www.xgcartoon.com Open in urlscan Pro
84.17.37.43 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Submission: On March 08 via manual (March 8th 2023, 7:47:16 pm UTC) from US — Scanned from SG

Summary HTTP 119 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 20 domains to perform 119 HTTP transactions. The main IP is 84.17.37.43, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	84.17.37.43 84.17.37.43	60068 (CDN77 ^_^) (CDN77 ^_^)
17	2404:6800:400... 2404:6800:4003:c0f::84	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::6816:2f93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	2404:6800:400... 2404:6800:4003:c05::9d	15169 (GOOGLE) (GOOGLE)
15	2404:6800:400... 2404:6800:4003:c03::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e0:... 2606:4700:e0::ac40:6619	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c04::8a	15169 (GOOGLE) (GOOGLE)
15	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c06::5f	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c06::93	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c05::9b	15169 (GOOGLE) (GOOGLE)
3 10	142.251.12.156 142.251.12.156	15169 (GOOGLE) (GOOGLE)
3 5	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	104.254.151.69 104.254.151.69	29990 (ASN-APPNEX) (ASN-APPNEX)
2	172.217.194.156 172.217.194.156	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c11::95	15169 (GOOGLE) (GOOGLE)
1	2620:116:800e... 2620:116:800e:21:36b5:1576:d999:6e52	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.230.38.116 35.230.38.116	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	54.221.12.17 54.221.12.17	14618 (AMAZON-AES) (AMAZON-AES)
119	20

4 84.17.37.43 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-43.cdn77.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2404:6800:4003:c0f::84 (Singapore)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:2f93 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2404:6800:4003:c05::9d (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4003:c03::9d (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6619 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::8a (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c04::9d (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c06::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c06::93 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::9b (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.12.156 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.5.84.243 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.151.69 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::95 (Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:36b5:1576:d999:6e52 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.230.38.116 (The Dalles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.63 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.12.17 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-12-17.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	671 KB
28	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189 googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321	104 KB
13	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	254 KB
9	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com — Cisco Umbrella Rank: 576512	470 KB
8	google.com adservice.google.com — Cisco Umbrella Rank: 65 www.google.com — Cisco Umbrella Rank: 2	3 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 519	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 208	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	194 KB
3	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 26674	818 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 517	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 296	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 734 s.tribalfusion.com — Cisco Umbrella Rank: 1808	1 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 627	737 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 5151	645 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 708	747 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 640	464 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 277	39 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	256 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 31410	2 KB
119	20

	Domain	Requested by
29	pagead2.googlesyndication.com	72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
15	tpc.googlesyndication.com	72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
13	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
11	securepubads.g.doubleclick.net	cdn.ampproject.org 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com www.googletagservices.com
10	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	static-a.xgcartoon.com	www.xgcartoon.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
4	www.googletagservices.com	72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com	cdn.ampproject.org
4	adservice.google.com	cdn.ampproject.org pagead2.googlesyndication.com
4	www.xgcartoon.com	www.xgcartoon.com
3	adservice.google.com.sg	pagead2.googlesyndication.com
2	b1sync.zemanta.com	2 redirects
2	match.adsrvr.org	2 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	sync.srv.stackadapt.com	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	fonts.googleapis.com	cdn.ampproject.org
1	www.google-analytics.com	cdn.ampproject.org
1	amp.analytics-debugger.com	cdn.ampproject.org
119	28

This site contains links to these domains. Also see Links.

Domain
tw.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G2	`2022-09-14` - `2023-10-16`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.analytics-debugger.com GTS CA 1P5	`2023-01-22` - `2023-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Frame ID: F104363BA7C62E604B1842F885910C87
Requests: 32 HTTP requests in this frame

Frame: data://truncated
Frame ID: AE6E9D2A92017468FE651520922708A2
Requests: 1 HTTP requests in this frame

Frame: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: EDD5B649245AEAFADCAABF25BB71FDE3
Requests: 12 HTTP requests in this frame

Frame: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 26EE316C1053A33B31E09F3A9929776B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=1831158112&adf=816031638&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830450&bpp=11&bdt=55&idt=96&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=2&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1839336802&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072951%2C31071261&oid=2&pvsid=4401752943320788&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.hui26w4zbdlx&fsb=1&dtd=111
Frame ID: D6356B03CA001E9A5B2B55432DA4E662
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: C64EC65301673C9A5834C26144FBAB75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031639&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830490&bpp=11&bdt=89&idt=115&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4122951427&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44777876%2C44759842%2C44774606%2C31071261&oid=2&pvsid=3682429029801014&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rzvjr2y9r2x1&fsb=1&dtd=128
Frame ID: ED89DC74EBD1B28EA2750266451F689E
Requests: 1 HTTP requests in this frame

Frame: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: EB4A01D9A39558D477CD4DD2E27817DF
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 699A0E0EEA60DE454449B751065E7A5B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C8CB1C41FB7190685D601ACA285B753
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031633&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830754&bpp=13&bdt=51&idt=68&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4122951427&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44777877%2C44759876%2C44759927%2C31071261&oid=2&pvsid=1479843091559339&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.la4eb61sf2k&fsb=1&dtd=81
Frame ID: 043F8841C29E0EAA6C368412529C435C
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 75167F86F28EF4DC83B61BA016DA9659
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EA9F82CA046B758A1F7F2C039C290292
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxCy17UCGLyY1OIBMAE&v=APEucNUJyJ2qg3_R04AtAZmXoQmJjF2b0nvUJ6e7tpHnHeVGVG4BsqPRojPWEMkU4NQXdB14-Yycr6ngqI1Od1ABv2ccBSLrCg
Frame ID: 414F7628D5FFBAD3D45B41CD661716EC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EF30DB3D5C88879CD98C5EE3F15BD77E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A9BF9735C3562A02402941D7F081CA86
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D60906AF0871F0E85B0BCAD3516B36E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 07D414780EBD6A2AF2312E1742A74F82
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍚下流梗不存在的灰暗世界（没有黄段子的无聊世界）【日语】免费高清卡通动漫在线看 - 西瓜卡通

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Page Statistics

119
Requests

92 %
HTTPS

58 %
IPv6

20
Domains

28
Subdomains

20
IPs

4
Countries

1743 kB
Transfer

4281 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tw.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Title: 繁

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAQlYxxbxPqb1QAns2RQio&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAQlYxxbxPqb1QAns2RQio&google_cver=1&C=1

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAjmP-Orveq1fc8o6oIriAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAQlYxxbxPqb1QAns2RQio&google_cver=1

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFP2pPOTynQpPfQDaiM0eSY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFP2pPOTynQpPfQDaiM0eSY%26google_cver%3D1

Request Chain 87

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkzODczMDg2NzYyNDc2NzI3

Request Chain 100

https://a.tribalfusion.com/i.match?p=b6&u=CAESENRqXFvoWh9IxiKKvTG6-wg&google_cver=1&google_push=Aa02lx-xJJsd_Oy2yy8RVX0czDsfuJWNQVrIKe6fAC7QocHvmJyPnQoxIvlEOq31avzmtnkAmc8jQFLDb-3GmBVHbzrEAruFboiHKtLxefrDbwcZOtxHdSO8ys7mBcd1-YTBBiiE7eur5xI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-xJJsd_Oy2yy8RVX0czDsfuJWNQVrIKe6fAC7QocHvmJyPnQoxIvlEOq31avzmtnkAmc8jQFLDb-3GmBVHbzrEAruFboiHKtLxefrDbwcZOtxHdSO8ys7mBcd1-YTBBiiE7eur5xI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENRqXFvoWh9IxiKKvTG6-wg&google_cver=1&google_push=Aa02lx-xJJsd_Oy2yy8RVX0czDsfuJWNQVrIKe6fAC7QocHvmJyPnQoxIvlEOq31avzmtnkAmc8jQFLDb-3GmBVHbzrEAruFboiHKtLxefrDbwcZOtxHdSO8ys7mBcd1-YTBBiiE7eur5xI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-xJJsd_Oy2yy8RVX0czDsfuJWNQVrIKe6fAC7QocHvmJyPnQoxIvlEOq31avzmtnkAmc8jQFLDb-3GmBVHbzrEAruFboiHKtLxefrDbwcZOtxHdSO8ys7mBcd1-YTBBiiE7eur5xI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 101

https://um.simpli.fi/gp_match?google_gid=CAESEIQO4UwXahPF0r4P6wmOQi4&google_cver=1&google_push=Aa02lx8B59q0wL7tkNZ7MHv6P5vubgRuTuEnF4H78YA2Xbru0cFgQ1PS2qTVlVA2TZb-nYYopzx33cw_9bVZiEgHV_Ov_gNFTzObiZNNkPb1dfIDwftvxXz8FFw11zdQMumRdS1yf8zZVjY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C581340AD6694C3886D0AF17C31DA5B9&google_push=Aa02lx8B59q0wL7tkNZ7MHv6P5vubgRuTuEnF4H78YA2Xbru0cFgQ1PS2qTVlVA2TZb-nYYopzx33cw_9bVZiEgHV_Ov_gNFTzObiZNNkPb1dfIDwftvxXz8FFw11zdQMumRdS1yf8zZVjY

Request Chain 102

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGu_T7rexeXLm14lbMzFVBI&google_cver=1&google_push=Aa02lx_53ztBH30iVQ9NcTWKdMdsGg3ptf2PQwZK3OsUJvmJH3ZYmBtZ0_lq4pvla-_MdEyysR4lojoNd-59dvNQkukrec2QXkEGGNo9bGuCNbZl8cSjIPJ4Fp9xxcR5zs1-nKvKPSGBWg HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEGu_T7rexeXLm14lbMzFVBI&google_cver=1&google_push=Aa02lx_53ztBH30iVQ9NcTWKdMdsGg3ptf2PQwZK3OsUJvmJH3ZYmBtZ0_lq4pvla-_MdEyysR4lojoNd-59dvNQkukrec2QXkEGGNo9bGuCNbZl8cSjIPJ4Fp9xxcR5zs1-nKvKPSGBWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWRhOTMwNWYtMDAxNS00YjU1LWFhNjgtZDdiZTg3ZTBiMzNj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1da9305f-0015-4b55-aa68-d7be87e0b33c

Request Chain 103

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEFBJ0K-ScFY-1SUgt2PSgWI&google_cver=1&google_push=Aa02lx9G_Su6fCyGYh1LSat5COLrcKAJ0UVjtbQ-eYry9UkENn1s0Qwqa4oFrdySbhoFqAvHRil8Vy2TZsbPDXnCqBto-LPGnouHAX8DKTSjLtmZUO-aDuhjsUMBidmuBKgOMqrz8yE36K4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx9G_Su6fCyGYh1LSat5COLrcKAJ0UVjtbQ-eYry9UkENn1s0Qwqa4oFrdySbhoFqAvHRil8Vy2TZsbPDXnCqBto-LPGnouHAX8DKTSjLtmZUO-aDuhjsUMBidmuBKgOMqrz8yE36K4&google_hm=3bvKUeTbRPeTkS8eTj8l9Nk

Request Chain 104

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAzHXOWE8QymBOJofoHb758&google_cver=1&google_push=Aa02lx8KYI1wt6Bha6I-g15aJV2XjnSgaFTN2_aNHpULEhZBvJ-cbG9BIANlS_a3Zu-14PcHUF-_3ieNPGuArwiTTmbWhyPcK-BNBdgzhJc43RLVb-E7E17k18B1djQ3EzKCsifTo5Xz6kw HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAzHXOWE8QymBOJofoHb758&google_push=Aa02lx8KYI1wt6Bha6I-g15aJV2XjnSgaFTN2_aNHpULEhZBvJ-cbG9BIANlS_a3Zu-14PcHUF-_3ieNPGuArwiTTmbWhyPcK-BNBdgzhJc43RLVb-E7E17k18B1djQ3EzKCsifTo5Xz6kw&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx8KYI1wt6Bha6I-g15aJV2XjnSgaFTN2_aNHpULEhZBvJ-cbG9BIANlS_a3Zu-14PcHUF-_3ieNPGuArwiTTmbWhyPcK-BNBdgzhJc43RLVb-E7E17k18B1djQ3EzKCsifTo5Xz6kw&google_hm=ODhoRjllQWZhZlZaSEptVmZDdE8=

Request Chain 105

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGiL1fau6Lq8PFVxOyMZXgY&google_cver=1&google_push=Aa02lx_DBRw-x-WXMz-0uhPFGZLWNp3th5iTDwRowxutg7avvb4JrD4oCVs78hMT-87JfxRNLaDv-YpFo4bERNdFG_pp6fmwTUeVCFT1asX92CfC6b0NdHqUxFVlnCx3isC5LI_M-nZh_i8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3-9XZB6WQkFgm40oAELyBNE6otk&google_push=Aa02lx_DBRw-x-WXMz-0uhPFGZLWNp3th5iTDwRowxutg7avvb4JrD4oCVs78hMT-87JfxRNLaDv-YpFo4bERNdFG_pp6fmwTUeVCFT1asX92CfC6b0NdHqUxFVlnCx3isC5LI_M-nZh_i8

119 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong Show response
www.xgcartoon.com/detail/ 77 KB
17 KB 294ms
172ms Document
text/html 84.17.37.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-37-43.cdn77.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bd5b7729e8c93bf150790fc6f2d546eee22a88b1334a06676da2cb2bc4b9a14b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Mar 2023 19:47:09 GMT
ETag: "1325d-/r46RlQEG6ehSEop5/h5/r7+tvo"
Expires: Wed, 08 Mar 2023 19:48:09 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 21ms
6ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e34a46c6311cce7bf88594fc9186d9711585d22ef33afd1412680b5f70f2f66

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 19:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72799
x-xss-protection: 0
server: sffe
etag: "5b0ff56a8ea2a053"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 19:47:09 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 27ms
12ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb58c4a3d0e1a210b3b4373181706a6b2bbddbbc49800ddf9d6f2614d942b983

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 19:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23108
x-xss-protection: 0
server: sffe
etag: "f95f2701d5087917"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 19:47:09 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 15ms
13ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ac099e6e55880ece397bd82f79d9d115ad334c60b24d4bc8b1d65aa18cf1f9d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 19:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9478
x-xss-protection: 0
server: sffe
etag: "88576618046cd34c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 19:47:09 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 49 KB
15 KB 19ms
16ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d7bf5f490f83a97c69015d3576118bec21cf5612d03f20440ad45bf86053ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 19:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14974
x-xss-protection: 0
server: sffe
etag: "50ae64dcf729b8c6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 19:47:09 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 41 KB
14 KB 20ms
18ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3e5f1a996040a57d66c087481c2537ddfb53f08f0f232b0404896ea324d16e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 19:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: sffe
etag: "365319d05c7c7139"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 19:47:09 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 16ms
14ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c66e9072f2e59f1e60b95b98245d9a5f4c80f64939f11f82fe08f974d5f4df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 19:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10287
x-xss-protection: 0
server: sffe
etag: "b4c32ce6ce8c2a72"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 19:47:09 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
31 KB 12ms
10ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35f40a61c72095405fd83a90437875d48eb5d4148622d95064157adf8021068a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 19:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32018
x-xss-protection: 0
server: sffe
etag: "bea55ffaa7714b6a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 19:47:09 GMT

GET
H/1.1 200
OK logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 40ms
39ms Image
image/png 84.17.37.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-37-43.cdn77.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 19:47:09 GMT
Last-Modified: Sun, 28 Aug 2022 14:10:33 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"3473-182e4ca3706"
Content-Type: image/png
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13427
Expires: Wed, 08 Mar 2023 19:57:09 GMT

GET
H2 200 xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong.jpg
static-a.xgcartoon.com/cover/ 135 KB
136 KB 198ms
81ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 310e3c982d18e1c5ac20bc3a88c6064ae44fc74320287b977d7bac0bca1be3f0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:09 GMT
cf-cache-status: HIT
last-modified: Sun, 27 Nov 2022 23:11:57 GMT
server: cloudflare
age: 246077
etag: "A9DCE1F46E93C27C90DFEB731C06464A"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7a4d96a22c560978-HKG
content-length: 138656
expires: Wed, 08 Mar 2023 23:25:52 GMT

GET
H/1.1 200
OK play.png
www.xgcartoon.com/img/ 470 B
790 B 39ms
38ms Image
image/png 84.17.37.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-37-43.cdn77.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 19:47:09 GMT
Last-Modified: Wed, 17 Aug 2022 11:09:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1d6-182ab7e5700"
Content-Type: image/png
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 470
Expires: Wed, 08 Mar 2023 19:57:09 GMT

GET
H/1.1 200
OK star.png
www.xgcartoon.com/img/ 424 B
744 B 78ms
38ms Image
image/png 84.17.37.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-37-43.cdn77.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 19:47:09 GMT
Last-Modified: Wed, 17 Aug 2022 11:09:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1a8-182ab7e37c0"
Content-Type: image/png
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 424
Expires: Wed, 08 Mar 2023 19:57:09 GMT

GET
H2 200 jinglingmengyeluolidisanjiguoyu-wubingbing.jpg
static-a.xgcartoon.com/cover/ 86 KB
86 KB 197ms
80ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/jinglingmengyeluolidisanjiguoyu-wubingbing.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d277710d2589c3d6e3317e994191f6a65d0ebe47b4555c28f3ed724ef892bfd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:09 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jan 2023 05:17:45 GMT
server: cloudflare
age: 31475
etag: "FF094D518149526246563593382197D4"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7a4d96a22c520978-HKG
content-length: 88043
expires: Sat, 11 Mar 2023 11:02:33 GMT

GET
H2 200 wankuwangfeiyaopaqiang_dongtaimanhua_di1ji_yinchayangcuo-tuanzi.jpg
static-a.xgcartoon.com/cover/ 79 KB
80 KB 160ms
43ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wankuwangfeiyaopaqiang_dongtaimanhua_di1ji_yinchayangcuo-tuanzi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c7a61d4ada30c981a2fb156bd315f0ed2fdf348fee9d08cb6d24f0e0c56b56

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:09 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 13:22:04 GMT
server: cloudflare
age: 38014
etag: "3AB9DD99CAA091F7E5992C8E145A66DE"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7a4d96a22c530978-HKG
content-length: 81262
expires: Sat, 11 Mar 2023 09:13:35 GMT

GET
H2 200 aotushijiedi3ji_guoyu-qichuangshe.jpg
static-a.xgcartoon.com/cover/ 62 KB
62 KB 196ms
80ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/aotushijiedi3ji_guoyu-qichuangshe.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529d1fb1cd9996ce6e985b027e70b6e0188ab9d6f125b9caec36840690eec5ab

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:09 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 10:43:57 GMT
server: cloudflare
age: 21384
etag: "131A1E517410C52F4544348C3B7FD03B"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7a4d96a22c540978-HKG
content-length: 63431
expires: Sat, 11 Mar 2023 13:50:45 GMT

GET
H2 200 tianhujie_dongtaimanhua-longyu.jpg
static-a.xgcartoon.com/cover/ 74 KB
74 KB 197ms
80ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/tianhujie_dongtaimanhua-longyu.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fab7c3adabcd6b9b35c84a95113628ff0d9a6fa35faa3d1fa60a763857ef5545

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:09 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 12:43:19 GMT
server: cloudflare
age: 38155
etag: "8C6C837CAA54745958F49FC7F131DA98"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7a4d96a22c550978-HKG
content-length: 75586
expires: Sat, 11 Mar 2023 09:11:13 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012302271541000/v0/ 8 KB
3 KB 12ms
4ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfe26edd71a7ccbf3310511bf134ac6f8e929d2a27bd5258ac9df422bd73e087

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Mar 2023 19:03:47 GMT
age: 89002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
server: sffe
etag: "6c1bd1da0962c29f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Mar 2024 19:03:47 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012302271541000/v0/ 239 KB
63 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58e0bcb4fae8d09233c60d7bcb828eeb4c6e142d41cd99a16fa7a9623894acd8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Mar 2023 19:04:13 GMT
age: 88976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64414
x-xss-protection: 0
server: sffe
etag: "cd5af47d4a1cb89c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Mar 2024 19:04:13 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012302271541000/v0/ 12 KB
4 KB 10ms
10ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48782b28c393c7375207d2650475e176980f3116decba05db72fca5e40efdf4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Mar 2023 19:03:47 GMT
age: 89002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "9be99d6d09e231e7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Mar 2024 19:03:47 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
484 B 16ms
7ms Fetch
application/json 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
11 KB 767ms
753ms Fetch
text/html 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2302271541000&d_imp=1&c=4006306&ga_cid=amp-4PZSZibJbeYcjssyTKPQtw&ga_hid=6306&dt=1678304829727&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong&bdt=184&dtd=58&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d16720f741506ab5d0898190b3d511353ca687df5d4b78d1b3934eb5d705fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampanalytics: {"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvB9cRQyOd6s7W4OXx-s01RY7Rc90OT8VRFULhOAtJ3JBW28-prF1y8gvTZEHM5urjjc8dCtrEGBn0TWYadFzl0R3rYYmzgV_V_8U5WD9jJJNKHQjrEzZ7BICZkwJyBGeNr1-s\u0026sai=AMfl-YQx6MLYsM95BWJ4YKDcrrzOFtfHpUIKJl8_6uJTbDUjDjfORA2g1ET9VfAbV6tGH9VYBCBGuGcb2d9e\u0026sig=Cg0ArKJSzAWuX2BVVwBJEAE\u0026cid=CAQSGwDUE5ymgjLLeQJzkUOLNcC2Vk_2syZp4oaimxgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=1412529771"],"btrUrl":[]}
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9898
x-xss-protection: 0
amp-fast-fetch-signature: google:1:wZ1J+d/UmBDCmc6C9XkVvIKmF8qaUYoRcY7m9lrmAaAHppVy4IlMkpXUKi3THQvwzagUDR3vTWmkFm3pL4LGKyROWV0D/kjpkqiLyL3yALWKYJvC96Hx+VeKHX5SL2tTik1Vnel5OoifAbXqIcFlI372iQUnwlvRyz07+ZzfcGa+3Uz8+sXDG1BGdNHPZZnBKCGA4MRlVTNjRkMMO3/OxRtGHpNGMBrJb9oz8pIoSZZBwC5KOEnKCQeu0etpoOZjZohPyr4ZVhD1xZm3/IhEnRTNbSbRGDpCsokEtCljSatUFOInT5AYDJl1PXJZS42ydwsQVxNm+3VAE/MGoIEW7A==
google-lineitem-id: -1
x-qqid: COy689mMzf0CFWuTSwUds4EMUg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 217ms
203ms Fetch
text/html 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2302271541000&d_imp=1&c=4006306&ga_cid=amp-4PZSZibJbeYcjssyTKPQtw&ga_hid=6306&dt=1678304829727&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong&bdt=184&dtd=59&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ef8595e237e195027c402f97d1727667d32a39bd0515c50e587373124ed1b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
x-creativesize: 120x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10732
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJz20tmMzf0CFXOmSwUdZekNUw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351399065
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 567ms
554ms Fetch
text/html 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2302271541000&d_imp=1&c=4006306&ga_cid=amp-4PZSZibJbeYcjssyTKPQtw&ga_hid=6306&dt=1678304829727&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong&bdt=184&dtd=60&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a1bc778aeed61aaf512a2aa94a3d3ef695b45dc4239edc27f0daef4c46206e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
x-creativesize: 300x250
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10760
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CNaH09mMzf0CFZtPfQodHoILRA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663397
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 902ms
889ms Fetch
text/html 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=1608544924&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=673088382&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2302271541000&d_imp=1&c=4006306&ga_cid=amp-4PZSZibJbeYcjssyTKPQtw&ga_hid=6306&dt=1678304829727&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong&bdt=184&dtd=61&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4efedc92c478fd49db7a324f14584e69eca8edbfd4ba8c343fbda99d867cd3f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
x-creativesize: 300x250
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10759
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: COmJ09mMzf0CFVl7KwodWm4JjA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027456433
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
16 KB 405ms
394ms Fetch
text/html 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=2565837172&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1627611741&nhd=0&adx=954&ady=931&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2302271541000&d_imp=1&c=4006306&ga_cid=amp-4PZSZibJbeYcjssyTKPQtw&ga_hid=6306&dt=1678304829727&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong&bdt=184&dtd=62&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87b7a65f63486d393e942352b630f88bbcf09be1e3b54031ecab74bc5778ad4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
x-creativesize: 728x90
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
x-ampanalytics: {"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstY1UUl9PHVhnEIEHADXa8aPZsTdS1WrcBACnzSwDdAVMONVo0j2DP8fvYMqxCNp-c51VSq5r-Oo9fzo0P7DlcIFe9xlfJrg4kmcxDCB5yPpJXanLffyjcLmeHpFEK_-PB8guU\u0026sai=AMfl-YTfC5_deMK1K28YB8jDbLGybTvnYcR3HWSB3SQoX6Lody8El_iYJqxmjpicXKp6w-kFA19uNDXRRmZq\u0026sig=Cg0ArKJSzJn4BodrawwcEAE\u0026cid=CAQSGwDUE5ymZz-D1S4ZvXb6ulnTyQ6RNxWjQQVPUxgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=2565837172"],"btrUrl":[]}
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14425
x-xss-protection: 0
amp-fast-fetch-signature: google:1:R3BjHk0HTu0M048sZl0B2EEGmgVhvAmfvEQH0MoURstG1QV6v+ECKu0kANSOgCZh2mqajP0yyQqXzeg3kjt6YhTA1cYeicj+Kzhd83AuKbM7lRtWoXgaMBeIDm/f5Ysvftv1J09Zw2BmO9fKEIAuXpeespGlEVWCC5OaiR1rfJhpddFgQFAYH3DE5nF/cy/EI5GIcjtGIyPzx2Ck5Mc3OUEYbAwLCapcstGcYZvnGakJXy6L/lXM56vYyNH9+8yNQoEZVY7+pKzL3kbMjmEHH0k/Sefy/FBokTrw6MbbxbGxvfhXw/khAho2zGU/DeqciTfsWNxIann6Yy68fU188Q==
google-lineitem-id: -1
x-qqid: CNOD3tmMzf0CFbGASwUdvWEDnA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012302271541000/v0/analytics-vendors/ 2 KB
812 B 5ms
5ms Fetch
application/json 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Mar 2023 19:03:26 GMT
age: 89023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "b54a6f86e9bd04f5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Mar 2024 19:03:26 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 4 KB
2 KB 175ms
45ms Fetch
application/json 2606:4700:e0::ac40:6619
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6619 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only, master-only
age: 29008
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: same-origin, same-origin
last-modified: Wed, 08 Mar 2023 11:43:42 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.xgcartoon.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KM2FwuTj%2FZJHvi9ZzyNvEicqowWvlMldTSUbE5in9MbHsM0AyabMzLD2nLIB%2FeBZpf0Zsx1ai1I%2BhPgl5m%2BJwL1ToBxURAaAkqW0LqFNGo6%2FOvKYrg%2Fh%2F%2F9ac4RwsJEcoshcMI6N2NfyUAoy%2FWZjc0bBRwdU%2BliniQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7a4d96a43a188b78-HKG

GET
H2 200 container.html
72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 21ms
5ms Other
text/html 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 collect
www.google-analytics.com/g/ 0
256 B 16ms
5ms Ping
text/plain 2404:6800:4003:c04::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=6306&cid=amp-4PZSZibJbeYcjssyTKPQtw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong&dr=&dt=%F0%9F%8D%9A%E4%B8%8B%E6%B5%81%E6%A2%97%E4%B8%8D%E5%AD%98%E5%9C%A8%E7%9A%84%E7%81%B0%E6%9A%97%E4%B8%96%E7%95%8C%EF%BC%88%E6%B2%A1%E6%9C%89%E9%BB%84%E6%AE%B5%E5%AD%90%E7%9A%84%E6%97%A0%E8%81%8A%E4%B8%96%E7%95%8C%EF%BC%89%E3%80%90%E6%97%A5%E8%AF%AD%E3%80%91%20%E5%85%8D%E8%B4%B9%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8A%A8%E6%BC%AB%E5%9C%A8%E7%BA%BF%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1678304830&sct=1&seg=1&_et=0&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::8a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012302271541000/v0/ 19 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-exit-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d9bbecfa807da3e57c588a55a9b54551174f6f725be5c56b2b4465be846050e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Mar 2023 19:04:15 GMT
age: 88975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6640
x-xss-protection: 0
server: sffe
etag: "f160bdc9767ea04c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Mar 2024 19:04:15 GMT

GET
H3 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012302271541000/v0/ 7 KB
2 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-fit-text-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

942c399960e375c805bc3b03f535c534917252717b677afb51065d86f3172c46

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Mar 2023 19:04:12 GMT
age: 88978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2518
x-xss-protection: 0
server: sffe
etag: "6f32f705dd3f6551"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Mar 2024 19:04:12 GMT

GET
DATA 200
OK truncated
/ Frame AE6E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7661e21d37b079feec70407cbf7c411d2c466739631e300b9203fcbbf2f2071

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EDD5 6 KB
3 KB 6ms
5ms Document
text/html 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:47:10 GMT
expires: Thu, 07 Mar 2024 19:47:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 26EE 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:47:10 GMT
expires: Thu, 07 Mar 2024 19:47:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame EDD5 96 KB
32 KB 25ms
12ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d00dd0826e11216b39edd38cb291539b437cf783c7955684fe3c398ee6b70fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32834
x-xss-protection: 0
server: cafe
etag: 17777567793893310228
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EDD5 158 KB
48 KB 14ms
10ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame EDD5 0
429 B 21ms
19ms Image
image/gif 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8T6IWnRnlV-HiSvRTA16uYcx_UAbPnhsJYXcIt1eEfIKK94xGid12gz1fhwaXXegqx11eZQr71hR_073SBUr0QUKv0KtIV2V6Bvlh64aDPf57Pbj3B_qT_oRHgnJkkocpZZSprvK75WsTwFwJ2KH0drYVDRz0evuEDvAF12mKqwzPslNWErlXurXsJxXbP_rJsU86J34ps4Mg59NY-8gMIuJSYVIgcl2xbNbenkMeCahCbUJZL8vIJtlHeZf2PE6lk8kOxoEUWDeD7t1I7Y3YclrYoK4WE_jSgAldusvpBZbloCE-rs-XwuGoGknhP51zNdU5PmcfRIgsXdtE2337a3_3TmQqcfE&sai=AMfl-YRJeFDDal5qRzPtUglIbVcmfAbq4tChwWJuy7a1sXW2hF8IHh88LwGDAy71BkDUujobJFGvV8OqqFQRNUM&sig=Cg0ArKJSzHvartG1iyrbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 26EE 24 KB
7 KB 21ms
10ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:06:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Mar 2024 16:06:17 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 26EE 96 KB
32 KB 32ms
22ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dec025092f81bea7e644aad65a9fd04428fbb88b37f2d73b3aa1cc2d16473d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32834
x-xss-protection: 0
server: cafe
etag: 13901059374308251117
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26EE 158 KB
49 KB 9ms
7ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 26EE 0
26 B 8ms
8ms Image
image/gif 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUH1XdOAljatQvJQxlSbaAjEqmDqvOlosTj-nLDBIOLSflau0DNduNgc5WKHgo2HZsFxlxjOqt22O_Xz_aFCtpZOMol3glreueeVDRSkYwX16DpAffJDCW2PSMB3Xpct5j06ErqNIHA01sMWe_hyYl0Kma2lnVrMMrfUrftdf-usQzq3LEv1d8UNgg-8Iqhvf4fmWUcSfDz1u5GFROTTcZ2uxxHAq3JD6E1zTY61OMbnUy0_2UiBsdgW5PGqFyjXEPt4B7rinObvEBvzsGNX9It1bFkctuXsgmEFyq8wA9xNcik4o_ZAffbBe4mpk1vL1r3xFHrLySVx1qrWSN3GqJSmkh631kUQ&sai=AMfl-YTWPhSVi50kw6oMQZUM_uC7xvMlFJTlJGKYaXEM1O-ucX7jyZLfStAEVthcXZihBT5GBbIfcpZk6It6XCo&sig=Cg0ArKJSzKO6GdRUqKDwEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ Frame EDD5 360 KB
119 KB 56ms
55ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a89c233c6095ff87b5520c2725313d6bdb8cda8746d73d9ec708d456cf6a8241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121459
x-xss-protection: 0
server: cafe
etag: 9183173934686106185
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ Frame 26EE 360 KB
119 KB 47ms
46ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f9b4322072dc8201878ebd40251102e887527a88596b6227cfed98561bf9afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121459
x-xss-protection: 0
server: cafe
etag: 546078365961096860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
DATA 200
OK truncated
/ Frame EDD5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de56b7c3fb44adc9f9c8c733f60d5c9e59c915af2f59c880c3396514d3eaed12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ Frame EDD5 107 B
531 B 19ms
7ms Script
application/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EDD5 107 B
196 B 8ms
6ms Script
application/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D635 603 B
259 B 158ms
157ms Document
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=1831158112&adf=816031638&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830450&bpp=11&bdt=55&idt=96&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=2&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1839336802&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44777877%2C31072951%2C31071261&oid=2&pvsid=4401752943320788&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.hui26w4zbdlx&fsb=1&dtd=111

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:47:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 16ms
7ms Other
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 18:21:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
DATA 200
OK truncated
/ Frame C64E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62644729157b0bdb7ac7031866a2cf61846f4e19291119a58c5e2c57becee096

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ Frame 26EE 107 B
165 B 8ms
7ms Script
application/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 26EE 107 B
122 B 9ms
8ms Script
application/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED89 603 B
109 B 164ms
163ms Document
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031639&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830490&bpp=11&bdt=89&idt=115&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4122951427&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44777876%2C44759842%2C44774606%2C31071261&oid=2&pvsid=3682429029801014&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rzvjr2y9r2x1&fsb=1&dtd=128

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:47:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EB4A 6 KB
3 KB 4ms
4ms Document
text/html 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:47:10 GMT
expires: Thu, 07 Mar 2024 19:47:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EB4A 24 KB
6 KB 4ms
1ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:06:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Mar 2024 16:06:17 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame EB4A 96 KB
32 KB 20ms
18ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9970e88e9115a282d5f54c8449e63b8dce31fe204f3a231819a218b1e2c91df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32837
x-xss-protection: 0
server: cafe
etag: 5052220461068898949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB4A 158 KB
48 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EDD5 0
0 18ms
8ms Fetch
image/gif 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssryuxvdMRz8eHEbzJHIdHjXe9BnsOnZI400B-nW_qLN3j94SbvLrWffb9-G45hsTvh3GVeSaW1PHIXnGknVXzyLjK-f4Q0bDxnHBLWxi17mEvG6YM3D3SNTHD5xUjEDSR2nbPWjQ9bGYAEahvJmMwZR1mjuNgeHgrTTqNMFUMLL6mkJ8ZuB7Vj7R9hDRanIcl71XLX7JmF0Ut9cJgjKIQz2_8rx5VUk6rVBFGcV2YPMe5-VB2DhdzwjfrvJ10MP7y4AK7VUZAcO0QREiY3JOEgJupX8bySMID86ngiLWdRiEOVfOMiJf1y6qN7YmIViY60dlvT41f-wfFThsKksuJwTUhfDmTUW1zyPw&sai=AMfl-YR8uqOsHPiWufE4bWpH2XGEqtN3i3Ekp7DmzZ9wW2AaoP8AXvVDAbAh9B_vNwMVpPydSlOgxOBGGeyZ1QE&sig=Cg0ArKJSzEf5HQfCnBL9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EDD5 14 KB
11 KB 21ms
10ms XHR
application/json 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eecfca4a04d2932ada3c68f9888ca084b5ec8a30ee9182300df48325db338d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11200
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB4A 0
26 B 8ms
8ms Image
image/gif 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssji2KUn6J7euQX53Xv1F_c7ZQw5tBaTokrgA53IyfeCq7hCQc2Z-jxgE2R4Xe49W4AJBsalftIWGzFcm5jCR-7wTUdeSQTRen8Ay6zefkaSZgp3dob71lApzpZcY3EXb160YkoaFfeqMBy0n3Rh-3QKHNt86v8ERkZPBh6KF0ItRo3h3RI4TbIQrGy0msIBMg0FCQWAwipUfNjJIfqMN1dkHqJB_9cJ5g3VWqTbFDsNuHPQ9afYJm87_DBYewcm8dXpEzez9Jt8ym6-jWt60sVGV2Lb2-ZCJXvzw8xQWFQWHNY2ayZAMpKQuHIK5Jj_giy3uMTnj9bPHJghvVnEs9LIw16qGf_qw&sai=AMfl-YTDF3z6Tay0fGlRDRhLiRwvw7_YBGpGPV-8Eyi2_0SDQVtM0xwQ3LVgQfEusr7ySuLK_aFtgSXWHorl5sE&sig=Cg0ArKJSzE2dWio0u4pbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
URL: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ Frame EB4A 360 KB
119 KB 27ms
27ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b9488a56b5b52e3cba5a7463d2d78192a82bbe34dd8bb0cc52bd94099bfc13e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121457
x-xss-protection: 0
server: cafe
etag: 11180673461753199194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EDD5 17 KB
6 KB 9ms
9ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 26EE 0
0 7ms
7ms Fetch
image/gif 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSOQ8Qz9jE9iJkCAki8FXANnSo8kzRNv5U7NpUVXe6rUEAKd6cP84ToLmUPaPlWP95c-e3vzOgHTRrb0MEgOMnKC4ky_XT489WRdu6xctTY9Nrp2KX8E_Hwhaep_e8K0vkRWk1Hkk_UxqxPG6Kblw7cnLL20JQrq2hhNpIVm7eq9x5xnx12iZpZIu1_MaMFnU2pWKYqsbXmWY8Bw7xbWrwQbtny8bflcY_33qx9zen-ZQ78fddPRSc_0kNzHmN-jgYPoUeE99V5t0wMsZGE3e966rGR301QBt2ABPAbY5Q9IeDfHuRmUfVs54pw-uX5WGqdOzZb07UOwbPbuyyTT-hVEQ009frofgV&sai=AMfl-YTdb6eJgojePLUJlBW7OGQiXn5fargsis3BpdFQCGiFBiUWGDGtTOTmCrHYVvjqFpNTT_b6zp6eKa7aw0M&sig=Cg0ArKJSzCQt9A8qFGzKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 26EE 15 KB
11 KB 11ms
11ms XHR
application/json 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f30938004ee949dc1b15e0120de8be26885642fb8fb49500fa75bc9ce2c5e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11261
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 699A 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 53738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 04:51:32 GMT
expires: Thu, 07 Mar 2024 04:51:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7C8C 783 B
1 KB 19ms
8ms Document
text/html 2404:6800:4003:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::93 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa4a0be88ead88aeeb9d87544e6f466a519c15a7578b6900ef7534c3c54b40f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BmEbw08DJX2ndf3GrtCmpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-BmEbw08DJX2ndf3GrtCmpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:47:10 GMT
expires: Wed, 08 Mar 2023 19:47:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 26EE 17 KB
6 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Mar 2023 19:47:10 GMT

GET
H3 200 integrator.js Show response
adservice.google.com.sg/adsid/ Frame EB4A 107 B
122 B 7ms
7ms Script
application/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame EB4A 107 B
122 B 7ms
7ms Script
application/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 043F 18 KB
8 KB 176ms
175ms Document
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031633&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830754&bpp=13&bdt=51&idt=68&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4122951427&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44777877%2C44759876%2C44759927%2C31071261&oid=2&pvsid=1479843091559339&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.la4eb61sf2k&fsb=1&dtd=81

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c60b2b83fb04f03d2546c950468d0949a4b50eb3451c1d98a1d47576e1391d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 8390
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:47:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7516 13 KB
5 KB 4ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 53738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 04:51:32 GMT
expires: Thu, 07 Mar 2024 04:51:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EA9F 783 B
742 B 10ms
9ms Document
text/html 2404:6800:4003:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::93 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3d052367cb84f87dcc179819739ca0ed4e66a90fa6f1432cb97a6393b76806b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9ZzTyo2UaQBBNqAYyb1mTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-9ZzTyo2UaQBBNqAYyb1mTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:47:10 GMT
expires: Wed, 08 Mar 2023 19:47:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7C8C 0
0 5ms
5ms Image
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230306&jk=4401752943320788&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 699A 36 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 15:25:22 GMT

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7516 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 15:25:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EA9F 0
0 13ms
13ms Image
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230306&jk=3682429029801014&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 699A 0
10 B 4ms
3ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UaJ7XQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7516 0
10 B 3ms
3ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NXYsbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 043F 42 B
63 B 6ms
5ms Image
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADIsP3YfH8OZAlxlFzvkAJu5p4PuRKWRuoeT0kLAQJ4Ffk46zZFZPp_zch46U6K0k02vZVe6avKtTDpZyUv0K2EhOpF1lxIWjLxVohtOTTfTqmdjE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031633&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830754&bpp=13&bdt=51&idt=68&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4122951427&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44777877%2C44759876%2C44759927%2C31071261&oid=2&pvsid=1479843091559339&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.la4eb61sf2k&fsb=1&dtd=81

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 043F 0
20 B 7ms
6ms Image
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17224303940372192715&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 043F 78 KB
27 KB 12ms
11ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 043F 3 KB
1 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 05:43:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 043F 20 KB
8 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:07:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 19:07:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 043F 0
0 49ms
48ms Image
text/html 2404:6800:4003:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAt5WkVj9OYu3AvfBisBjyrFBfdze4mVIdgMxfV905m_OLqoln4oVvgzg-1rjq3w2C46kO85bkcjr_Mvk9QdpIFoP-pg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031633&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830754&bpp=13&bdt=51&idt=68&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4122951427&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44777877%2C44759876%2C44759927%2C31071261&oid=2&pvsid=1479843091559339&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.la4eb61sf2k&fsb=1&dtd=81
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::93 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 043F 158 KB
48 KB 8ms
6ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 19:47:11 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 414F 624 B
245 B 12ms
12ms Document
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxCy17UCGLyY1OIBMAE&v=APEucNUJyJ2qg3_R04AtAZmXoQmJjF2b0nvUJ6e7tpHnHeVGVG4BsqPRojPWEMkU4NQXdB14-Yycr6ngqI1Od1ABv2ccBSLrCg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031633&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830754&bpp=13&bdt=51&idt=68&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4122951427&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44777877%2C44759876%2C44759927%2C31071261&oid=2&pvsid=1479843091559339&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.la4eb61sf2k&fsb=1&dtd=81
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:47:11 GMT
expires: Wed, 08 Mar 2023 19:47:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 414F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAQlYxxbxPqb1QAns2RQio&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAQlYxxbxPqb1QAns2RQio&google_cver=1&C=1

43 B
766 B

37ms
37ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAQlYxxbxPqb1QAns2RQio&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxCy17UCGLyY1OIBMAE&v=APEucNUJyJ2qg3_R04AtAZmXoQmJjF2b0nvUJ6e7tpHnHeVGVG4BsqPRojPWEMkU4NQXdB14-Yycr6ngqI1Od1ABv2ccBSLrCg
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 19:47:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 19:47:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEKAQlYxxbxPqb1QAns2RQio&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 414F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAjmP-Orveq1fc8o6oIriAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAQlYxxbxPqb1QAns2RQio&google_cver=1

43 B
766 B

41ms
41ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAQlYxxbxPqb1QAns2RQio&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxCy17UCGLyY1OIBMAE&v=APEucNUJyJ2qg3_R04AtAZmXoQmJjF2b0nvUJ6e7tpHnHeVGVG4BsqPRojPWEMkU4NQXdB14-Yycr6ngqI1Od1ABv2ccBSLrCg
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 19:47:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAQlYxxbxPqb1QAns2RQio&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 414F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFP2pPOTynQpPfQDaiM0eSY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFP2pPOTynQpPfQDaiM0eSY%26google_cver%3D1

43 B
1 KB

244ms
243ms

Image
image/gif

104.254.151.69
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFP2pPOTynQpPfQDaiM0eSY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxCy17UCGLyY1OIBMAE&v=APEucNUJyJ2qg3_R04AtAZmXoQmJjF2b0nvUJ6e7tpHnHeVGVG4BsqPRojPWEMkU4NQXdB14-Yycr6ngqI1Od1ABv2ccBSLrCg

Protocol

HTTP/1.1

Server

104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 19:47:12 GMT
AN-X-Request-Uuid: e870379d-2bc5-475f-8773-b2cd69249531
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 209.58.162.217; 209.58.162.217; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 19:47:11 GMT
AN-X-Request-Uuid: 33e4d9c6-b019-4da7-9fcc-b2761e72e01f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFP2pPOTynQpPfQDaiM0eSY%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 209.58.162.217; 209.58.162.217; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 414F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkzODczMDg2NzYyNDc2NzI3

170 B
188 B

9ms
8ms

Image
image/png

142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkzODczMDg2NzYyNDc2NzI3

Requested by

Protocol

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 08 Mar 2023 19:47:11 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 209.58.162.217; 209.58.162.217; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f943c6e5-a0b4-4ba8-944e-600d9df0c98a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkzODczMDg2NzYyNDc2NzI3
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 043F 0
20 B 6ms
6ms Ping
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=268492276723&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 043F 0
20 B 5ms
5ms Ping
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=268492276723&version=m202301230201&ct=76&x=1&cor=17224303940372193000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 043F 70 KB
33 KB 40ms
39ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgGc8PF-YkTxXilF1_8AToHbxJr1tZqN9BQKgUkF-2Fk3_FZQKS0b0aDcL9jjFwJHX-uNO4KaKS-6oYP4DYr5XVNUwcg&cry=1&dbm_d=AKAmf-BWhXAeGBaNgPgtDNccToEZfj4KHzTCkNOIj6inxdDxDT-_R5dVxwamJtK6pDZMpzIPPTbmCKFXkfZdR2_5tRYrxH9hfy3B44R_AARaEcpbBwHLwh_-I0tFSRNUlTuVEZMPFwI1-r-n4ocC__fXS7XmX_4dyZkT-ER7CxKOovVHf8rV0pOpaPsSM4eVBn6JL36TRq_DpfBnbugN2PQkpXC8Sfj41G_r5YRszy-24W8jlFwqPTzMhGgfsrBXftRe2Gb0mXLTC5Z9ktFopGRGs8bcELp7bsThrbK_ALJnMf9Gd24Ez0vji89ANevq_bNLkHm5KsTAHDpgkS4GP6DBr8MulaKo2PiMn79vPeoDPjJwoDWKNNS75iW8vxfp2Ug1PVKLd3naSW1x2S6iYOcfoSjxe_Y8znmEk1YDdOJDOhBY06PY3KAM80olGQ5l96qlhAQ67dYyRBOtbyX5ZMgghGarPlkFBDKGxr4Ezw5O7hxta60-qVmBmb6-Vn6rGYUSY3RnsBl-h1AgKKWHFPQi_SkuM1kwcK8fyzUSrocpy6AwAgb3j-5BCliGOi-oraYNtiUczI3d5eN9kjlwdyvGV9DRQSUloek4S8YKuA0Hs1f28KZfQvmlhsvcEWMHfI4_UO7ZgzDucGuZqMcij1Mz1erJqVAvSpYZ1YAsQIrwrR0rndib9sxVdZCqQouk2m0l0EitjfOoKiv__p3p_makLCEa_q8ko2YcFp4yQXKuPJnHE09Bbm9O8L9Eg8qEdlwIxYoCU8rXKc-BTyxDKag_rUGTmOulS2sWgw7PImNJ1D3bg8QSXk7cPYOZRNatrBt9C6z7ub_uBoAztw4MJMS_3W3gAlqdraBJmEIjQkXgAoj8nWQ_DZQV6uSp0V4PTx_VMEcFiLoFfkdncDPvFJozhBHIixD2fRwn3JMkxc7wWL20DPXyLHj9G73j2wBKHCr1VQZWtzfsGgjth-gYClGdemtdpOhBwj2qMjal0M4kGI802CeP5ze6vh-nCp-WOJX8v745g5PVFIdUHLqITNKiNgsRkQP2ChGpWdYdO5Lox06LKH01tAAu3MW5AEqqh3GOzJ7QV5lWGWZEZUMAudP2VQLXf1ghvmy5MO456YWMIYbXNW3_kmqgORysp0bOAvCz4Ek4YU-N7mk_laZp5Di1i4OaY-7PdMqJhtS1LQh5nHlUV33OMSeqVuMm0bTEdZVue5CnF3rf3cL90McF51k2GJeA5uHI1hWSat9anAV7nnvmtlrefYFgyvKUjDiE2nLeuwJRbmuPz4O8_Yp_e_2PHymLp2cKmWbvX-lLYr-X6p6mOfCKwh2kbbkrnBAV-ZVY-_eXDhM7lkcxForbcf-sF6MffSrIULNas4sGWKeOZErjXA22Mr4NelDvudoWjL80XSTPn_bKibIntFt6G69_ulUnFofc0yXPgQ-SUv0e5EpVLwiRrW4pJ805uLgfIHyFvkRgiW3mwPdE30S_gkwwJ_uVVBXoNzl_cQNmaDhiP7fkMm71yPEEv1GfTlpDcWXAO-fOxN1Grbbt3LvWWK1fFMIKB6XGsjlEMCOxV8-ng-i2lzRt3jY6gswVmo2yzvTo6z1mmsmUSSZixcRiJ-Tzk7_7HH7Hqe7vtI-IQJ-jwBTD01xXXxpRWzbG1sLn-Lz1UxvmOPlBtfwge1DmBkEGSe4TP1OV1NGAYgdYMX89olUKdDA_yWHyfMP6_LovPTsNEBRJ_1tV_sZK3xz7-7jDVbKKSimDldMOJp1XlZ4gRTS4V_nJDktv8Gk0yhau82H8WfsuM2V48r2yaFeGvsSNUpunJNicThVwCQHJLe8qWL3AXNmYaJXaSZkV02z1EFC2WkzcsFWf18Swavwy0nMdu8j56cyrLJJjvAroGFvDcoz8CY-T38cm3CjGi8WEia-XPnr2Ljhi2WlS5-ON7FVCv2WWRw1kTIY7oDyGV5ULjbTy6ZyqbxK5N6691kM3suAQOaXi94CbV5LERuxpOjShEBnh5ARiJIb6x8PZqDcobg0faF20agbhV6V0Dqp6lBCLG6iuC3Ymn7J83TSv_w5H2clQypG-eDPf_Fvbsc7NdLg1hkpvj9IFRSE547y1qH9vNfUZPnGqXHLaO9A9c3NHtfb5HZ8bY0RCA564bTLoOiznn3m2eLPmlQSYjWzen2HGogEMhXWl0l43Um8J8dlOkmQQCxycYgwdKMSuVN1PR-fJnqjNqzkqwf3Onh1L4Zmq6H85JgBx3twSQqggIK9-meYXukShzKxrurdPx3PpyvV9ZOQcEqyaLMEatoIwj7Zbb2RCBr2JozBWjhrR8BQgK3rTB9YNLq9MXlCrAD_pBEV6SC6bTF8CrjyOIYiXd4Y814jHRRM9E-5XONiTIk-Fv4UJcvXRpTEdTUOeiVpYjEFQDxFRpe6oLw1YIIgRCvYyR1pZs4zrSimJEDDnvM0mj0rm1h5AHsgPdEYiq8I51CC-VBahsfdIoKfSbaDWLm7LNgT2uCA_UU97bTjhghRORyIRPUknBQGL1TtFN4dYDU6e9LMmyTabPmtw3SUmofSiILrZQzglBVnjpKIIOyphg4MNHEG6qgbeED3vqDKWAFX9WIlPqMh5QHmQEthDZSw-90NsT38fm_wCCdY13XHMfIV8FSaRO-_t9RBlzZ02Y_zTm3ZiwubVuxM_FaeTftuXaJyh4seLddWXjGRHw64YALZudElInaMSKXawOhkfGuGgzp4xszy17-zV0ze5gLvAJwbcyUy-mZOnoEEazXPiPNaeHee4hXlLK_jOaEc-ZDs-yhKbodrUVMi8nSFJk7VK5QZCqCubkR7Xy7YvVklsgDL-hcYJ-7EBTJALKRZZ8p2mnhGuPjhogKnGdK1lkA5_U7TqtsOiV4DZ7hUcdETLGt3PAxnvb6Tmt0P3DztBVRqIma0yK0P5PcSVkTARM0IL8nlJWO3sA1VNY7ghpuiEEMMwYVn3-6882gHPMWDwmbYt6YUjSsB9gcnJNFprD05ehBRvUYhS3rPOfsUGSIQKp7BWOtV9t1e3rmoWaa8W-cWNaZT0fLPYjWLxS1UWEeS93jC8Avj4_YDdORVl2BCxgaetm0wcY2NQ4W4QqcmDg6mYx2wK_8P5HRYo86Czgvsms7Nz_zLj1rPe1Obv_AY2lR0YBO20VAZhjCs4u28n9xf27JK1TwrS6NHjqpfdkevCY_YiRSsqbPEWXuZh9qvN9HbEj0U8bZFl376m-MVpOYytNXURRG9oc5j-GMShvtW2QF6IA-jq1A0fCw4AnV9CLIosE1hsT5JNb5BJBz9kZBN91LCS3ec&cid=CAQSKQDUE5ymR-roBGTnPIk-jqgoJDvAo6sG8mSiQ7aEsOIhdAvRvLKvG1p8GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=17224303940372193000&adk=1761367587&idt=17&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108c09238978c706e86ed03db9541d3f409a8b733ffd7553541cbdd25dc73d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031633&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830754&bpp=13&bdt=51&idt=68&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4122951427&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44777877%2C44759876%2C44759927%2C31071261&oid=2&pvsid=1479843091559339&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.la4eb61sf2k&fsb=1&dtd=81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34044
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 043F 28 KB
11 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgGc8PF-YkTxXilF1_8AToHbxJr1tZqN9BQKgUkF-2Fk3_FZQKS0b0aDcL9jjFwJHX-uNO4KaKS-6oYP4DYr5XVNUwcg&cry=1&dbm_d=AKAmf-BWhXAeGBaNgPgtDNccToEZfj4KHzTCkNOIj6inxdDxDT-_R5dVxwamJtK6pDZMpzIPPTbmCKFXkfZdR2_5tRYrxH9hfy3B44R_AARaEcpbBwHLwh_-I0tFSRNUlTuVEZMPFwI1-r-n4ocC__fXS7XmX_4dyZkT-ER7CxKOovVHf8rV0pOpaPsSM4eVBn6JL36TRq_DpfBnbugN2PQkpXC8Sfj41G_r5YRszy-24W8jlFwqPTzMhGgfsrBXftRe2Gb0mXLTC5Z9ktFopGRGs8bcELp7bsThrbK_ALJnMf9Gd24Ez0vji89ANevq_bNLkHm5KsTAHDpgkS4GP6DBr8MulaKo2PiMn79vPeoDPjJwoDWKNNS75iW8vxfp2Ug1PVKLd3naSW1x2S6iYOcfoSjxe_Y8znmEk1YDdOJDOhBY06PY3KAM80olGQ5l96qlhAQ67dYyRBOtbyX5ZMgghGarPlkFBDKGxr4Ezw5O7hxta60-qVmBmb6-Vn6rGYUSY3RnsBl-h1AgKKWHFPQi_SkuM1kwcK8fyzUSrocpy6AwAgb3j-5BCliGOi-oraYNtiUczI3d5eN9kjlwdyvGV9DRQSUloek4S8YKuA0Hs1f28KZfQvmlhsvcEWMHfI4_UO7ZgzDucGuZqMcij1Mz1erJqVAvSpYZ1YAsQIrwrR0rndib9sxVdZCqQouk2m0l0EitjfOoKiv__p3p_makLCEa_q8ko2YcFp4yQXKuPJnHE09Bbm9O8L9Eg8qEdlwIxYoCU8rXKc-BTyxDKag_rUGTmOulS2sWgw7PImNJ1D3bg8QSXk7cPYOZRNatrBt9C6z7ub_uBoAztw4MJMS_3W3gAlqdraBJmEIjQkXgAoj8nWQ_DZQV6uSp0V4PTx_VMEcFiLoFfkdncDPvFJozhBHIixD2fRwn3JMkxc7wWL20DPXyLHj9G73j2wBKHCr1VQZWtzfsGgjth-gYClGdemtdpOhBwj2qMjal0M4kGI802CeP5ze6vh-nCp-WOJX8v745g5PVFIdUHLqITNKiNgsRkQP2ChGpWdYdO5Lox06LKH01tAAu3MW5AEqqh3GOzJ7QV5lWGWZEZUMAudP2VQLXf1ghvmy5MO456YWMIYbXNW3_kmqgORysp0bOAvCz4Ek4YU-N7mk_laZp5Di1i4OaY-7PdMqJhtS1LQh5nHlUV33OMSeqVuMm0bTEdZVue5CnF3rf3cL90McF51k2GJeA5uHI1hWSat9anAV7nnvmtlrefYFgyvKUjDiE2nLeuwJRbmuPz4O8_Yp_e_2PHymLp2cKmWbvX-lLYr-X6p6mOfCKwh2kbbkrnBAV-ZVY-_eXDhM7lkcxForbcf-sF6MffSrIULNas4sGWKeOZErjXA22Mr4NelDvudoWjL80XSTPn_bKibIntFt6G69_ulUnFofc0yXPgQ-SUv0e5EpVLwiRrW4pJ805uLgfIHyFvkRgiW3mwPdE30S_gkwwJ_uVVBXoNzl_cQNmaDhiP7fkMm71yPEEv1GfTlpDcWXAO-fOxN1Grbbt3LvWWK1fFMIKB6XGsjlEMCOxV8-ng-i2lzRt3jY6gswVmo2yzvTo6z1mmsmUSSZixcRiJ-Tzk7_7HH7Hqe7vtI-IQJ-jwBTD01xXXxpRWzbG1sLn-Lz1UxvmOPlBtfwge1DmBkEGSe4TP1OV1NGAYgdYMX89olUKdDA_yWHyfMP6_LovPTsNEBRJ_1tV_sZK3xz7-7jDVbKKSimDldMOJp1XlZ4gRTS4V_nJDktv8Gk0yhau82H8WfsuM2V48r2yaFeGvsSNUpunJNicThVwCQHJLe8qWL3AXNmYaJXaSZkV02z1EFC2WkzcsFWf18Swavwy0nMdu8j56cyrLJJjvAroGFvDcoz8CY-T38cm3CjGi8WEia-XPnr2Ljhi2WlS5-ON7FVCv2WWRw1kTIY7oDyGV5ULjbTy6ZyqbxK5N6691kM3suAQOaXi94CbV5LERuxpOjShEBnh5ARiJIb6x8PZqDcobg0faF20agbhV6V0Dqp6lBCLG6iuC3Ymn7J83TSv_w5H2clQypG-eDPf_Fvbsc7NdLg1hkpvj9IFRSE547y1qH9vNfUZPnGqXHLaO9A9c3NHtfb5HZ8bY0RCA564bTLoOiznn3m2eLPmlQSYjWzen2HGogEMhXWl0l43Um8J8dlOkmQQCxycYgwdKMSuVN1PR-fJnqjNqzkqwf3Onh1L4Zmq6H85JgBx3twSQqggIK9-meYXukShzKxrurdPx3PpyvV9ZOQcEqyaLMEatoIwj7Zbb2RCBr2JozBWjhrR8BQgK3rTB9YNLq9MXlCrAD_pBEV6SC6bTF8CrjyOIYiXd4Y814jHRRM9E-5XONiTIk-Fv4UJcvXRpTEdTUOeiVpYjEFQDxFRpe6oLw1YIIgRCvYyR1pZs4zrSimJEDDnvM0mj0rm1h5AHsgPdEYiq8I51CC-VBahsfdIoKfSbaDWLm7LNgT2uCA_UU97bTjhghRORyIRPUknBQGL1TtFN4dYDU6e9LMmyTabPmtw3SUmofSiILrZQzglBVnjpKIIOyphg4MNHEG6qgbeED3vqDKWAFX9WIlPqMh5QHmQEthDZSw-90NsT38fm_wCCdY13XHMfIV8FSaRO-_t9RBlzZ02Y_zTm3ZiwubVuxM_FaeTftuXaJyh4seLddWXjGRHw64YALZudElInaMSKXawOhkfGuGgzp4xszy17-zV0ze5gLvAJwbcyUy-mZOnoEEazXPiPNaeHee4hXlLK_jOaEc-ZDs-yhKbodrUVMi8nSFJk7VK5QZCqCubkR7Xy7YvVklsgDL-hcYJ-7EBTJALKRZZ8p2mnhGuPjhogKnGdK1lkA5_U7TqtsOiV4DZ7hUcdETLGt3PAxnvb6Tmt0P3DztBVRqIma0yK0P5PcSVkTARM0IL8nlJWO3sA1VNY7ghpuiEEMMwYVn3-6882gHPMWDwmbYt6YUjSsB9gcnJNFprD05ehBRvUYhS3rPOfsUGSIQKp7BWOtV9t1e3rmoWaa8W-cWNaZT0fLPYjWLxS1UWEeS93jC8Avj4_YDdORVl2BCxgaetm0wcY2NQ4W4QqcmDg6mYx2wK_8P5HRYo86Czgvsms7Nz_zLj1rPe1Obv_AY2lR0YBO20VAZhjCs4u28n9xf27JK1TwrS6NHjqpfdkevCY_YiRSsqbPEWXuZh9qvN9HbEj0U8bZFl376m-MVpOYytNXURRG9oc5j-GMShvtW2QF6IA-jq1A0fCw4AnV9CLIosE1hsT5JNb5BJBz9kZBN91LCS3ec&cid=CAQSKQDUE5ymR-roBGTnPIk-jqgoJDvAo6sG8mSiQ7aEsOIhdAvRvLKvG1p8GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=17224303940372193000&adk=1761367587&idt=17&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 20:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 20:08:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 043F 8 KB
3 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:34:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 19:34:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 043F 0
0 30ms
14ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTYxSE_fQWe7D4KlxN_6r0gGeAxhLm_lvMTO6yKZRBLtXbn1oavLrfwP-mTofdB1j7Wrfi-G2vFZfly0gPsrcxpKt8ezIeUsEwYY2fR3T8Z-an_YsyxkYIPBDchZD-mV6diDYoLp9vdtt_h7iWdR6GGHhgOSC8o6MrZTBlyzFGxMjkgNdGMKubpZmnzCCBgBEpP32WAdOVcmYYPN2UM_NNy2cHAGY-v16_DlQpAhf_bjdKetPPBS-d3fU8Q8l2Igmc5HJq8CtkOzTiej0niGeFkHibGW8Zf1IRcdwo29DkEf4kcNxC5a3paq1tsxDPS5zAo0JrTVm0oegRxcVQVFQJDq7_FbpVa0BYGwjN3vALRhH5ykftGk3mIXpnox-9tserlONv7DgphW2jwkNkw5nC6ynr7IhtXsSTBx9jZpaEPssFMez2GnbyG4oUFBRERP-xSkihaSFkG2F4y-J0D75l6tgK7gNkS6mWZ2F6_q2DHtiYDzAXxyTj-MxL_WJp_53l9JRQGPm1by_daF7CRWGI5bdrA_qhTwRtFT3UMPC_swO1Na2NP4OlLp9yghKVmK_bLE7WypRR4MSrFd1NXiTdS4BZbQ4RcREACBjt_oyxM7dG2FDw83XsCnwMRy2MFT896RFqx_dXmVfxMPawkYmMVp60vXt2ykatzLSQVltwuFHXbfKGTJqTnqH7S8QBO8zvT9GdsohRx5C2MipfSSYWhZA4YfuLrM6mqs1ELciBGX8gO-I67YCAtC47r4zI2VQwTwPN3t-f0WF8tEAbXtAhQzLk5BhiKw9YTPIskVxa6yG1ycX0-oA27lZeKSMVDPelgoMK75er3tSyxgvU_7mGDEUPP4P5a-aeyEmYsm8IESyBsJDIsHpmfZBzxWJRe_NzIC0G-gyOq7rJsZkeQem56H9s5bGSiediYUzAplai3uBjOteAWkCw0Sr0bAi2wjbna_KV7zwB956QcCAa3lHxz2Lo22sBEyg4kuR7PPTVlRy7KeHp3nvxvoeaXFhqUgGJeb5Rr29oqCSUp0XQIu-OLexT-s7H6BQxrb_Os8xGCM1VXEzcbuV4mrkvZ3WkrN_fRWFFwCvrEa_FO-xgxhgOB-mHt2Z4BSkzzW0hSB_xZG2Flp703K2VJ96zw17xGDfS010VV45RSndtEV19PlNfo_0xJzhgBUdnTuDWlVR2rVQ-fVX7PcwOtS4C1qVVUW4&sai=AMfl-YQN-H7pVg4podohRdi3qDZBFSMrCTKeovhl_PZSrzszqapbYVXWJfJVFQSRF8e65j-Bj7WijClZTVfRJsZIZKPldDUDDpnFp4Fuzj43Jm4x5n61weYXn8N60IHgbjWzPvHpeSnjDc5gYmGtNdxn0sPVFJn8FQ6pBgy_tEuaMnXFolA7tBIGYDMGUCAfIeSw1GRB_vWdLlBa&sig=Cg0ArKJSzIouWY3YSYNHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230302.46576&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 08 Mar 2023 19:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 19:47:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 043F 41 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 22:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 22:32:00 GMT

GET
H2 200 11598203142060248872
s0.2mdn.net/simgad/ Frame 043F 39 KB
39 KB 20ms
4ms Image
image/gif 2404:6800:4003:c11::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11598203142060248872

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f01c385021414a02e3f2b4569aa29b1571fee0498f69461a41090960696b694b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:58:46 GMT
x-content-type-options: nosniff
age: 474505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39543
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 19:45:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Mar 2024 07:58:46 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EF30 1 KB
643 B 5ms
4ms Document
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 42141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 08:04:50 GMT
etag: 48472445140208031
expires: Thu, 09 Mar 2023 08:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A9BF 22 KB
8 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 4441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:33:10 GMT
expires: Thu, 07 Mar 2024 18:33:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 043F 0
0 10ms
9ms Fetch
image/gif 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTYxSE_fQWe7D4KlxN_6r0gGeAxhLm_lvMTO6yKZRBLtXbn1oavLrfwP-mTofdB1j7Wrfi-G2vFZfly0gPsrcxpKt8ezIeUsEwYY2fR3T8Z-an_YsyxkYIPBDchZD-mV6diDYoLp9vdtt_h7iWdR6GGHhgOSC8o6MrZTBlyzFGxMjkgNdGMKubpZmnzCCBgBEpP32WAdOVcmYYPN2UM_NNy2cHAGY-v16_DlQpAhf_bjdKetPPBS-d3fU8Q8l2Igmc5HJq8CtkOzTiej0niGeFkHibGW8Zf1IRcdwo29DkEf4kcNxC5a3paq1tsxDPS5zAo0JrTVm0oegRxcVQVFQJDq7_FbpVa0BYGwjN3vALRhH5ykftGk3mIXpnox-9tserlONv7DgphW2jwkNkw5nC6ynr7IhtXsSTBx9jZpaEPssFMez2GnbyG4oUFBRERP-xSkihaSFkG2F4y-J0D75l6tgK7gNkS6mWZ2F6_q2DHtiYDzAXxyTj-MxL_WJp_53l9JRQGPm1by_daF7CRWGI5bdrA_qhTwRtFT3UMPC_swO1Na2NP4OlLp9yghKVmK_bLE7WypRR4MSrFd1NXiTdS4BZbQ4RcREACBjt_oyxM7dG2FDw83XsCnwMRy2MFT896RFqx_dXmVfxMPawkYmMVp60vXt2ykatzLSQVltwuFHXbfKGTJqTnqH7S8QBO8zvT9GdsohRx5C2MipfSSYWhZA4YfuLrM6mqs1ELciBGX8gO-I67YCAtC47r4zI2VQwTwPN3t-f0WF8tEAbXtAhQzLk5BhiKw9YTPIskVxa6yG1ycX0-oA27lZeKSMVDPelgoMK75er3tSyxgvU_7mGDEUPP4P5a-aeyEmYsm8IESyBsJDIsHpmfZBzxWJRe_NzIC0G-gyOq7rJsZkeQem56H9s5bGSiediYUzAplai3uBjOteAWkCw0Sr0bAi2wjbna_KV7zwB956QcCAa3lHxz2Lo22sBEyg4kuR7PPTVlRy7KeHp3nvxvoeaXFhqUgGJeb5Rr29oqCSUp0XQIu-OLexT-s7H6BQxrb_Os8xGCM1VXEzcbuV4mrkvZ3WkrN_fRWFFwCvrEa_FO-xgxhgOB-mHt2Z4BSkzzW0hSB_xZG2Flp703K2VJ96zw17xGDfS010VV45RSndtEV19PlNfo_0xJzhgBUdnTuDWlVR2rVQ-fVX7PcwOtS4C1qVVUW4&sai=AMfl-YQN-H7pVg4podohRdi3qDZBFSMrCTKeovhl_PZSrzszqapbYVXWJfJVFQSRF8e65j-Bj7WijClZTVfRJsZIZKPldDUDDpnFp4Fuzj43Jm4x5n61weYXn8N60IHgbjWzPvHpeSnjDc5gYmGtNdxn0sPVFJn8FQ6pBgy_tEuaMnXFolA7tBIGYDMGUCAfIeSw1GRB_vWdLlBa&sig=Cg0ArKJSzIouWY3YSYNHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=47&vt=11&dtpt=46&dett=2&cstd=0&cisv=r20230302.46576&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 19:47:11 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame EF30 35 B
464 B 46ms
5ms Image
image/gif 2620:116:800e:21:36b5:1576:d999:6e52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEADy7Q9inO3Y4OgTpbmVhI0&google_cver=1&google_push=Aa02lx_AjECSWt5Q5fAfmxmUTtGgc5WL0OCzlc4PoLWfiDE9azWO2o45rN6boGP8fG7Jvn3b4_FTREucz0UC2mcCj0haWU4teGrpV20gZ-7BsWShrddeLymBcYQXB9Mz_QQakBVcP_4VTG0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame EF30
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENRqXFvoWh9IxiKKvTG6-wg&google_cver=1&google_push=Aa02lx-xJJsd_Oy2yy8RVX0czDsfuJWNQVrIKe6fAC7QocHvmJyPnQoxIvlEOq31avzmtnkAmc8jQFLDb-3GmBVHbzrEAruFboiHK...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENRqXFvoWh9IxiKKvTG6-wg&google_cver=1&google_push=Aa02lx-xJJsd_Oy2yy8RVX0czDsfuJWNQVrIKe6fAC7QocHvmJyPnQoxIvlEOq31avzmtnkAmc8jQFLDb-3GmBVHbzrEAruFboi...

43 B
418 B

206ms
201ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENRqXFvoWh9IxiKKvTG6-wg&google_cver=1&google_push=Aa02lx-xJJsd_Oy2yy8RVX0czDsfuJWNQVrIKe6fAC7QocHvmJyPnQoxIvlEOq31avzmtnkAmc8jQFLDb-3GmBVHbzrEAruFboiHKtLxefrDbwcZOtxHdSO8ys7mBcd1-YTBBiiE7eur5xI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-xJJsd_Oy2yy8RVX0czDsfuJWNQVrIKe6fAC7QocHvmJyPnQoxIvlEOq31avzmtnkAmc8jQFLDb-3GmBVHbzrEAruFboiHKtLxefrDbwcZOtxHdSO8ys7mBcd1-YTBBiiE7eur5xI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031633&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678304830754&bpp=13&bdt=51&idt=68&shv=r20230306&mjsv=m202302210101&ptt=5&saldr=sa&is_amp=1&correlator=6306&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=4122951427&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44777877%2C44759876%2C44759927%2C31071261&oid=2&pvsid=1479843091559339&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.la4eb61sf2k&fsb=1&dtd=81
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a4d96ae3b7a0988-HKG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 282
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENRqXFvoWh9IxiKKvTG6-wg&google_cver=1&google_push=Aa02lx-xJJsd_Oy2yy8RVX0czDsfuJWNQVrIKe6fAC7QocHvmJyPnQoxIvlEOq31avzmtnkAmc8jQFLDb-3GmBVHbzrEAruFboiHKtLxefrDbwcZOtxHdSO8ys7mBcd1-YTBBiiE7eur5xI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-xJJsd_Oy2yy8RVX0czDsfuJWNQVrIKe6fAC7QocHvmJyPnQoxIvlEOq31avzmtnkAmc8jQFLDb-3GmBVHbzrEAruFboiHKtLxefrDbwcZOtxHdSO8ys7mBcd1-YTBBiiE7eur5xI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a4d96aceaa80988-HKG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF30
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIQO4UwXahPF0r4P6wmOQi4&google_cver=1&google_push=Aa02lx8B59q0wL7tkNZ7MHv6P5vubgRuTuEnF4H78YA2Xbru0cFgQ1PS2qTVlVA2TZb-nYYopzx33cw_9bVZiEgHV_Ov_gNFTzObiZ...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C581340AD6694C3886D0AF17C31DA5B9&google_push=Aa02lx8B59q0wL7tkNZ7MHv6P5vubgRuTuEnF4H78YA2Xbru0cFgQ1PS2qTVlVA2TZb-nYYopzx33cw_9bVZiEg...

170 B
188 B

9ms
8ms

Image
image/png

142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C581340AD6694C3886D0AF17C31DA5B9&google_push=Aa02lx8B59q0wL7tkNZ7MHv6P5vubgRuTuEnF4H78YA2Xbru0cFgQ1PS2qTVlVA2TZb-nYYopzx33cw_9bVZiEgHV_Ov_gNFTzObiZNNkPb1dfIDwftvxXz8FFw11zdQMumRdS1yf8zZVjY

Requested by

Protocol

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 08 Mar 2023 19:47:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C581340AD6694C3886D0AF17C31DA5B9&google_push=Aa02lx8B59q0wL7tkNZ7MHv6P5vubgRuTuEnF4H78YA2Xbru0cFgQ1PS2qTVlVA2TZb-nYYopzx33cw_9bVZiEgHV_Ov_gNFTzObiZNNkPb1dfIDwftvxXz8FFw11zdQMumRdS1yf8zZVjY
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 07 Mar 2023 19:47:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF30
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGu_T7rexeXLm14lbMzFVBI&google_cver=1&google_push=Aa02lx_53ztBH30iVQ9NcTWKdMdsGg3ptf2PQwZK3OsUJvmJH3ZYmBtZ0_lq4pvla-_MdEyysR4lojoNd-59dvNQku...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEGu_T7rexeXLm14lbMzFVBI&google_cver=1&google_push=Aa02lx_53ztBH30iVQ9NcTWKdMdsGg3ptf2PQwZK3OsUJvmJH3ZYmBtZ0_lq4pvla-_MdEyysR4lojoNd-59dvNQku...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWRhOTMwNWYtMDAxNS00YjU1LWFhNjgtZDdiZTg3ZTBiMzNj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1da9305f-0015-4b55-aa68-d7be87e0b33c

170 B
188 B

9ms
8ms

Image
image/png

142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWRhOTMwNWYtMDAxNS00YjU1LWFhNjgtZDdiZTg3ZTBiMzNj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1da9305f-0015-4b55-aa68-d7be87e0b33c

Requested by

Protocol

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWRhOTMwNWYtMDAxNS00YjU1LWFhNjgtZDdiZTg3ZTBiMzNj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1da9305f-0015-4b55-aa68-d7be87e0b33c
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF30
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEFBJ0K-ScFY-1SUgt2PSgWI&google_cver=1&google_push=Aa02lx9G_Su6fCyGYh1LSat5COLrcKAJ0UVjtbQ-eYry9UkENn1s0Qwqa4oFrdySbhoFqAvHRil8Vy2...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx9G_Su6fCyGYh1LSat5COLrcKAJ0UVjtbQ-eYry9UkENn1s0Qwqa4oFrdySbhoFqAvHRil8Vy2TZsbPDXnCqBto-LPGnouHAX8DKTSjLtmZUO-aDuhjsUMBidmu...

170 B
188 B

8ms
8ms

Image
image/png

142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx9G_Su6fCyGYh1LSat5COLrcKAJ0UVjtbQ-eYry9UkENn1s0Qwqa4oFrdySbhoFqAvHRil8Vy2TZsbPDXnCqBto-LPGnouHAX8DKTSjLtmZUO-aDuhjsUMBidmuBKgOMqrz8yE36K4&google_hm=3bvKUeTbRPeTkS8eTj8l9Nk

Requested by

Protocol

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx9G_Su6fCyGYh1LSat5COLrcKAJ0UVjtbQ-eYry9UkENn1s0Qwqa4oFrdySbhoFqAvHRil8Vy2TZsbPDXnCqBto-LPGnouHAX8DKTSjLtmZUO-aDuhjsUMBidmuBKgOMqrz8yE36K4&google_hm=3bvKUeTbRPeTkS8eTj8l9Nk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF30
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAzHXOWE8QymBOJofoHb758&google_cver=1&google_push=Aa02lx8KYI1wt6Bha6I-g15aJV2XjnSgaFTN2_aNHpULEhZBvJ-cbG9BIANlS_a3Zu-14PcHUF-_3ieNPGuAr...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAzHXOWE8QymBOJofoHb758&google_push=Aa02lx8KYI1wt6Bha6I-g15aJV2XjnSgaFTN2_aNHpULEhZBvJ-cbG9BIANlS_a3Zu-14PcHUF-_3ieNPGuAr...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx8KYI1wt6Bha6I-g15aJV2XjnSgaFTN2_aNHpULEhZBvJ-cbG9BIANlS_a3Zu-14PcHUF-_3ieNPGuArwiTTmbWhyPcK-BNBdgzhJc43RLVb-E7E17k18B1djQ3EzK...

170 B
188 B

8ms
7ms

Image
image/png

142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx8KYI1wt6Bha6I-g15aJV2XjnSgaFTN2_aNHpULEhZBvJ-cbG9BIANlS_a3Zu-14PcHUF-_3ieNPGuArwiTTmbWhyPcK-BNBdgzhJc43RLVb-E7E17k18B1djQ3EzKCsifTo5Xz6kw&google_hm=ODhoRjllQWZhZlZaSEptVmZDdE8=

Protocol

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Mar 2023 19:47:12 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx8KYI1wt6Bha6I-g15aJV2XjnSgaFTN2_aNHpULEhZBvJ-cbG9BIANlS_a3Zu-14PcHUF-_3ieNPGuArwiTTmbWhyPcK-BNBdgzhJc43RLVb-E7E17k18B1djQ3EzKCsifTo5Xz6kw&google_hm=ODhoRjllQWZhZlZaSEptVmZDdE8=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 279
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF30
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGiL1fau6Lq8PFVxOyMZXgY&google_cver=1&google_push=Aa02lx_DBRw-x-WXMz-0uhPFGZLWNp3th5iTDwRowxutg7avvb4JrD4oCVs78hMT-87JfxRNLaDv-YpFo4bERNd...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3-9XZB6WQkFgm40oAELyBNE6otk&google_push=Aa02lx_DBRw-x-WXMz-0uhPFGZLWNp3th5iTDwRowxutg7avvb4JrD4oCVs78hMT-87JfxRNLaDv-YpFo4bERN...

170 B
188 B

10ms
9ms

Image
image/png

142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3-9XZB6WQkFgm40oAELyBNE6otk&google_push=Aa02lx_DBRw-x-WXMz-0uhPFGZLWNp3th5iTDwRowxutg7avvb4JrD4oCVs78hMT-87JfxRNLaDv-YpFo4bERNdFG_pp6fmwTUeVCFT1asX92CfC6b0NdHqUxFVlnCx3isC5LI_M-nZh_i8

Protocol

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3-9XZB6WQkFgm40oAELyBNE6otk&google_push=Aa02lx_DBRw-x-WXMz-0uhPFGZLWNp3th5iTDwRowxutg7avvb4JrD4oCVs78hMT-87JfxRNLaDv-YpFo4bERNdFG_pp6fmwTUeVCFT1asX92CfC6b0NdHqUxFVlnCx3isC5LI_M-nZh_i8
Date: Wed, 08 Mar 2023 19:47:12 GMT
Connection: keep-alive
Content-Length: 285
Content-Type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EF30 0
59 B 6ms
5ms Image
text/html 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lq6P0cEcA769OtxTbK1Ob7KxCLYk4JF1kfsINztbs6lgJBfl3GgOneUtSdcMyJPV8QOSso

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame A9BF 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 15:25:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9BF 0
20 B 7ms
7ms Image
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjPAmP-YIZLr2EPWR8QOIxLxYAAAAADgB4AQC&bg=!jY6ljtrNAAbv3-2Ez987ADkAdvg8Wk6ewjoHsM-tzXEGMQlBSeLmH9sx-jhcU6Br0ZEB3fvnhMLQ7SHzSn1g74FM58XHb0JlbtUCAAAAZFIAAAACaAEHCgA2xg-n6B846gtdJX4gIA4oZPZgdPvRyVvLOHkicOEvy0ryfjaE3ulNq7lQmQpK-uxRWqYCxPLFmQMjirTsMFs1jmx3ru4ngqLyq3SsC54HbC2zvwCI2sEVLzmEZrM2btjIW22EKMg-dHr9oJxNlXajqTmqkOIPzj7KKPLRxAcptDuOQbFRVHWnttPzx-e103efNbgGHZX0LjwE7XFJhyWOWN3-n1SRpyv75yEg_KThdvNubaMiByvHcYHynefNIKddV0Xjb3CGGaT6cxOfotmW3lJT5c9G4jCnwaixZL10oDO_4WiankTcUvYRzf60bhB6mc7M26g_KkGDAKSWXhJ1oEheOYNhadDihbYzMV6Y_SN5-9rpqBkiDniPCb4f9tzfCTv6ITkiqSXpDSws_vL99rmJErU1GuplPuxWEtzc3uu37ZddokPiD6Pzd9s0JhZCAZarj_4E9qYLAryGUEW09FqKAFeA_L8Q-ppTeu8D-6pBJsMf_pCX73Aw57jEew1YFIYO6zgr_sHuHvQMS7HdQk1HD9F4_e966ubPvfRcPWhaetfJ3_WXa1VoEJLrMeV6qlTk8iUyFaCY6vuXqhoGSFMSS4B60e7ihrUKBK2RaqY8iiDIBUj1F6MkrRxd3R_cZTLJCR8MGaAf40NG3_kYYhoB8QCwwkzsm3kAnQkSk1OGyBjTWxwF2_QmQYrry_2KVv8xKUI_WpuNIwS_oLza67w75W8LIXVBqGVsHqEyPt9yjvtUDB7YD8jeAQ2ODqdbSRTrW1qm7ImWQgSwTSiWU2j3lcEQIonWBfXQw5kfKTSfqJyUcRQx2RZ_hrCIipPX4zgNO3bmhi-n3GY81AgnzMaztLmY8uTcobnHd0iLO1jkki4TJO91QzUGAEmZhrJLVcRidULr-GQDUBUnbg3toHQy1rU_luf8EZuCO7aeP49I_Sf2ravuCHtAJVijc0fElpHBRFpVoLmGCTGkXYJQ-aZY4Tfvi4A62tq8svuqRzugCo-JbUSHXLdcxpgU0fYQG7xF206bxkNtcakqVvfwqY4l4RoI37ytQHzJhMjkerQB-XlJXUpOpuVS5aC2TirFP0ysSd7V93m2UM8HdcKyJLtarDEEDxXIgd4cDB4LOyW8AmNgRT3kNqvymUo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EDD5 0
0 8ms
7ms Image
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230306&jk=4401752943320788&bg=!pqWlpfHNAAbv3-2Ez987ADkAdvg8WuaOR53jMeM4Oy-DQeSHfrZgVRh-_GYc3iJIioNLs7dZ4PQJ2xSzo2IejkEEKy5qa7wR5cQCAAAAZFIAAAACaAEHmQLwWnEyyj043cz1k5iT6x1TyPBcATQAiC1dEmA7-L0ap-ZtFuLJxerzSYm0MXYj5Q4-Mo_LeZbdlmu2LGy0VfHbToi0tvHJaO4jY6HpMHKVV6HnwbZEAVCISebvLxwFffkLLqlEMInfqXu26vCDir1wWYY2oqNanOtNVL7MPu8u5aNqdCxyX0bZLidPapHhccs37aS9fgRuEMLL2tbtjxp5RISwyJW-MpnAOh4j9tPtfMJY58gQhyTSgXPE169DW6Fp5ANYXbEAo_muGXygXDZbIT88GJu7CV3k61n8-iyycfvAYLsl0uHYiStbj40EE1v6L5OmPeS_tztvNz1UkzCeACpI66r7VUqjqNKNj_0TeBhz_S0ExKry7zEQWLakSnrczz1ofrbtGMftkCBBgyjoxHZ923otFjs_b-rLfyeURa1A9GgA9gEkRUDQqdQQHbOpT_pNuiyFu5hKQ9-wl7CvafcHnupDPv4qMmJdThy-bHNyjYH6Qde7wu7n0I6jAiDEAbpKcYzD8WnKdP2GateVQLXB5ltxExgZEt1Ej-UMgA9Hrsr3BAcA_uoR3_0gIZKhbbg4dmXlNiE6koEN80Gs9h6_qS8mc0rEm5E_iGiV8d3lnLRlHWvwtwoirMNw3AHge9FrsAphR2culy-fCGPbi9mZFsYdG8bmfWFqhX-vV_S7Exy-u-DH-CdAkpJ4SMIKy9mcZ1rJf-yz_LhAxuKAQ3plTSB4UoooH5bIQW__SXE5Mixqlg_3P0tF9TkVrKs76QZWszlL266MsV1eteo8fRDJ8xpXyGZ4YmI5K5s2shHiZdS5blBBx5Rdg7D93i79O3DjXNb2_eOMzziOxtUlXZViMd4UhQMcXTyu4RpEbviZlrYN6nDT4NvRpC1q7IrpkFVRov9mFOWIfQfIJGZ0RKyUlk4sp1dGTjw4rjDmZ1kjkdhbVPLcSaSy-yZDPDnPgF_erNSyM3M3Bnd8RbH9b7ZsfF7ssAwSkAPVybQnGjc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 26EE 0
0 8ms
8ms Image
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230306&jk=3682429029801014&bg=!RkWlRRHNAAbv3-2Ez987ADkAdvg8Wl25er4HUKIRtQNGatT0nfxHJN7deKoBQsvvEGe_jfT9Y3J8LSfP_ZXqfMIyL6VbmUPX1SwCAAAAYVIAAAABaAEHmQLrY0Qd_O6qWkBPu40nV2IT0suLtRbd9UiJMQjIu8V91Fhls-uoBWHZdmyq-vrlcbnd9PxvxW9aPaBZGqMFnLQsFRXJvZlxv6FuLOnAI1bC0lBeU0iOXRs6SOEYi8nKRZJGPdB9QSHbVPY-x40y4bqXcYOvveIN3ep0KptZY9xBJIWvwBNZcLByPay76AqQS2E2e6865YXiCBjaeWy_UwOcx5XPWjodMmZ3YuHMuzZP8SFNiawSiIb8_cenUnOjVFMOBWLE_chXKTmltdLL-6mAahwaINmTNBbRIJNIyNCtCMQ4cIFqRL8X-3oUi1Tu6ha6FaV2uOX6OC22H2YqjGcy7KIGtBXWacDXrEg8Gp6xiIE9XR-P6D0-U_gE3gK5YhM5oo7C7tT2y6hxNYMvktjot4uEOCsF2WUEerf2Ua9kbQV4CxVBNCP_n3Fhnt26BpXQot0r3R3K9RHA1kCQVOp0HO8S1valp7KH2a3ViW0sCLglHbMpDffnUuTacPAaHXGOdDWxNSrRJ-axOdgUyvt3gENBv9jqYL7Af1nq15ED3DS8QZ889MiBv8qzJe-BEkPN169YFGvIVGjejXvfmVc6ThChcRgxPiSXlBPOuxZXs7a5ZNqZHISbWazkJ5kMvYhiSi3JZP9-1Evrz4dEvfY1_ulizfpaLkpHaygdqQ4tSoJd4Sg4JeORaBSdGZP-Vh_zeYPrDisQA75KV1eQltCF1K4-fR1QzZdpGL6ddv9Fdyxppnnt6stlLFmikwRfKeTi7PrWn9Pk1JnaZfrzIzR5ZnasC2en_mLTqZm7THqGysBJfLvbSyk7Ghj6RReIPmknLCeCsvQQ93n0rv5-jy2XetyJKcTgnP5_GCTJkTPYus9WjbuvjSjJluK4XfW2TYFZ9t7bNgrxX5sGlz4YCUSI2IVHFCnQJkG8qKqYJzhF-MyxsIN1d007YArKvRfJYSi0PVf-sZ3QvgFR9FThw8zASfSxBVSyS8jiJrvV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB4A 0
0 7ms
7ms Fetch
image/gif 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKubfYoYw1VKMqFi2N43fmRfXbyPgi8NJZfi_oDbmgBYeQ3Bg7yaQAVGq-ngc8lnI0GSmw9BaFfTd02NTnfMPpt5nYgIPjhq5-EV6q7eZgsuzZQyx94fdC6NXhcX3yry-0Kf77dY7p98OIivBKdYP355xcepiP9Y64BT4ZtjFvJYaToO3OYXwSmbn-Gp6cBH0LuPbXAkgHotJKEjnbAyXMNcCF_eKvC0U4MhSvLpNmzfA60idYkKDc_vBJVM-_R4H99gO9cbe159F3LS6iPKB310i67j_thXa9VeW1bwmiqoNcqhrtHh-klxjYDtoY8dgvnRjTKteo6o4IU90vGd_Laaqr61IcTSz5&sai=AMfl-YR5AvsnB30R-Kkuoz8ZGxZMtjOdIe4cNLJNaXU3KLzqoIsrnL7Psh1E_fufQtr8ioyhlcaZWEsk6JYOJfQ&sig=Cg0ArKJSzNTFqH_z7PvLEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 19:47:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EB4A 15 KB
11 KB 10ms
10ms XHR
application/json 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03043443a3b21ad26cdb79e6d4efbb9ade285df44e2d175bcf04c7397636977b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11320
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EB4A 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Mar 2023 19:47:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D60 13 KB
5 KB 5ms
3ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 53740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 04:51:32 GMT
expires: Thu, 07 Mar 2024 04:51:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 07D4 783 B
535 B 12ms
11ms Document
text/html 2404:6800:4003:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::93 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d1818469e67ce4ecf4710fd7bfbdac8249027d2fab6039c973e61b03ae2f1ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GrT77XGHBs5un4-js4FSkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-GrT77XGHBs5un4-js4FSkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 19:47:12 GMT
expires: Wed, 08 Mar 2023 19:47:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D60 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 15:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 15:25:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 07D4 0
0 5ms
5ms Image
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230306&jk=1479843091559339&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3D60 0
10 B 3ms
3ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rH2O-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:47:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EB4A 0
0 8ms
8ms Image
text/html 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230306&jk=1479843091559339&bg=!cHOlcyfNAAbv3-2Ez987ADkAdvg8Whoz7Z9SA5ojaMa8a21AxvweP3Iioic4ynQ7Z-O4SlVMOzfrPJISdNoJVYWQV0IpPEG3uUoCAAAAQlIAAAACaAEHCgA0Fh5rHoO-7GTlNdCOOu-2W66AGHEKvQIdOCtu3_bBd9ZytiDMx9TQ7jzsQwWVTbkgcVDASpkC5TPmI8O-NI-9hhTrYhsFR3y-RiuHBkvK6H1zNJG2X6m_Qmy8tdR6qNPN9yV04aobXNItaa8LzoAkrXPU-xeIVO6Nv55thW4vZ9RMAlMsYN-UK_u5Gvsb6TNctgBQ36kUhfXiAhr7hJ_Yu8yDHVsA2riy2XMgr9R5hdS0Xud-iUx7_Qvuxh0ZMSrDQx-bOLjJDRGr-4NbIlplnwFxLVNPENVtpYk15l81KXdwZB6Sj6Pyl8le1zmFKzN0Ahd7z9YXANFF1nFKdFXX84pwezrcTayv9jdnPedhMl8k1M4aXglXrlCoanyNkiRuEVbTVtTCFTmYuRLkaUz-qzQOCGLiWPoHbPVT-4ewJhp9jH5JPVNrRR07k1yqPM1Mffu92fRVEo61BHEKW62Vx-Sn4MZaqUeUSqTHZqvnLouABPC5zDVCmNGMy1Pn7SMkgIqub84fX4la6G-XNCiDHdXKQw3Il2Cf0ClmRFPEiKJ9-xTmYOzSbqTkNuZiepNJvojFDAhQmQGkgaXSpzReqAUsLqywteH9iG_S6jPdTh655hXMHlGaxGJMEfbPhUch4kSnMEgXS3V7r71Gur8QntvUgG8wX6uc5YWnWeD3-uswu7vA58lh-mZYPj7-KuJyzJ7dSB6W79XyM9yCPS93WjRUSXh5WiISVign13NDzXIZy7hMIBLjwXVcBoPVBSuEDMXJ09xRzk7jUwb6VwVvoY3tmQ_RHv_nz4yrs0Dqv495ccoCBe6maxuNEwql5D40hIKAOKWfsJO8_wJNjiY7K8sfRuxOhhUi-h7jvnUZlqC--JYJCO14fYuj9tpZKXLNAAdUAADI5l58VMnc6a446pOJLyqtGoxyi_yBZhpErKlTYu76uToyQJwGk1txwob3WckBOOGWNirKNXBAy3tWp1hsNrQ3Azix9Ho3rCaORqZpg-CpMNldPyG4FUmOyecou3JibwrYO5f3Yh9kUnTlJNUyJZJy5Fwmsq0ZLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 043F 0
22 B 6ms
5ms Ping
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=268492276723&version=m202301230201&ct=76&x=1&cor=17224303940372193000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 19:47:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xgcartoon.com/	1970-01-20 18:57:20	Name: _ga Value: amp-4PZSZibJbeYcjssyTKPQtw
.doubleclick.net/	1970-01-20 19:47:44	Name: IDE Value: AHWqTUkDOp8gfRg6Vd6yZdziov6mIi41d3iWKoCPbGb_Xz8MHP87kAhlo8yP1SwHwoE
.adsrvr.org/	1970-01-20 18:58:47	Name: TDID Value: 1da9305f-0015-4b55-aa68-d7be87e0b33c
.adsrvr.org/	1970-01-20 18:58:47	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsInKuAkP6F0DsQBRgFIAEoAjILCKC27byUhtA7EAU4AQ..
.quantserve.com/	1970-01-20 12:21:20	Name: d Value: EAsBCQG7KIEA
.quantserve.com/	1970-01-20 19:41:59	Name: mc Value: 6408e63f-646ae-9d7af-6e1f7
.ctnsnet.com/	1970-01-20 18:57:20	Name: cid_ddbbca51e4db44f793912f1e4e3f25f4 Value: 1
.ctnsnet.com/	1970-01-20 18:57:20	Name: gid_CAESEFBJ0K-ScFY-1SUgt2PSgWI Value: 1
.casalemedia.com/	1970-01-20 18:57:20	Name: CMID Value: ZAjmP1FUQaaYLY-eNEGzSgAA
.casalemedia.com/	1970-01-20 12:21:20	Name: CMPS Value: 5032
.casalemedia.com/	1970-01-20 12:21:20	Name: CMPRO Value: 5032
.simpli.fi/	1970-01-20 18:58:47	Name: suid Value: C581340AD6694C3886D0AF17C31DA5B9
.tribalfusion.com/	1970-01-20 12:21:20	Name: ANON_ID Value: arnseFNZaiMjAmemFmDwyZaE1QrMo6QNKiWikEEg5SVSToFWYqFMw3eBeLd6RScogYV6nDZaZa1Zd7qXFZbTVucdCo
.adnxs.com/	1970-01-20 12:21:20	Name: anj Value: dTM7k!M41.D>6NRF']wIg2H`btGwB0!@wnfH8K6pQK`!5=E<L5?%K5ct2Fp8KY'k^XT(Chr>Ivk/zv4?[/C^eA@HbpRzqF1`b^M@)wf2
.adnxs.com/	1970-01-20 12:21:20	Name: uuid2 Value: 8977624158187496606
sync.srv.stackadapt.com/	1970-01-20 18:57:20	Name: sa-user-id Value: s%3A0-dfef5764-1e96-4241-609b-8d280042f204.3%2FnaluzZFtY2YsV5zAOczj6TpHrQjCjQWTJYSeZw0as
.srv.stackadapt.com/	1970-01-20 18:57:20	Name: sa-user-id-v2 Value: s%3A3-9XZB6WQkFgm40oAELyBNE6otk.yeFfiXTeOC%2FZVEqI96UQwXwFGUDWQNtqxRtqlvCYFHc
.zemanta.com/	1970-01-20 18:57:20	Name: zuid Value: 88hF9eAfafVZHJmVfCtO

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
javascript	warning	URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.xgcartoon.com/detail/xialiugengbucunzaidehuianshijiemeiyouhuangduanzidewuliaoshijieriyu-chichengdakong Message: The resource https://72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

72ac6947fc2fa4895fac8e49ba95e2f2.safeframe.googlesyndication.com
a.tribalfusion.com
adservice.google.com
adservice.google.com.sg
amp.analytics-debugger.com
b1sync.zemanta.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ipac.ctnsnet.com
match.adsrvr.org
pagead2.googlesyndication.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
static-a.xgcartoon.com
sync.srv.stackadapt.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagservices.com
www.xgcartoon.com
104.254.151.69
139.5.84.243
142.251.12.156
172.217.194.156
2404:6800:4003:c03::84
2404:6800:4003:c03::9d
2404:6800:4003:c04::8a
2404:6800:4003:c04::9d
2404:6800:4003:c05::9b
2404:6800:4003:c05::9d
2404:6800:4003:c06::5f
2404:6800:4003:c06::93
2404:6800:4003:c0f::84
2404:6800:4003:c11::95
2606:4700:10::6816:2f93
2606:4700::6812:19ad
2606:4700:e0::ac40:6619
2620:116:800e:21:36b5:1576:d999:6e52
35.186.193.173
35.230.38.116
52.223.40.198
54.221.12.17
64.202.112.63
84.17.37.43
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03043443a3b21ad26cdb79e6d4efbb9ade285df44e2d175bcf04c7397636977b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
108c09238978c706e86ed03db9541d3f409a8b733ffd7553541cbdd25dc73d13
11d7bf5f490f83a97c69015d3576118bec21cf5612d03f20440ad45bf86053ca
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1b9488a56b5b52e3cba5a7463d2d78192a82bbe34dd8bb0cc52bd94099bfc13e
25c66e9072f2e59f1e60b95b98245d9a5f4c80f64939f11f82fe08f974d5f4df
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2dec025092f81bea7e644aad65a9fd04428fbb88b37f2d73b3aa1cc2d16473d8
310e3c982d18e1c5ac20bc3a88c6064ae44fc74320287b977d7bac0bca1be3f0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35f40a61c72095405fd83a90437875d48eb5d4148622d95064157adf8021068a
3d277710d2589c3d6e3317e994191f6a65d0ebe47b4555c28f3ed724ef892bfd
3ef8595e237e195027c402f97d1727667d32a39bd0515c50e587373124ed1b96
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c60b2b83fb04f03d2546c950468d0949a4b50eb3451c1d98a1d47576e1391d3
4d16720f741506ab5d0898190b3d511353ca687df5d4b78d1b3934eb5d705fe2
4d1818469e67ce4ecf4710fd7bfbdac8249027d2fab6039c973e61b03ae2f1ce
4efedc92c478fd49db7a324f14584e69eca8edbfd4ba8c343fbda99d867cd3f3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
529d1fb1cd9996ce6e985b027e70b6e0188ab9d6f125b9caec36840690eec5ab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58e0bcb4fae8d09233c60d7bcb828eeb4c6e142d41cd99a16fa7a9623894acd8
5ac099e6e55880ece397bd82f79d9d115ad334c60b24d4bc8b1d65aa18cf1f9d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62644729157b0bdb7ac7031866a2cf61846f4e19291119a58c5e2c57becee096
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
6a1bc778aeed61aaf512a2aa94a3d3ef695b45dc4239edc27f0daef4c46206e9
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6d9bbecfa807da3e57c588a55a9b54551174f6f725be5c56b2b4465be846050e
6f9b4322072dc8201878ebd40251102e887527a88596b6227cfed98561bf9afc
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
87b7a65f63486d393e942352b630f88bbcf09be1e3b54031ecab74bc5778ad4e
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8f30938004ee949dc1b15e0120de8be26885642fb8fb49500fa75bc9ce2c5e3a
91c7a61d4ada30c981a2fb156bd315f0ed2fdf348fee9d08cb6d24f0e0c56b56
942c399960e375c805bc3b03f535c534917252717b677afb51065d86f3172c46
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
9e34a46c6311cce7bf88594fc9186d9711585d22ef33afd1412680b5f70f2f66
9eecfca4a04d2932ada3c68f9888ca084b5ec8a30ee9182300df48325db338d7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a48782b28c393c7375207d2650475e176980f3116decba05db72fca5e40efdf4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a89c233c6095ff87b5520c2725313d6bdb8cda8746d73d9ec708d456cf6a8241
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
b3d052367cb84f87dcc179819739ca0ed4e66a90fa6f1432cb97a6393b76806b
bd5b7729e8c93bf150790fc6f2d546eee22a88b1334a06676da2cb2bc4b9a14b
c7661e21d37b079feec70407cbf7c411d2c466739631e300b9203fcbbf2f2071
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
cfe26edd71a7ccbf3310511bf134ac6f8e929d2a27bd5258ac9df422bd73e087
d00dd0826e11216b39edd38cb291539b437cf783c7955684fe3c398ee6b70fed
de56b7c3fb44adc9f9c8c733f60d5c9e59c915af2f59c880c3396514d3eaed12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f1a996040a57d66c087481c2537ddfb53f08f0f232b0404896ea324d16e6
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9970e88e9115a282d5f54c8449e63b8dce31fe204f3a231819a218b1e2c91df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01c385021414a02e3f2b4569aa29b1571fee0498f69461a41090960696b694b
fa4a0be88ead88aeeb9d87544e6f466a519c15a7578b6900ef7534c3c54b40f2
fab7c3adabcd6b9b35c84a95113628ff0d9a6fa35faa3d1fa60a763857ef5545
fb58c4a3d0e1a210b3b4373181706a6b2bbddbbc49800ddf9d6f2614d942b983

www.xgcartoon.com Open in urlscan Pro 84.17.37.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

119 Requests

92 %HTTPS

58 %IPv6

20 Domains

28 Subdomains

20 IPs

4 Countries

1743 kBTransfer

4281 kBSize

18 Cookies

1 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
84.17.37.43 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

92 %
HTTPS

58 %
IPv6

20
Domains

28
Subdomains

20
IPs

4
Countries

1743 kB
Transfer

4281 kB
Size

18
Cookies

119 HTTP transactions
3 data transactions