihdqPr8XdFDoUwiSTVJUMVEUG6w2iyS6UeqIpyhDxQqUZx13CkZrGYO5T8HuX6DparJtJ_sVzPg5XZeSOAqjOdciLCca5DFKQqmv0NG06gPwWycOC8v68qYcDJ_1bQblrmVJ5RDC_98AGYkeEOsWMbAwiN2kDYWw1LewuUM-ZJ7ozOGX6zD94Hg5rWXT9fpytXbINE810z99nK1kzm8XzpMD19zo4MejqXHh4Zr-zbrxlwAgKEVL6OFCRHkyCBUkvC0zBfI48CvWBjoaOkylgLTOS2VSKXwBoHrRX5tnZkjHs1_aiTp2P1pL-wvZu8xhaEsc1L1DGJfc3fgcys_861mHV1UcmcVvBVsB_YaS6pUS5xpLjd65gdKorx1a_wCV06CtsGS7zST9w1amdDIQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
kv.jpg
s0.2mdn.net/sadbundle/9773374219424694350/ Frame BFFD 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9773374219424694350/kv.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f67cb877811eb338cec8579133def07c3c9596be6bb25f5bc3b72dbbdc166da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9773374219424694350/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 09:02:53 GMT
date
Tue, 19 Dec 2023 09:02:53 GMT
x-content-type-options
nosniff
age
478494
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21561
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 12:49:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C119 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 21:57:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9147 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
29955
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 13:38:32 GMT
expires
Mon, 23 Dec 2024 13:38:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D3E4 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
51488a5f210d402b98d3efd56b63fb334babd9704b3abda55a1ec3372ad855b9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wwJWUe81BukmiodKcXw5nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wwJWUe81BukmiodKcXw5nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 21:57:47 GMT
expires
Sun, 24 Dec 2023 21:57:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9147 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:29:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
1676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Dec 2024 21:29:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D3E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3717400706011164&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9147 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3GBcJg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 21:57:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C119 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3717400706011164&bg=!CAulC0TNAAY3kmNgF5I7ADQBe5WfON5mIeGTLLnD8nyKp9o8JQoAtgR00zAal2GFHDW85d-P-fwi4K0VU7c3h8xa8hRUAgAAADRSAAAAAmgBBwoACQyJbD488-IMMpkDAyMCauoBdj0n8fagQ9SGLsoyT2Dvki5cTmEhX6gO2Y51puxdFSZW8VbgLgF21p2AVIe7rbsCPkR-kPqfqziZDGDEhC4DYBCr4A22zAmwF6mLGYavd6w1maGjy_-k4_Pd-Fy2oHPOeyVce07FpH2X2ghDQGSdg-fDG_GfwX6ECHmoabKGPcbQZ46xd9zN4_YOQRsxf2TK_mV-nOHHCsEM34qt3u3DZ_rzrhnr1dYmvF_FIRDCPl0OORty3be819U0GmimF59Yqek-AA1H_C04ccxAdht-YDQO7ggbrXcx1RLd3JZ4Bei6kkcKieGy7hAR0nJNgZEXmtEWxNJwALjdLFEMlSsPGXiTiywa9sxdjgp3xo8ZEWKkGuClc238YTLxxa8kwKaaEaLv5QtSMIButQ-k5N7FMhMcn1WPd5VKsProN0BcHbcAGhXauqtPL8Qj97mUhv6VtvnlpN-_LGeTwm8D3wWn66YInRAhmbdPXO8pPrHsTJO8J9-VSlSkBG-jiL1j8EhZmONIS6OdWlzWci4scJ4sNxGD7j7UoOoaDnC-INkrELsOkDZtg8eP8O5YlDNsncHvEx950cUWYRmulH3HxrsuF-UPR-IpzgvkimU9PYewCDOoBuW2uxZ0GRZ3qSc1SMg9OgHsvlnXdOa_WuzJkfXKeVkgRglWI4EdCtvqOVJZX3VGGgDFDRDvbBd5HuV-cGFlHDPlfm5UTjMeuyhmVggffEQ0LZ6UOIztytsskqHvzX2pPRQTS5ijTz6g3AtBTixNJ5Lb4F20vmakRTdtW9-bZIRu2VHLDA_J3sQIyJuIIODG7nswRiMzS8mlhK0Ffh0UpFCr4H5BAfpN9FB4pl5eDW3BfaZ0t-XZW2pQOMBkmozHfGYsRnGgQGlsUr7nfwBhISSjHkK4NciWW4CNkeWlGMlY1xxmJaxdqq4y0CcjSnZdNM6fcxwdzGYk4fSbpmQtNNMBa-T-y1yQFH78f21-Tye9_YX0m9AbzFTFs_sCgfO4bvhYxSmXuiPxgWYklA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A34 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2353032604123&version=m202309260101&ct=119&x=1&cor=7995899919274809000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 21:57:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter function| FormProxy object| __AMP_EXPERIMENT_BRANCHES number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

18 Cookies

Domain/Path Name / Value
.statcounter.com/ Name: is_unique
Value: sc12916097.1703455063.0
.statcounter.com/ Name: is_visitor_unique
Value: 1703455063807933855
.xgcartoon.com/ Name: _ga
Value: amp-4PpudNcojFrWY6O8AIrSLw
.doubleclick.net/ Name: IDE
Value: AHWqTUnrVukIZJkD5VWUT-jpusset0i9ExUBsGfWjv0F5gzS0ptqHEoiSUBhcxOzcSY
.casalemedia.com/ Name: CMID
Value: ZYipWro9b-c1NRMhTtqkgwAA
.casalemedia.com/ Name: CMPS
Value: 5235
.casalemedia.com/ Name: CMPRO
Value: 5235
.ctnsnet.com/ Name: gid_CAESEPi8GgIIldrdz5i2wpcTRNU
Value: 1
.ctnsnet.com/ Name: cid_92750d0044e6457d9e37f5e2e2df5420
Value: 1
.bidswitch.net/ Name: tuuid
Value: 8805c4e7-a7a0-4b49-b5d9-4c926f299dee
.bidswitch.net/ Name: c
Value: 1703455067
.bidswitch.net/ Name: tuuid_lu
Value: 1703455067
.bidswitch.net/ Name: google_push
Value: AXcoOmSfGnF_5JybPwEWtLweGUAXrfXD29E2IEF4pKKsO0u9Ogelwwsnzw40BTvZ7PgeK0-KEou_yVv2pPQAj5QYgrAzEJnErAmn
.media.net/ Name: visitor-id
Value: 3464566678287781000V10
.c.appier.net/ Name: _auid
Value: mUyuZTjzCRG2LbKQW6mIZQ
.c.appier.net/ Name: _gu
Value: CAESECGgTEocpexmnd6-7mfSZCw
.socdm.com/ Name: SOC
Value: ZYipW8Co8X0AAKbDIowAAAAA
.fout.jp/ Name: uid
Value: q1E1_9endHYqtBUznzU6X9eEOYE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

060294353eb9deffd54259ae2d3ebb84.safeframe.googlesyndication.com
a.c.appier.net
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
c.statcounter.com
cdn.ampproject.org
cm.g.doubleclick.net
cs.media.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ipac.ctnsnet.com
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-a.xgcartoon.com
sync.fout.jp
tg.socdm.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google.com
www.googletagservices.com
www.xgcartoon.com
x.bidswitch.net
zem.outbrainimg.com
104.18.36.155
104.20.94.138
124.146.153.166
139.162.40.113
142.250.184.226
142.250.186.130
146.75.122.132
169.150.222.217
2.18.160.23
2001:4860:4802:32::36
202.232.238.37
213.227.153.220
213.227.153.221
23.35.237.86
2606:4700:20::681a:3f3
2a00:1450:4001:801::2001
2a00:1450:4001:810::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
3.124.161.201
35.186.193.173
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0ff7ff41927ffd98320c602cf33a38b1af45c8a2836120d08f4d41b064961ccc
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2055d4682c7dc0752f6133c4e79a324014e4ca26a1f96022bdd2705438419337
20f6a46bf404a5841dbbcd881b03ccaf23d291340d83169c2d8fad4160c42270
24d18bcf8211d5ae00302987ae9d022aa37207d9adf7209fea35a98b52612c4d
288ca5f8ba706ed101a61c05ab8a3f1faa382e8a283076d85de5776cecbb34e8
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3ae56bf7ed6a1b512a9e91eb3a9bde38a640f12e9cb2305fa22c27c672eee48e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
40dd0e08680fc6d39c0ffb93eaffc0d5ca5399b9f9414ed6425e876d89b32669
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a47408ff054278b19bb17a56b91db90a6f563f6f1c29fa5cafce25e7af03e44
4b25ad4d523b279ed46bdd0c7d5d60e9bc517b135cd9f1c80bf262140cf08f9c
4f67cb877811eb338cec8579133def07c3c9596be6bb25f5bc3b72dbbdc166da
507cf8d108ea1c02ceeb5e54b26cd2a663c15d7e8f73ba131e0612aa4fb3d869
51488a5f210d402b98d3efd56b63fb334babd9704b3abda55a1ec3372ad855b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
58c655b1dc3cfb3947af3ec7685dc9cac14010234c561bdaf017c385f553aa65
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ecdba64380f902d45682665e446b83b21a57ecd2c7452ea47f7947cdb0942a
64f1326537134424af5d971f0c1e6dab6960278b432e0d2105f71da4938fe8a4
698bcb134accc02c2a6d8ea90c2bb1eed8ac90ebbd55ddb99441cf9898c99733
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7207c8b4b055a0a12167345d840c0e850aadfd9185dedb3f01e486d93a2b4764
765b22fb9014a3a3e717b722842dc8338d01bbacad4c16463365e7882d7f1306
79b14bbe876d4550c783a01aeb8730d5e6a07a8e988b7055628cb5aa03347634
7f663b814fe9fe6eff5a25bf5a4a8cc55cd555cbbd19d9c522fc5ea5e1c1485d
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
86d45e218fa301b4e1f81d6ecad50c1a8f847e669aa2d9c91f0b487ceb56b67f
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8ab5c8dd7168a1903d4a6e6467745d39f5ac2a9c5cab07d287ec5230829463ad
8b27f9a154b4c1992617995da1b88ad1b4e8aacfc31b0f3359141b350ef4a29e
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c78948e5c4e140eed85dedab8ba7511a9a5015376943c5facfac5712b0eb466
9d2fecca4efe503a81b55561828639b0b327eb41fb8f18f87123dd5647a58043
9ecba293bbe768ad2ed68b2ebf4c8005b461ec9931529b164ecdd24b95c4eb1c
a37bc11fdf609de932d79f7d0441cb76c4bd54e1f51b2e36b1d4c890dc610754
a3d85069356016486364db5829946de6148408ee00de3827eec749b4c12309d5
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a93db92e6b1731ce808e5f77b60790dce07c4dfa5eecf216b491b5e891462882
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c0d459e7217d77c1366998152177c93851a7123f0c0d2b8261e42c200f1ab2a7
c1e103392ea991bc63f9c8c29c574961aa49cce855469ef466891b3120403667
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
d1e4dd7d0a7d76d64cd47a7293a125a55b24836f8b81b112ca038dbabe317852
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e0fb85ae75acb3d64c6228059ba66a899a7844a7a04fa9878c4b73415805f612
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e4eea7c35e45f1e15de08f19f9a1b6fb39961a74ab411ecfdbba38521081d455
e67e3f305f97fe4aee4e45d650fba96b7bc8c5a378b55d00984241600878927c
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8ef2878bbdd32b444d66065acdb5841e6d19ea6d46b1d62e3df327d6f381c6
fe7f8b5af893b8519fd614ca225aeb8fa85f9b27d4abf503053765115b64ac8f