urlscan.io logo urlscan.io
SecurityTrails logo

www.xgcartoon.com Open in urlscan Pro
169.150.222.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Submission: On September 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 11 countries across 43 domains to perform 322 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 169.150.222.217 60068 (CDN77 ^_^)
12 2a00:1450:400... 15169 (GOOGLE)
1 104.20.218.77 13335 (CLOUDFLAR...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
19 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
41 2a00:1450:400... 15169 (GOOGLE)
86 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
13 38 142.250.181.226 15169 (GOOGLE)
10 18 172.64.148.101 13335 (CLOUDFLAR...)
9 13 37.252.171.21 29990 (ASN-APPNEX)
40 2a00:1450:400... 15169 (GOOGLE)
4 88.99.165.19 24940 (HETZNER-AS)
1 35.71.131.137 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 178.250.7.11 44788 (ASN-CRITE...)
1 35.186.253.211 15169 (GOOGLE)
1 185.86.138.150 201081 (SMARTADSE...)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 35.214.161.6 15169 (GOOGLE)
6 142.250.184.194 15169 (GOOGLE)
2 213.202.235.9 24961 (MYLOC-AS ...)
1 2620:116:800d... 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 37.157.4.29 198622 (ADFORM)
1 1 51.89.9.253 16276 (OVH)
5 5 46.228.174.117 56396 (AMOBEE)
3 3 13.248.245.213 16509 (AMAZON-02)
1 4 138.201.63.149 24940 (HETZNER-AS)
2 2 35.204.158.49 396982 (GOOGLE-CL...)
2 2 198.47.127.19 3257 (GTT-BACKB...)
1 2 104.75.89.75 16625 (AKAMAI-AS)
1 18.197.176.130 16509 (AMAZON-02)
2 145.239.193.130 16276 (OVH)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
1 13.42.176.194 16509 (AMAZON-02)
1 2 142.250.186.38 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 104.80.244.96 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 35.157.117.145 16509 (AMAZON-02)
1 1 151.101.130.49 54113 (FASTLY)
1 52.16.101.30 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.26.39 16509 (AMAZON-02)
1 99.86.4.52 16509 (AMAZON-02)
4 142.250.186.162 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.9.77.36 16509 (AMAZON-02)
322 42
5    169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com
www.xgcartoon.com
12    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
c.statcounter.com
5    2606:4700:10::6816:2e93 (United States)

ASN13335 (CLOUDFLARENET, US)
static-a.xgcartoon.com
19    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
8    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
41    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
86    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
14    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
38    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
18    172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
13    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
40    2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    88.99.165.19 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
hal9000.redintelligence.net
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a05:d018:d29:3605:cca0:8b97:e855:348c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
2    35.214.161.6 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 6.161.214.35.bc.googleusercontent.com
csync.loopme.me
6    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
2    213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
3    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    138.201.63.149 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal90009.redintelligence.net
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
1    18.197.176.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-176-130.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
1    13.42.176.194 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-176-194.eu-west-2.compute.amazonaws.com
track.webgains.com
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    104.80.244.96 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-244-96.deploy.static.akamaitechnologies.com
www.awin1.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.157.117.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-117-145.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.16.101.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-101-30.eu-west-1.compute.amazonaws.com
match.360yield.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.26.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-26-39.vie50.r.cloudfront.net
analytics.webgains.io
1    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
ade.googlesyndication.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    3.9.77.36 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-77-36.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
129 googlesyndication.com
513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 152
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 329
1 MB
79 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 47
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 396
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 128227
471 KB
40 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 331
6 MB
18 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 658
12 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 268
secure.adnxs.com — Cisco Umbrella Rank: 519
10 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 389
251 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
567 KB
10 xgcartoon.com
www.xgcartoon.com
static-a.xgcartoon.com — Cisco Umbrella Rank: 918806
489 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37741
hal90009.redintelligence.net — Cisco Umbrella Rank: 234523
81 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 121
3 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 32462
api.webgains.io — Cisco Umbrella Rank: 72802
18 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 43819
medialead.de — Cisco Umbrella Rank: 43553
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 433
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 630
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 670
2 KB
2 gstatic.com
fonts.gstatic.com
30 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
152 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1071
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1515
493 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 913
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 943
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1332
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3499
207 B
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 14070
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1104
914 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 641
725 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 90998
3 KB
1 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2435
199 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 876
543 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
1 KB
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18350
705 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 47496
2 KB
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 175850
931 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
146 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 884
336 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 928
463 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 8166
666 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 924
75 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 870
245 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 478
755 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 406
265 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2288
256 B
1 statcounter.com
c.statcounter.com — Cisco Umbrella Rank: 10650
469 B
322 43
Domain Requested by
76 pagead2.googlesyndication.com 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
googleads.g.doubleclick.net
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
s0.2mdn.net
41 tpc.googlesyndication.com 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
www.xgcartoon.com
pagead2.googlesyndication.com
s0.2mdn.net
40 s0.2mdn.net www.xgcartoon.com
s0.2mdn.net
38 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
19 securepubads.g.doubleclick.net cdn.ampproject.org
www.xgcartoon.com
513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
18 dsum-sec.casalemedia.com 10 redirects googleads.g.doubleclick.net
14 googleads.g.doubleclick.net 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
12 ib.adnxs.com 8 redirects googleads.g.doubleclick.net
12 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
10 www.googletagservices.com 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
7 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net www.xgcartoon.com
6 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com cdn.ampproject.org
5 static-a.xgcartoon.com www.xgcartoon.com
5 www.xgcartoon.com www.xgcartoon.com
cdn.ampproject.org
4 ade.googlesyndication.com
4 hal90009.redintelligence.net 1 redirects 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
hal90009.redintelligence.net
4 hal9000.redintelligence.net 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
hal90009.redintelligence.net
3 eb2.3lift.com 3 redirects
3 sync.1rx.io 3 redirects
3 c1.adform.net 3 redirects
2 api.webgains.io analytics.webgains.io
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com adv.office-partner.de
www.googletagmanager.com
2 pm.w55c.net 2 redirects
2 5994599.fls.doubleclick.net 1 redirects www.xgcartoon.com
2 pv.medialead.de hal90009.redintelligence.net
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
2 sync.teads.tv 1 redirects
2 image6.pubmatic.com 2 redirects
2 um.simpli.fi 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 m.exactag.com googleads.g.doubleclick.net
www.xgcartoon.com
2 csync.loopme.me 2 redirects
2 dis.criteo.com googleads.g.doubleclick.net
2 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com 5994599.fls.doubleclick.net
1 cdn.track.production.webgains.team 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
1 analytics.webgains.io track.webgains.com
1 match.360yield.com 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 fonts.googleapis.com hal90009.redintelligence.net
1 www.awin1.com 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 track.webgains.com www.xgcartoon.com
1 adv.office-partner.de hal90009.redintelligence.net
1 x.bidswitch.net googleads.g.doubleclick.net
1 secure.adnxs.com 1 redirects
1 onetag-sys.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 ius.ctnsnet.com 1 redirects
1 ssbsync.smartadserver.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 region1.google-analytics.com cdn.ampproject.org
1 c.statcounter.com www.xgcartoon.com
322 57

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G2		 2022-09-14 -
2023-10-16		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
xgcartoon.com
GTS CA 1P5		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-03 -
2024-05-03		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
pv.medialead.de
R3		 2023-08-13 -
2023-11-11		 3 months crt.sh
adv.office-partner.de
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 45 frames:

Primary Page: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Frame ID: 08AD89598DF4D30025693F3BB1D5312E
Requests: 38 HTTP requests in this frame

Frame: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 7764CB2B4A10ACC8C37E0338232BB09A
Requests: 13 HTTP requests in this frame

Frame: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 9F6F150B112BED1803BAA5BC08F1FB20
Requests: 12 HTTP requests in this frame

Frame: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: E23C56EA5ED73341FC40D823F65488CE
Requests: 9 HTTP requests in this frame

Frame: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 6B39759856782387AC235100BE673734
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7EA0CF6DE60D28662E40494F2FEA7A79
Requests: 2 HTTP requests in this frame

Frame: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: B3BF6D2385AB31DF6879B4497605249B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230911/r20190131/zrt_lookup.html
Frame ID: D93A5D99EB3761B2593C91FD76089120
Requests: 1 HTTP requests in this frame

Frame: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3C4C819D1E6A71D5F475DD9637381DD0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 70DCEF8176381DB45745804CB6232B0A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Frame ID: 431FE4410E479FF3107656796C432723
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwaNtECHzQqmEqfCq_puGjjrO93RwkzeDWkLiQunUmwpC1hUn7A4lJYNI-UOTu3Vp89okK7MkUU-nEar5zUYPknB4kwQor829ZtV6cTxaqGjedSOurFi6-l1AoAU2varYQagGATJPut3wyRqUcJTjAmaEthBwr2k1Bi7-cDDodJaQU6O0nNfnPsg4-YxdlRGMhNc8B-WIcm37nLUS4PuZ10CAYXY18GnUfX2Fk09pbFMLXBZHOXBB-CPuo6LBvu51OgHmmR5JtaBaz9hgQktunwilRhm4l-Mk2is-sBi5CiLDEzwUD__qnqRd8nFlmIPLL4n4Sb-HX0axW2lRrZIT99T7F_3p3slwzSdfIzmHuScW5kjw&sai=AMfl-YTfNRMj1jPXjGzR8e4roUWc_GRl9V18Ej24wGmHPRNs0HVuroCBpGR_iDYuns6kzZKiShfCsF1O9Z60QhPAIJ0mniuC8zxtOOWSuw&sig=Cg0ArKJSzCQAeY6WNiJeEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BC02D58CB4002F86E5D0F7B2722E0CB6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Frame ID: B455B1817F9159E6B0913665B7C59E92
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2C185BEA5DC759A002A1E5F1231017B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37E20B1C2EA180B3746EF3E6C1D74B43
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Frame ID: C8D7F7319D308EBD2A10D46ED9F64DA7
Requests: 21 HTTP requests in this frame

Frame: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B5E0385D87817C2062072A2EE6CEF891
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNUrFAfExceSTUdLbS8SYOpL9XJrn-2VF364meabC56o5UG59wOYCPxxiImq8xbT1McnmDXNEgRkvjl0JTvPlJ6rsM-I5xQbxOoXmF3j_ojVJk7HAXqjBW4pViM5z6thkGpe7MaGmcuAjKYEIhDdleXgvCZW0kSj4250c4qgfRBX6H9ZFPw
Frame ID: 29054E8CE26D7EB6B49438CA12079442
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNV1RJDXWmmX3V1AEif4YBVYYv9UqOHSNfVS9kq2lcX7Y1ufgpzCgb-kYGFa6OEgOVIdqyvEWED_FZfYfs1vNogo6nXa5L-OeM2JWdYehx7x4nlsiOMadERyXu2wXqA8UkfjZIDl6AnQjtZ8Kzt-WWAUHOQQRcX8Ta0spuug87ws5HZ03Pc
Frame ID: A1E9E558A0269C22AFD32A74CA4F9D98
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNXXTDf5yDq6bdABUMgQXELU9HpdiHpm0vk_F65fL6o3-72F7YDI4ARIZJ0ZLWRcetWJ_Key1tukSiR2y8EcPqJxxHThO3wi3wfjtlKv-gPKrLsPvevr1RvdCfffNbmr2F6vZbSzprm5Tf8dNbBQLBn-pz-c2xtpzJ4jDClLXPh92cpwG-w
Frame ID: 67B0DC7904FABFD7FDE7BC2EA0D922D8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNV9Sh4EFjOigRlaQDgPYs7AEl1fkcxX2AUDhbxwwg7rh6WnNywjKLkn-KCqRS7lsEXV7NYmbaeM_fUB57izkj5ondj7j2gSBbPcmT3-dIZ91IXQsj6-wNipY6kfUI-I9cKyz75OfTUI98jd_SNjME_lI1ycdU6MXBLglHEwY5fM7b5q71k
Frame ID: 9B541F6CC65AC07EE0F559644DB70F40
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B5CCED1E429BF37A4EA204B6C190D186
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 94572811B4CDC0348297B169CFFC36E9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 571040EDDCA0DECD121832636C37184B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2890BB30DF2351A2326404E143C20A65
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
Frame ID: A8C810DC061B42CF63EC6EA97DA6332F
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D71583A1F6A3F312D896017E3830E7C3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
Frame ID: 7E4A4108FA0F2B291A01E4BF6216C5B9
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 48EE9364FB67D5ED35A7472159662135
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 05E11AD5B814393DCFFF0FBF869AD7B7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Frame ID: F0C1F88D44346B85830398BFFF16D407
Requests: 19 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=29610800146378504444556012446009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: D25952D65213A02ABF08BE42C62B1F47
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: FDD2A6FF3B9B21A796AA7B07773346CA
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COygt96VqIEDFdUOaAgdAswI1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158
Frame ID: 63EE0E1516CADBB46CBE3AC610DBB129
Requests: 2 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=29610800146378504444556012446009&a=c6d72825
Frame ID: 7F086973E39AC945167D0CADCBDF37B2
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 79C31A5CDBAD2D7DE75037037B4C56FE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0066679508A37B4995656A7F48C792AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A3D58768AC824B919DD706E417F659C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: B993ECF70D1A80792947BE89F2E76E5F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1BC24F1D48EB8E6657DD6AB02FD89B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45B6D469E115E13256FCB4174B87CCE2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: E817113390ED0A30119065B99BC9C138
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3299A9360E41DB23273BACC4B8870C3F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1CAA2A89F5B726811E62314F19DB00D1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 03AE5C9491BE9470D909A131774FB421
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🍸怪病醫拉姆尼(怪病醫Ramune)【日語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Page Statistics

322
Requests

89 %
HTTPS

34 %
IPv6

43
Domains

57
Subdomains

42
IPs

11
Countries

9097 kB
Transfer

15215 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
Request Chain 122
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQH5IudasACriT-z7wNsSwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECpenp3thU42qOj1IUVErYY%26google_cver%3D1
Request Chain 124
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
Request Chain 130
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQH5IpAPOV2TDaM-zUYyxQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
Request Chain 132
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkyMzUzMTA4MzMzODMzMjE4Ng%3D%3D
Request Chain 133
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
Request Chain 134
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQH5IudasACriT-z7wNsSwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
Request Chain 136
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
Request Chain 156
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQH5IivbddhP3l-uUs49HgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
Request Chain 158
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
Request Chain 168
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGVzwiQM6my8JdhxjXWFojs&google_cver=1&google_push=AXcoOmSPpu6O1Y30_Kd13s4ASE6trR1WYXNK3ib8r5fedhXHbEaAP7je4p7Hq_JMDPNNuYGTGvPNnk0H-Sie_ouE-k68ySMJ6Zl585JqD7wkBu1M_1VB3XXeZ2nXl2syJ8R5iXhL_Z5nYHuw01CQZ4h8ggR_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSPpu6O1Y30_Kd13s4ASE6trR1WYXNK3ib8r5fedhXHbEaAP7je4p7Hq_JMDPNNuYGTGvPNnk0H-Sie_ouE-k68ySMJ6Zl585JqD7wkBu1M_1VB3XXeZ2nXl2syJ8R5iXhL_Z5nYHuw01CQZ4h8ggR_&google_hm=eS1vZE1fRFk1RTJwSFhfaG1RNUhtMzJlQjVoNlRXS1RnV35B
Request Chain 172
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEGRqHAbOVChyAXFEaE4EBhs&google_cver=1&google_push=AXcoOmSGH2q3AyhWMfR6yQ36sbJObObnAFHWalel8_z0xW94rqOnBDWbDHKE6mobPvnAsDMndiarKvsmhR-d5rqK9DjHQIJ-2HlhF7QEm2rojX6yo_bbJ-F7aAVPy0h5odcRNiUktihLOKyBzjmN_7VAsS7a7Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSGH2q3AyhWMfR6yQ36sbJObObnAFHWalel8_z0xW94rqOnBDWbDHKE6mobPvnAsDMndiarKvsmhR-d5rqK9DjHQIJ-2HlhF7QEm2rojX6yo_bbJ-F7aAVPy0h5odcRNiUktihLOKyBzjmN_7VAsS7a7Q&google_hm=ujs5uxj1Sdu6J--BMpVcLR0
Request Chain 173
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEA9sV1kOvLyhdOi0Wwm89Fc&google_cver=1&google_push=AXcoOmQmrRdIZNiYHOuP4jzkEkdqs9sW79DObypZLHhQx8BVtLafXrk_1YR5hk1LpeBpHZzOF6Vkhbdrzj79xxOOkfWGCbnwZhtwCIHHVYweRPE-CsY6KxFMD2rAs44RpWOX-esE4f5MKWj97IB-EfZ3Gyb5 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=9a98909c-58a1-4ecc-8dc9-bbd360b57d4b&google_cver=1&google_gid=CAESEA9sV1kOvLyhdOi0Wwm89Fc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQmrRdIZNiYHOuP4jzkEkdqs9sW79DObypZLHhQx8BVtLafXrk_1YR5hk1LpeBpHZzOF6Vkhbdrzj79xxOOkfWGCbnwZhtwCIHHVYweRPE-CsY6KxFMD2rAs44RpWOX-esE4f5MKWj97IB-EfZ3Gyb5&gdpr=${GDPR}
Request Chain 188
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMsBU5d6IIYRoenXsObeUcs&google_cver=1&google_push=AXcoOmTuIewVfMHvkz7tt7ekkF2blh8Sc38ONP8RajAVGJZnX2j6Tu-DZ8wKBdqWixZcG_sKO-qci2eA9In-xYXknvqNvp4v_G9L HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMsBU5d6IIYRoenXsObeUcs&google_cver=1&google_push=AXcoOmTuIewVfMHvkz7tt7ekkF2blh8Sc38ONP8RajAVGJZnX2j6Tu-DZ8wKBdqWixZcG_sKO-qci2eA9In-xYXknvqNvp4v_G9L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwNDQyMjI4NDc3MDczNTEzMA&google_push=AXcoOmTuIewVfMHvkz7tt7ekkF2blh8Sc38ONP8RajAVGJZnX2j6Tu-DZ8wKBdqWixZcG_sKO-qci2eA9In-xYXknvqNvp4v_G9L
Request Chain 189
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDqvcRL3Si_Gj89gqzjpc5w&google_cver=1&google_push=AXcoOmRLA6-fyHWTOEfmCQAHAV26dDsmIn5HHV6jYGRpyAnc1kLtZgEC7TEoOXglP6p_oaGuN3CwTUtTNhTsdyvw2YEiL44JdOqc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRLA6-fyHWTOEfmCQAHAV26dDsmIn5HHV6jYGRpyAnc1kLtZgEC7TEoOXglP6p_oaGuN3CwTUtTNhTsdyvw2YEiL44JdOqc
Request Chain 190
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECml07xB6lE95dZRjnu1GCE&google_cver=1&google_push=AXcoOmRvBfvoCh-xMVLjQMW5Xbumka9LBSd-27-hgFHy4h6SIJqhNwT3IOYmDKbqOnqTUPF0Nn5-uU9LhPsQX4SEGY6GmpQyRn56 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRvBfvoCh-xMVLjQMW5Xbumka9LBSd-27-hgFHy4h6SIJqhNwT3IOYmDKbqOnqTUPF0Nn5-uU9LhPsQX4SEGY6GmpQyRn56&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1694628130753 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ec865b95-2aa8-4893-9fb6-5d7098b436ae-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRvBfvoCh-xMVLjQMW5Xbumka9LBSd-27-hgFHy4h6SIJqhNwT3IOYmDKbqOnqTUPF0Nn5-uU9LhPsQX4SEGY6GmpQyRn56%26google_hm%3DA-yGW5UqqEiTn7ZdcJi0Nq4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRvBfvoCh-xMVLjQMW5Xbumka9LBSd-27-hgFHy4h6SIJqhNwT3IOYmDKbqOnqTUPF0Nn5-uU9LhPsQX4SEGY6GmpQyRn56&google_hm=A-yGW5UqqEiTn7ZdcJi0Nq4
Request Chain 191
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHFrQz9W4BLG48VBvLxT0MY&google_cver=1&google_push=AXcoOmREUSHUvDWzktYpHWOwTRkzwKWNqsDnBzdWKjJWzKO-NU1Lb77WxdJqQX-VwmrLZfWp7TQb4308EBahnnZhkmKopK4kTGM HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmREUSHUvDWzktYpHWOwTRkzwKWNqsDnBzdWKjJWzKO-NU1Lb77WxdJqQX-VwmrLZfWp7TQb4308EBahnnZhkmKopK4kTGM&google_gid=CAESEHFrQz9W4BLG48VBvLxT0MY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NjMyMjUxMzkzMzIzNDEyODgz&google_push=AXcoOmREUSHUvDWzktYpHWOwTRkzwKWNqsDnBzdWKjJWzKO-NU1Lb77WxdJqQX-VwmrLZfWp7TQb4308EBahnnZhkmKopK4kTGM
Request Chain 198
  • https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=c3354bd77e&subid=&uid=26acc5b90e959c7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR-epIfkBZbvXLc_E7gOisKzwD6blvaBpnZycp8kP8C4QASDTy84wYJX68IGMB8gBCakC9j0qZY8Csj6oAwHIA5uEgIAEqgTwAU_QyldnXDOMSca-BYIZxUFi3-WbzexovxWwvow4J4wCd2ymw8DYv_Rzm3cwWxuc6ToPjzWEVI7-0TNJ0uHjnhpzua5c-qeyopvrd_ky2d4ipObZw7ilNxfHyMjTxe2mFgxl1hRhW6oVmhd5XDjX7taKfJhXoxW_RSDTbItz06IQ9TABO87ZfUPlLoxxT9yQywTq0sG3_wG4vWTufV-lA0m7J-bsC3qdLswDuXmcwFeyQI208ftYtxWX-wlGTseGFohbHrZPRteJBz7aX3qyynuKjhuTzHAjL0-FYzvocS-neFHeuIFc6Yd715757-ewpcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI--vM3ZWogQMVT6J7Ch0iGAv-EAEYASAAEgLk_PD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWYJIi80dEK_vGcM8F_yQnyYwT82NyEY8MC_BzpHt8Dcbz1DTTGAE%26sig%3DAOD64_3RDD1GJNG6Vs2RVzb3zmRiipeQcg%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Da2fTOCxtqrOMj04BD3sqHtB6zSWoAKTzxPR1eGx0J4iN6F41IxI9RMK1t0YE1wBs015fSXPKNSZ6HMczUZaIF9_6nxWgb64V3ITyeivOPVksOsk_Hu97ybSAUwOl2nqTIVXy-78lBltiMv-COQ2OuP3CSf8OLAgFUA7h4bU4H8Scitj8%26cry%3D1%26dbm_d%3DAKAmf-AI8CyBFDQwLUNJLUs5tFW1k68Un7D8iDTW2YfO-FUCxS4X94Mh84aLG3RA43WgWrnay3hu6RKTyi2Dh1q5pk7jYGniJMiDMnrnkZrP_lyBHgWaRZ3K2dQiJ2sCFS8EF8lICrZyiQOtIah_sC2QG2rp9p2_npCqLqjxTZ1aiM58G9IRQI-mSJ8DpiQ6BZQCpoNZ0isCdgWTvEyX4QIdu3CpaD1xNhR81SBJazfS7CokFA9pyyymgHWvV3umgHuwDBmF1Dz7-fw_ms_9v51S-YxozYw_8f2rBMBl3qLFuhfMTZ8Gw1_xZo61KjNLMBjNCB5RD-Rkmd84Nl7lLbGQku4P_jQrUGAFwWw02FmNIwOFIy8Yv2MqSCS8k3uH0nOHnGpcjpaBEokfnSAovBzrAwG13JsUTmYkJpztyLzmwuzQN9zhgX1NllVJQV7d1Cp6MQEf2H8zhcAIsHZDlK6drKLO5PTM_TessLABIYsm9b2sxe6tFTYeVr03FfDKsR54Z91AcTBR6FuSiV_JQZ-1Qti2vYCPPW1lEz58w_RSSj9jsZ2V9z9y-qN8wMvKhtOVaR0zEPdH4jlBB3TDTVbaUn_-3ueLsI8ftsdx7fKCX_-g8c2iRa0%26adurl%3D&documentReferer=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=1827392145952&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=c3354bd77e&subid=&uid=26acc5b90e959c7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR-epIfkBZbvXLc_E7gOisKzwD6blvaBpnZycp8kP8C4QASDTy84wYJX68IGMB8gBCakC9j0qZY8Csj6oAwHIA5uEgIAEqgTwAU_QyldnXDOMSca-BYIZxUFi3-WbzexovxWwvow4J4wCd2ymw8DYv_Rzm3cwWxuc6ToPjzWEVI7-0TNJ0uHjnhpzua5c-qeyopvrd_ky2d4ipObZw7ilNxfHyMjTxe2mFgxl1hRhW6oVmhd5XDjX7taKfJhXoxW_RSDTbItz06IQ9TABO87ZfUPlLoxxT9yQywTq0sG3_wG4vWTufV-lA0m7J-bsC3qdLswDuXmcwFeyQI208ftYtxWX-wlGTseGFohbHrZPRteJBz7aX3qyynuKjhuTzHAjL0-FYzvocS-neFHeuIFc6Yd715757-ewpcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI--vM3ZWogQMVT6J7Ch0iGAv-EAEYASAAEgLk_PD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWYJIi80dEK_vGcM8F_yQnyYwT82NyEY8MC_BzpHt8Dcbz1DTTGAE%26sig%3DAOD64_3RDD1GJNG6Vs2RVzb3zmRiipeQcg%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Da2fTOCxtqrOMj04BD3sqHtB6zSWoAKTzxPR1eGx0J4iN6F41IxI9RMK1t0YE1wBs015fSXPKNSZ6HMczUZaIF9_6nxWgb64V3ITyeivOPVksOsk_Hu97ybSAUwOl2nqTIVXy-78lBltiMv-COQ2OuP3CSf8OLAgFUA7h4bU4H8Scitj8%26cry%3D1%26dbm_d%3DAKAmf-AI8CyBFDQwLUNJLUs5tFW1k68Un7D8iDTW2YfO-FUCxS4X94Mh84aLG3RA43WgWrnay3hu6RKTyi2Dh1q5pk7jYGniJMiDMnrnkZrP_lyBHgWaRZ3K2dQiJ2sCFS8EF8lICrZyiQOtIah_sC2QG2rp9p2_npCqLqjxTZ1aiM58G9IRQI-mSJ8DpiQ6BZQCpoNZ0isCdgWTvEyX4QIdu3CpaD1xNhR81SBJazfS7CokFA9pyyymgHWvV3umgHuwDBmF1Dz7-fw_ms_9v51S-YxozYw_8f2rBMBl3qLFuhfMTZ8Gw1_xZo61KjNLMBjNCB5RD-Rkmd84Nl7lLbGQku4P_jQrUGAFwWw02FmNIwOFIy8Yv2MqSCS8k3uH0nOHnGpcjpaBEokfnSAovBzrAwG13JsUTmYkJpztyLzmwuzQN9zhgX1NllVJQV7d1Cp6MQEf2H8zhcAIsHZDlK6drKLO5PTM_TessLABIYsm9b2sxe6tFTYeVr03FfDKsR54Z91AcTBR6FuSiV_JQZ-1Qti2vYCPPW1lEz58w_RSSj9jsZ2V9z9y-qN8wMvKhtOVaR0zEPdH4jlBB3TDTVbaUn_-3ueLsI8ftsdx7fKCX_-g8c2iRa0%26adurl%3D&documentReferer=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=1827392145952&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 220
  • https://um.simpli.fi/gp_match?google_gid=CAESEJtj3sUbctyrSomMuOaMy2M&google_cver=1&google_push=AXcoOmS0SrRAm9q4ePghXPBJ6S-rNhnsU1W02bFXUmQseUsrJAuxB-rJeh0ucTgrm-GA5PryAyCfJK6l4KQB2Hz5eTY65VDUNa3YZ2pxCKl9hzlq_TSCUflEuOkzvJyEX82xOjkCQdNXH_8n3ULgCbJ7mQ2j HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=588C9DD8C329440E8BBCED6D0378EAEE&google_push=AXcoOmS0SrRAm9q4ePghXPBJ6S-rNhnsU1W02bFXUmQseUsrJAuxB-rJeh0ucTgrm-GA5PryAyCfJK6l4KQB2Hz5eTY65VDUNa3YZ2pxCKl9hzlq_TSCUflEuOkzvJyEX82xOjkCQdNXH_8n3ULgCbJ7mQ2j
Request Chain 221
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGgiIwsiG2i3TZFWtvsduv4&google_cver=1&google_push=AXcoOmSQHmdsKHs1NcJQInmuw4d9QmOW-9QSSbVFNvFu8cS1CYRKdMyOBsBTjf2qVIK1XbhB38OxiLDbUj-kUAuEs2DAVQTdG3FcA2ai8uAoykomviehgUdXbockzUJCEqTvEwDUnkJFaS3UQSc6EUGkDC7T HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGgiIwsiG2i3TZFWtvsduv4&google_cver=1&google_push=AXcoOmSQHmdsKHs1NcJQInmuw4d9QmOW-9QSSbVFNvFu8cS1CYRKdMyOBsBTjf2qVIK1XbhB38OxiLDbUj-kUAuEs2DAVQTdG3FcA2ai8uAoykomviehgUdXbockzUJCEqTvEwDUnkJFaS3UQSc6EUGkDC7T&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UeCZL1CGQKqWuO3Zt0VJYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSQHmdsKHs1NcJQInmuw4d9QmOW-9QSSbVFNvFu8cS1CYRKdMyOBsBTjf2qVIK1XbhB38OxiLDbUj-kUAuEs2DAVQTdG3FcA2ai8uAoykomviehgUdXbockzUJCEqTvEwDUnkJFaS3UQSc6EUGkDC7T
Request Chain 222
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELhisF63_bCL2JTy88b_pas&google_cver=1&google_push=AXcoOmS0892HRITPyYE4f9rWCA91FL59sswvKYUP7waTFyeTxFMvfDgwt80UOu5XFnQMpBXfpGxL72Fmc8KGAersiTEiphlQEe0938c5eXzyM0WmsL65bAjlqyHdNMnNZyVbDcJ7LWt_2HsBxY5kBQqQjSUVdg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS0892HRITPyYE4f9rWCA91FL59sswvKYUP7waTFyeTxFMvfDgwt80UOu5XFnQMpBXfpGxL72Fmc8KGAersiTEiphlQEe0938c5eXzyM0WmsL65bAjlqyHdNMnNZyVbDcJ7LWt_2HsBxY5kBQqQjSUVdg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 223
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEIzBGiV_eLeOvkZAEfxjzKA&google_cver=1&google_push=AXcoOmTdBVdTKD9vRS2vEY2IwF4Eo5tbGzSyWukxZpxVeviwNdjM7AsQE7MToagZnCiFgb4ufytifAOhjTkR1o9kImFFhEaaYVa-gSGUbNvDzK12sQQyHg5oK8AyRkgit5uecwwCaBR61QOSC50wf7CkV_ri HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D&google_gid=CAESEIzBGiV_eLeOvkZAEfxjzKA&google_cver=1&google_push=AXcoOmTdBVdTKD9vRS2vEY2IwF4Eo5tbGzSyWukxZpxVeviwNdjM7AsQE7MToagZnCiFgb4ufytifAOhjTkR1o9kImFFhEaaYVa-gSGUbNvDzK12sQQyHg5oK8AyRkgit5uecwwCaBR61QOSC50wf7CkV_ri
Request Chain 225
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEA9sV1kOvLyhdOi0Wwm89Fc&google_cver=1&google_push=AXcoOmTdSrhspqb7upj4Gy26DdzEKTfQV8wtQIWHz_ZZbWCPFxZzuKXofdAYM0BRpZ3uy7wXj5myELELiTJ3j9FG1H2natZzfE3wxYQcFVGsW6ev8RR-ut1flnuyNSRSNJ3kVfjw0IQEK9G-jjhn-Ct4vpD7xg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=9a98909c-58a1-4ecc-8dc9-bbd360b57d4b&google_cver=1&google_gid=CAESEA9sV1kOvLyhdOi0Wwm89Fc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTdSrhspqb7upj4Gy26DdzEKTfQV8wtQIWHz_ZZbWCPFxZzuKXofdAYM0BRpZ3uy7wXj5myELELiTJ3j9FG1H2natZzfE3wxYQcFVGsW6ev8RR-ut1flnuyNSRSNJ3kVfjw0IQEK9G-jjhn-Ct4vpD7xg&gdpr=${GDPR}
Request Chain 245
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COygt96VqIEDFdUOaAgdAswI1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158
Request Chain 247
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29610800146378504444556012446009&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29610800146378504444556012446009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 274
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJNz_Awy_zffzC2jkdWTLfI&google_cver=1&google_push=AXcoOmSuKUruE29MEGEtnhgSxqMpAiC-ywH-qFrXKlVTwUfEyXf0an0MGxLNxZo1d2vDgSzOJTi2QXxlgYH8xOQAStH5abxoWGmp HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJNz_Awy_zffzC2jkdWTLfI&google_cver=1&google_push=AXcoOmSuKUruE29MEGEtnhgSxqMpAiC-ywH-qFrXKlVTwUfEyXf0an0MGxLNxZo1d2vDgSzOJTi2QXxlgYH8xOQAStH5abxoWGmp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFdRekY5NUsxUUd1Yk41&google_gid=CAESEJNz_Awy_zffzC2jkdWTLfI&google_cver=1&google_push=AXcoOmSuKUruE29MEGEtnhgSxqMpAiC-ywH-qFrXKlVTwUfEyXf0an0MGxLNxZo1d2vDgSzOJTi2QXxlgYH8xOQAStH5abxoWGmp
Request Chain 275
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPJiBJQ8P7Wg_SNxcQE4jI0&google_cver=1&google_push=AXcoOmTyn2bbHfytvIpv98Q6-tZ6uM_At8jv1UlpzBMr-wsvs7Y7S_NYjfi0JEvhBOL0SsYnqIWLgGKcRAiVp1MDR2Fbb0ODPwdHbg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPJiBJQ8P7Wg_SNxcQE4jI0&google_push=AXcoOmTyn2bbHfytvIpv98Q6-tZ6uM_At8jv1UlpzBMr-wsvs7Y7S_NYjfi0JEvhBOL0SsYnqIWLgGKcRAiVp1MDR2Fbb0ODPwdHbg
Request Chain 276
  • https://um.simpli.fi/gp_match?google_gid=CAESEJtj3sUbctyrSomMuOaMy2M&google_cver=1&google_push=AXcoOmSrTKf7u3Z45Jistk0l_Gpirm8PzH2CUfhuWwa8T_W4MM3gPCtsu2idGBGxIpNAVjaDrBWvRLXLHJN8zwSS_AbuwDCu_XUBKg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=588C9DD8C329440E8BBCED6D0378EAEE&google_push=AXcoOmSrTKf7u3Z45Jistk0l_Gpirm8PzH2CUfhuWwa8T_W4MM3gPCtsu2idGBGxIpNAVjaDrBWvRLXLHJN8zwSS_AbuwDCu_XUBKg
Request Chain 277
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMsBU5d6IIYRoenXsObeUcs&google_cver=1&google_push=AXcoOmT8k3OWr10Wa5GI2HP_1OycXFnVEJsAXB1fh_ozmubU3O90UOYVMXRN4fvZORhm9ZnO-TM2a4tyXVcGiDvw6ATlIQpGz_DoMw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwNDQyMjI4NDc3MDczNTEzMA&google_push=AXcoOmT8k3OWr10Wa5GI2HP_1OycXFnVEJsAXB1fh_ozmubU3O90UOYVMXRN4fvZORhm9ZnO-TM2a4tyXVcGiDvw6ATlIQpGz_DoMw
Request Chain 279
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECml07xB6lE95dZRjnu1GCE&google_cver=1&google_push=AXcoOmRnFkxE99Ft9cWZjSuzAxM5X69KZzWWqDRWa6dC4egYoraLHDSVL46-F9avxbOqtdwrC1JvqehDbJD3T5FBjNH7nLSG0IMrxQ HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ec865b95-2aa8-4893-9fb6-5d7098b436ae-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRnFkxE99Ft9cWZjSuzAxM5X69KZzWWqDRWa6dC4egYoraLHDSVL46-F9avxbOqtdwrC1JvqehDbJD3T5FBjNH7nLSG0IMrxQ%26google_hm%3DA-yGW5UqqEiTn7ZdcJi0Nq4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRnFkxE99Ft9cWZjSuzAxM5X69KZzWWqDRWa6dC4egYoraLHDSVL46-F9avxbOqtdwrC1JvqehDbJD3T5FBjNH7nLSG0IMrxQ&google_hm=A-yGW5UqqEiTn7ZdcJi0Nq4
Request Chain 280
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHFrQz9W4BLG48VBvLxT0MY&google_cver=1&google_push=AXcoOmTKTR3mMgrWkN_bnR7HaOB7iTkh-bBVGVden32snMb0Kjswequt5-fHGPYBSIuTJrp89W1Ej_qTXdqAFrSECu3XqEvkRHXLxw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NjMyMjUxMzkzMzIzNDEyODgz&google_push=AXcoOmTKTR3mMgrWkN_bnR7HaOB7iTkh-bBVGVden32snMb0Kjswequt5-fHGPYBSIuTJrp89W1Ej_qTXdqAFrSECu3XqEvkRHXLxw

322 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request guaibingyilamuniguaibingyiramuneriyu-adai
www.xgcartoon.com/detail/ 		79 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b27e3af518964c62659199b1b07a9ebb795f2c0f6a84763ddc4095c1f2d1cbcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 13 Sep 2023 18:02:06 GMT
etag
"13b0c-hJ6rtnZYLEpGBUkWao6NYeyDmmU"
expires
Wed, 13 Sep 2023 18:03:06 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abb10cb48ee591b0c9f225840cbe5db42325f2b8a6e6de024d42f1b35d2c05fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 18:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72928
x-xss-protection
0
server
sffe
etag
"f87f507b897b58e2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 18:02:07 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b5bf86558934b68f6a6284900ba8f733bd7c22bb3c72bd26471843a44bb743b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 18:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23142
x-xss-protection
0
server
sffe
etag
"6a968f96e45060d6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 18:02:07 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baeb44fbcc34426a9ecaa6da2af021848c04d86850235f2d53503f7e2abf6df0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 18:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9443
x-xss-protection
0
server
sffe
etag
"fdbcbd0268737d7d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 18:02:07 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf56b2cabe2c48361ca22818fa72ed1f7fcc164dd5c57868f112ba49dd03f6b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 18:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14997
x-xss-protection
0
server
sffe
etag
"7bc938fc29211ca7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 18:02:07 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0d72a01e38febc03edb1ebbe3fb5b88e3976f7f5653af916be131ed3259bddd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 18:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15379
x-xss-protection
0
server
sffe
etag
"ddf66755a41eeb70"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 18:02:07 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de07c17694b3b586ecfea8692d819b3fa27a3ed4d895cbb25c48a1c52a8a9d26
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 18:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4736
x-xss-protection
0
server
sffe
etag
"06f88ea3f9573f29"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 18:02:07 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98d272b4525bce1ab0accaba6ccae87c8b72e24ac77f7b76fa2ad10ed8a5fad5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 18:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10329
x-xss-protection
0
server
sffe
etag
"6a2f7ae4dcae680f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 18:02:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2d0d3fdc1c807ba04b6a66564b4db6c0a1d997cc3b655e60f9ae294c5668225
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 18:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32157
x-xss-protection
0
server
sffe
etag
"526f779e48dbd5da"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 18:02:07 GMT
/
c.statcounter.com/12916097/0/c55d9f9f/1/ 		49 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray
80624ca38f809b31-FRA
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT
logo.png
www.xgcartoon.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:07 GMT
last-modified
Sun, 28 Aug 2022 14:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"3473-182e4ca3706"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
13427
expires
Wed, 13 Sep 2023 18:05:07 GMT
guaibingyilamuniguaibingyiramuneriyu-adai.jpg
static-a.xgcartoon.com/cover/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/guaibingyilamuniguaibingyiramuneriyu-adai.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f6f75b27916e760410a9f5e799193a6b8b93f82ed224c807179fb0c3df0482a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:08 GMT
cf-cache-status
HIT
last-modified
Mon, 05 Jun 2023 11:21:27 GMT
server
cloudflare
etag
"7BE508AC847FB3045A0D2DA7004D932E"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
80624ca5e86a9131-FRA
content-length
151459
expires
Wed, 13 Sep 2023 10:35:31 GMT
play.png
www.xgcartoon.com/img/ 		470 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:07 GMT
last-modified
Wed, 17 Aug 2022 11:09:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1d6-182ab7e5700"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
470
expires
Wed, 13 Sep 2023 18:05:07 GMT
star.png
www.xgcartoon.com/img/ 		424 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:07 GMT
last-modified
Wed, 17 Aug 2022 11:09:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1a8-182ab7e37c0"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
424
expires
Wed, 13 Sep 2023 18:05:07 GMT
nvyouchengduinvpengyouandnvpengyouriyu-sangyuanzhi.jpg
static-a.xgcartoon.com/cover/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/nvyouchengduinvpengyouandnvpengyouriyu-sangyuanzhi.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e8f822523f161efbed327dae83ec232aa5e5c199c863fbe88b22a2de86a8751

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:08 GMT
cf-cache-status
HIT
last-modified
Mon, 20 Mar 2023 07:27:33 GMT
server
cloudflare
etag
"20EA25266C693F353DE7361EB5924E23"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
80624ca5e86e9131-FRA
content-length
88683
expires
Sat, 16 Sep 2023 07:16:33 GMT
miaoshouxiandan_dongtaimanhua-yuqilin.jpg
static-a.xgcartoon.com/cover/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/miaoshouxiandan_dongtaimanhua-yuqilin.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c987d5fc9e4062b3f219ebaf0c14813ce7c062e971a82b32be4e5c4c6553252

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:08 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Jul 2023 05:12:45 GMT
server
cloudflare
etag
"79ECA590B82D44699EDC120786E87904"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
80624ca5e86f9131-FRA
content-length
74736
expires
Sat, 16 Sep 2023 08:49:24 GMT
shikongshituriyu-baixiao.jpg
static-a.xgcartoon.com/cover/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/shikongshituriyu-baixiao.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6095fad790e511839a14a66d15e9fbfa600785775af3ad02e7e412aca2974648

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:08 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 07:44:14 GMT
server
cloudflare
etag
"177602B4B5A4C23506A0973724D95828"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
80624ca5e8719131-FRA
content-length
75874
expires
Sat, 16 Sep 2023 08:21:24 GMT
doushiyinyangxianyi_dongtaimanhua-qimanwenhua.jpg
static-a.xgcartoon.com/cover/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/doushiyinyangxianyi_dongtaimanhua-qimanwenhua.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8f80e3310929ff98c923842f94244b01c32ebfae5f915c46fcb821d715ec3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:08 GMT
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 03:20:19 GMT
server
cloudflare
etag
"161C199BA4BE2A243962E041389BD3FF"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
80624ca5e8729131-FRA
content-length
74569
expires
Sat, 16 Sep 2023 07:51:47 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012309011827000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309011827000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2313b832ea2d9d8e3c1b5bd2b9ca3498ffe84065c84294ead0a6617f8c1241a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:07:40 GMT
age
75267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2980
x-xss-protection
0
server
sffe
etag
"1123f3a95b3d07e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:07:40 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		953 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		792 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		440 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		394 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		227 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		154 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012309011827000/v0/ 		237 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309011827000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e8d7b58a7d85453ef7267e187eddd9181d35c4c8d2393ed9563aa9a0089e2d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:07:40 GMT
age
75267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64147
x-xss-protection
0
server
sffe
etag
"201830000134ceff"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:07:40 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012309011827000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309011827000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bbbe27a91eb385c7f86d2203bd841747096782df337bae2afdb74cf4fe90258
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:07:40 GMT
age
75267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3934
x-xss-protection
0
server
sffe
etag
"57ee2204276dd362"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:07:40 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309011827000&d_imp=1&c=646651000519&ga_cid=amp-mE-qm2K6ZkN466KOFG5q1g&ga_hid=519&dt=1694628127723&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguaibingyilamuniguaibingyiramuneriyu-adai&bdt=520&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc1cf1deebcf71a82fd82a70912c91900795d166e666e7d0e02c4ed3f97abae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:08 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
COLr1tyVqIEDFVjluwgd4-YAcA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027453313
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Wed, 13 Sep 2023 18:02:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309011827000&d_imp=1&c=646651000519&ga_cid=amp-mE-qm2K6ZkN466KOFG5q1g&ga_hid=519&dt=1694628127723&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguaibingyilamuniguaibingyiramuneriyu-adai&bdt=520&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2adf405f8219aabe740003439ad133f617748bd6ca29a389c06cb284b6b74981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:08 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
160x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23259
x-xss-protection
0
google-lineitem-id
6137554073
x-qqid
CKTy1tyVqIEDFW2e_QcdBO0DLw
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138371250300
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Wed, 13 Sep 2023 18:02:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309011827000&d_imp=1&c=646651000519&ga_cid=amp-mE-qm2K6ZkN466KOFG5q1g&ga_hid=519&dt=1694628127723&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguaibingyilamuniguaibingyiramuneriyu-adai&bdt=520&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e8d9d6282ac349cd48be272b1d8a11e98ef6c37eb0a274dbb6fb730d07a44db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
320x100
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CP2g19yVqIEDFYSe_QcdGZoPmw
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324663394
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Wed, 13 Sep 2023 18:02:09 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		139 KB
48 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309011827000&d_imp=1&c=646651000519&ga_cid=amp-mE-qm2K6ZkN466KOFG5q1g&ga_hid=519&dt=1694628127723&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguaibingyilamuniguaibingyiramuneriyu-adai&bdt=520&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8e5e7748228eaf2a0590721245ba6db44367a023531eb1cce6b212f2fdba7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:08 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48329
x-ampimps
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGzERIPkBZa6CGbzb7_UPjOykgA6Z3-zZb8jo5o6lDN3rxdOiGxABINPLzjBglfrwgYwHoAGumIqiAsgBBqkC9cQEe00Dsj7gAgCoAwHIA9sEqgTOAk_QVY93LPgXPFQmk_9UDP6dDA2SlM-msN2ugvhLWTcRrMsmArQhTKWXMSxueqVUzAkzoHhyIr4ANKcbDjwJ2qvYCepy6QmA3ORUu6EK7WKAqjipVdBE-_cghyd_PUhuaoeCccQJJzeP6ufePs6a4qf3TXBWO5C8pyIyMBSaXKKIXHdn-el0cgTklfdEcxup_KjOW8yujSbbQ7Mgbfpr7r5bAovV7Gyf6RZwcakWsnfXoyARNrc1NCJt4ztxaXsEdFogjumOK5Ag2Ja8mEuQ9rkSFivywWz9gIYTPvO6HJdGiVlAym1N0IBcVz9lbZpjZO1LYwDtVQj5OVrac37DZfd4mm0wr3fikIjA0L9mZ9o9Da1bk1ndG6PFJ5bM4rwT7I6LYScyA4MvEbRUhth8Yb2w3Tp-nPx0oIHSvjbL6apnRvp8rx42axgB6OAWApnABJ6BxOv_AuAEAYgFrb3q-SeSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHuuf13QGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDwLtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCSBodHRwczovL3hjcmFmdC5uZXQvcmVnaXN0cmF0aW9uL4AKA8gLAdgTDIgUA9AVAYAXAbIXHgocCAASFHB1Yi0zMDM5MTk5NTAzNDAzNjM0GJnSIQ&sigh=xeTE1W-EuFg&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWyjCMqfpfg6nKS4RsRgq4j-_4nEDxpxgB&template_id=492
x-xss-protection
0
google-lineitem-id
-1
x-qqid
CK6S-9yVqIEDFbztuwgdDDYJ4A
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
X-AmpImps,Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Wed, 13 Sep 2023 18:02:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309011827000&d_imp=1&c=646651000519&ga_cid=amp-mE-qm2K6ZkN466KOFG5q1g&ga_hid=519&dt=1694628127723&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguaibingyilamuniguaibingyiramuneriyu-adai&bdt=520&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b408113887865a0b8c205fbe2db23859c3f6a29bcee9881c26e6b767ddd63768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:08 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
728x90
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13049
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
COSA19yVqIEDFULluwgdEIMM-Q
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324260118
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Wed, 13 Sep 2023 18:02:08 GMT
container.html
513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
googleanalytics.json
cdn.ampproject.org/rtv/012309011827000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309011827000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:07:39 GMT
age
75269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"eefb6e15c88944d2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:07:39 GMT
ga4.json
www.xgcartoon.com/js/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
AMP-Same-Origin
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:08 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 10:49:40 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"11d8-187c255423d"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cache-control
max-age=180
accept-ranges
bytes
expires
Wed, 13 Sep 2023 18:05:08 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=519&cid=amp-mE-qm2K6ZkN466KOFG5q1g&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguaibingyilamuniguaibingyiramuneriyu-adai&dr=&dt=%F0%9F%8D%B8%E6%80%AA%E7%97%85%E9%86%AB%E6%8B%89%E5%A7%86%E5%B0%BC%EF%BC%88%E6%80%AA%E7%97%85%E9%86%ABRamune%EF%BC%89%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1694628129&sct=1&seg=1&_et=1000&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7764 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:08 GMT
expires
Thu, 12 Sep 2024 18:02:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F6F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:08 GMT
expires
Thu, 12 Sep 2024 18:02:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E23C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:08 GMT
expires
Thu, 12 Sep 2024 18:02:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7764 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
124275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Sep 2024 07:30:54 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7764 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8defaa254720283d5fa282bbc38df8d5ab8a0eb304e9314ef2a6d37b1eec6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7909
x-xss-protection
0
server
cafe
etag
14325445640227293572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7764 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9F6F 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aee76cc265a32f96f1299fadae425b1b77be17690b471aa6c4c58fd9779c3080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28917
x-xss-protection
0
server
cafe
etag
121 / 19613 / m202309060101 / config-hash: 9727759557090079596
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F6F 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9F6F 		0
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcvZ5HyScDTT6s0LWBe7Z2MXfqq0DKjxMxRb3RuRq32RVYYnOyYnf6opYQUjBk32hdpUIo0RhoVAoiZuarWel-1INEzqkTGgHTORTHyy-nCwvRwfpw75NDzPBvWI_-GN5A55h5fhAepDvPoZu2_KCjLjbnLE4sxXvv2kvZrZlmAF58W66XzFIyJZG-2qcW78xm5R8rvrPv-KYyvmU2_FZ5EWESkMMnag0rArppU1fbitOR8DDZYbLOy5ts8dDc6CKwQBQMK9i_NNKpG-a-cJHFh3K2F-W7EzQSdOw15iQ8ecUZ0xaxEST8brEr9Vj8evAMWTdtvF5cVZmoZcLgRoi_49cBYD63k4Bz0fU0bAUw-If_PXI&sai=AMfl-YTlkTeEPyl97iAKMP9AT4A6yX8DHz9cS02iLWLLs7OTNH9u79kS92tWhuVtcVoHc1HzXHulNk_9T2NBZSY&sig=Cg0ArKJSzP6HYeIyzO1LEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 18:02:09 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame E23C 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 14:54:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
11284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13552
x-xss-protection
0
server
cafe
etag
17023098769855550506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 14:54:05 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E23C 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
124275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Sep 2024 07:30:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E23C 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame E23C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:46:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
15346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:46:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame E23C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
17117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:16:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame E23C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
15369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:46:00 GMT
container.html
513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B39 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:08 GMT
expires
Thu, 12 Sep 2024 18:02:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6B39 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
124275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Sep 2024 07:30:54 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 6B39 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20dfd108d75fa2fd6d2b57a0d74c86e7dd5e7c27750e3fd0b83d3cca754da139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7897
x-xss-protection
0
server
cafe
etag
6426071751198130187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6B39 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7764 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhMkQtKZ1aGbRe8qFw9aD5WBXOkdwefnV_dn8vaCYIiDnNO6j-Z_ILj-0u1nNx6ZGJDqji7mVUmGhha-L28QkobCNUGDQjv0RfhbjI30i9sJLFhZyRM0r_f46ofXmrdC8rzAcJsvpAzloZQAc6zco-UrMyOueeRkwfjLr5Sc4DDDHYFD-lnVYdCQnvBJAX-V0YM-GHcte-4lAJiv2bB6ECG9sDcfCVAkXuGQq5__G_EEDAlVTB6q250KRpAP4UwU4Zi-PDVRHHvfBBuNAfM9r94vNxtHBVPZIB_8e8JDgfQSKUe6NW3tO2DZR6ZKWtMEhM1nQUPhx-P3QgK1bj2otmwY4JWseDrwxpIuR6yEeW&sai=AMfl-YRpNqQwjTf88NfVbwIRdGxEX_untTRt7SsHSkneMrd_ptHJbdngu8lBQPulM7V2oiNFRz4puXpoS_064yw&sig=Cg0ArKJSzNUh9R1izefpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/11161444301065608621/ Frame E23C 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11161444301065608621/14763004658117789537?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qnwyN1LmSGwMZhxbdKnKDB1ZMiPjA
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a1fd2a2caaca9f57f3598f6d2d4f59e143c214d144f6f2d06c92c501121e959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:54:39 GMT
x-content-type-options
nosniff
age
162450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55752
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 07:49:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Sep 2024 20:54:39 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame E23C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 07:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Sep 2024 07:28:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6B39 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0DOTW1JxnVS7rnPs14mTFu8l6DWhoEXYaFcDg1wbtZkKhJaEKKJGecosSLOeZXUA6l_Up7nhpCpJtd4-2CSJF4MqO13Mh4CuYblzFE9eso7uNwv-kxLoiI0JRNeI2Dd02q483lwa9zyomotpwpgsQzx9hRs8dGq4ZH642fH1V7JxWHUpcbYTNfqeaxAz_qjLi2ESLqcr_Ac1IS0ib5logxcJArhw8I5sI0TIX_FT2FEDfXOpF9e7sVXjEIFMkjJENnJ1T3_0KCNF0AcT_eHMkRn3gvfvYLnA5pGVzEiIl-kKH54GETJ8RzPAxedwyC0E2UZLIeNRF6GLwX-hZIOleFV3bSc-rh0PKXUKTa8Ja&sai=AMfl-YTMycTgRLCJpCGAH_G3kUh_UZqmUvVrA4EiqLenASqJLRM9VAIrvJogT5SNdjapqgA_ISYD_pA30Iqg3xQ&sig=Cg0ArKJSzD4Q2l1I_Ap8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7764 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9f336e47e29bf067293b51d3199c99d2c9bfffd0f01e3dfc9d0a238a1f47d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50445
x-xss-protection
0
server
cafe
etag
14760311494497533555
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7EA0 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 17:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7764 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
519425864e1ab04422a71c1adbad8d03badd4b6eeb345970ac5cc2633adfc922

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
container.html
513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B3BF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:08 GMT
expires
Thu, 12 Sep 2024 18:02:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/ Frame 9F6F 		407 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
540dfacb5653359db263f2d751b3494596b42b5acae30bc379eec33e87ed40bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 21:19:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
74577
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131474
x-xss-protection
0
server
cafe
etag
4360487527687814013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Sep 2024 21:19:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6B39 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59e2ce8e4261ee96601f365baff5107208672c28b5956f54636511cbd0cea93d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50456
x-xss-protection
0
server
cafe
etag
549670653397980722
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
truncated
/ Frame 9F6F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db5eea0f827b8a7e5ae6bd6592e75553d0c1d62dec3c071deefa899b63cbece2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309070101/ Frame 7764 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com&bust=31077789
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbce58114e1f25a8bee60afc62603b2d1dfc8a6e54a039961c4110545c6bbc99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131518
x-xss-protection
0
server
cafe
etag
12440497577166714166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230911/r20190131/ Frame D93A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230911/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13046
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 14:24:43 GMT
etag
8554266389219770021
expires
Wed, 27 Sep 2023 14:24:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B3BF 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:30:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
124275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Sep 2024 07:30:54 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B3BF 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05fefbada7c33ff4c9274a8b7490f5f488ba9b7f07ff337f3461571213123c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7907
x-xss-protection
0
server
cafe
etag
12093242592173101831
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B3BF 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
truncated
/ Frame 6B39 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3188e9d1bef7774813d2ec8b043d7bd3466ed8ec9091bc81978cea5317064145

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ Frame 9F6F 		56 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=421810002138787&correlator=606372623760216&eid=31077227&output=ldjh&gdfp_req=1&vrg=202309060101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_anime_vrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com&abxe=1&dt=1694628129391&adxs=0&adys=0&biw=160&bih=1200&isw=160&scr_x=0&scr_y=0&ucis=w12a53p5p4ly&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguaibingyilamuniguaibingyiramuneriyu-adai&loc=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=160x0&fws=256&ohw=0&ea=0&dlt=1694628128998&idt=367&prev_scp=in2w_key9001%3D1%26in2w_key%3D11%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx1580%26in2w_key4%3D--3---%2C--3---%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D1580%26in2w_key8%3D11%252C12%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D5&adks=1862267292&frm=24
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc48cf4a6ca51b081d0bb595f023105857c72b2b863d584821775c406792811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20300
x-xss-protection
0
google-lineitem-id
6135185025
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376945785
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C4C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:09 GMT
expires
Thu, 12 Sep 2024 18:02:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7EA0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:09 GMT
expires
Wed, 13 Sep 2023 18:02:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:09 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 70DC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B3BF 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyZkAmRcMXxsmXbdv0vs_guGtwG7qTOfi_ilEUS9LHhy2-Js0bfcmx5KNAx7lXa44gz-6p-SEWIv1vwpXK0OWamkO9itSAGx66NyiU8xvd8d36ppZtfxPm4wozjNoFJDZHJhH3jgT8NlrnALnjr2SLrSJjPbG3W1q-YSv3fvrXbeUzckUpWkVNk8cyBZMRe1YNyutsaVyfUxvXoZ-r3Gq9M3G4jypAHN-Wv2uc-JNFQh08GCwU_1qFt-MqwEyCjSMSMA2NIyzBZ1GFtPTW51idHN8ZhGz5tcFwcazDyhL_ODmF18ACPCrtCvJJ9DBx2pWGHgADMbYrIx3B6wWygr-DJCB__qQfeuacdLEKh4A&sai=AMfl-YTLrD4kTF2Np4wZ7C2-Z6HIEW2Gg2F05xa3aQFh1bVwcMxKsxg6qszaBgXK46YSZhTGCTjxcWcN0n0QhVI&sig=Cg0ArKJSzPFIA41nj0qqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
URL: https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B3BF 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57ed72a6515bf49841a34fdcd565639c32984b6eaefa786b93eccd32f4503a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50452
x-xss-protection
0
server
cafe
etag
4235345737263572653
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame 6B39 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com&bust=31077719
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f336ba03f93a51a67f563402bb66f9b94369f61cb6d932b57832ca37a50e30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131798
x-xss-protection
0
server
cafe
etag
4163885184217593854
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9F6F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiUPO-OGFInPhZGt4puTMRAJ1ZW6XAwggwGavYyTIQVOBQJrvWPN7uSKgDQx2jypr9ZvBRC5ZtCfL_aXXrOX-fR3Cn-MdVorDZUUWd229T_7ruC8R0afxoAeI47N1VX_iMOPFPPJ0nGS-H0_4WFMEgziRJnvwn18YDwj0ulG76SmtfOvRk2SM7D-uqAr4yd7XJOdOJn2UpOJMa6AN7Kb9lSTp2Z61ifWe4wZQ8cNA14JBoBGrToxBKgiKAMsiedvlA6L56woZjs8gVEr_19EXV4jihP79pzaxS-075ErNJ1VA5CdOfY_JZ91O2BEj-KWBZbbOhShI-R6_qCB6vQ7PK5o6qs141p7uVXKB8ZkWtqIy3vCTAXg&sai=AMfl-YRu4txSbsCSE5XdaWWRu1bQ6QyyiCR_WYYaTWYmoMx5pVYlzcrS7N2uiUy_UHiVWB2hdZ6B3vHUvYVGF20&sig=Cg0ArKJSzOKyT8eR0g-REAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 18:02:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9F6F 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
872e908c3a8f66dcf9c76041b312ae517699643eb320e1036e8404b4060e8ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11685
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 431F 		24 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com&bust=31077789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87d7765b7f94dbd192212c56ff8af2a1c25c5b70f0f0fd139a434711acffd4b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11479
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame B3BF 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d31528f47a5c670e7fbe2c7e3737d1a093c0a0f187a0dc672306ae63a43370f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131797
x-xss-protection
0
server
cafe
etag
14832217034060235235
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BC02 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwaNtECHzQqmEqfCq_puGjjrO93RwkzeDWkLiQunUmwpC1hUn7A4lJYNI-UOTu3Vp89okK7MkUU-nEar5zUYPknB4kwQor829ZtV6cTxaqGjedSOurFi6-l1AoAU2varYQagGATJPut3wyRqUcJTjAmaEthBwr2k1Bi7-cDDodJaQU6O0nNfnPsg4-YxdlRGMhNc8B-WIcm37nLUS4PuZ10CAYXY18GnUfX2Fk09pbFMLXBZHOXBB-CPuo6LBvu51OgHmmR5JtaBaz9hgQktunwilRhm4l-Mk2is-sBi5CiLDEzwUD__qnqRd8nFlmIPLL4n4Sb-HX0axW2lRrZIT99T7F_3p3slwzSdfIzmHuScW5kjw&sai=AMfl-YTfNRMj1jPXjGzR8e4roUWc_GRl9V18Ej24wGmHPRNs0HVuroCBpGR_iDYuns6kzZKiShfCsF1O9Z60QhPAIJ0mniuC8zxtOOWSuw&sig=Cg0ArKJSzCQAeY6WNiJeEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC02 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9F6F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 18:02:09 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 9F6F 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=421810002138787&correlator=606372623760216&eid=31077227&output=ldjh&gdfp_req=1&vrg=202309060101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_anime_vrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50|120x600|160x600&fluid=height&ifi=2&sfv=1-0-40&rcs=1&eri=5&sc=1&cdm=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com&abxe=1&dt=1694628129698&adxs=0&adys=0&biw=160&bih=1200&isw=160&scr_x=0&scr_y=0&ucis=w12a53p5p4ly&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguaibingyilamuniguaibingyiramuneriyu-adai&loc=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=160x18&msz=160x18&fws=256&ohw=0&ea=0&dlt=1694628128998&idt=367&prev_scp=in2w_key%3D12%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%2C1%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx1580%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D1580%26in2w_key8%3D11%2C12%26in2w_key9001%3D2&adks=1862267292&frm=24
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71b05f6ee32e59a76a93d2717dce5041e504dc287221285cedc7965efed89300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12465
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B455 		23 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com&bust=31077719
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e9be7d495c1d94c5f282c62534e174d4c228ef96bdebb73aac72f0834a1df0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
10980
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BC02 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7076342608a13c13dd5e536f950ce20c7dd773c054de15807e6769af6f141dbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame BC02 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvibA-epIdrG0buoXZaa5OWydw0Mo2nBPyTMh6lERagpv8NvlSdZm_m7BjGc4aWZ61g6Zp_8o4VV5JM8nMdEHM-iscdjn0Zko7erIUtw3SB_jmPwBj4OnlPhBO4kqUjoxSUYEjMbuU9P23cJKIe2XVsBtRJsooW2KnZlptKMHY78mHi9hpB38IhtjUcll_857p5sBvZUVMYcOqH5sbSlsXUC8ryGbrmcbca8UJYtjftqOoHk2GcA03fW8SYbMpzwndeUDXjaFsyDur_jivck5NygkO8AU4xY8vjNZPR6oNMKIZumT2ovnjn2j5Yt7o71G_viEs3jB9PhT3wLB25Ci2wXWs43yQKpfYcsUn3KLQRebA87Cpo3w&sai=AMfl-YTPckfgw0_M6z5nzNazbGSNU3CT643_HBPH8r7QaKsCNGgwVAcVzqvTbt_19FFnoAjcibPaC8VYz5coeWbMpFWDNAzbp8eRys5ozw&sig=Cg0ArKJSzNPIsU42VJ_ZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 18:02:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2C1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 14:40:06 GMT
expires
Thu, 12 Sep 2024 14:40:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 37E2 		829 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36807cb9cf740aa3b279e5e4f10d2cf67d413e253adbd2b58c4d251ab4c47c9a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HD7eXy6BmBoTGyW_gZOtQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-HD7eXy6BmBoTGyW_gZOtQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:09 GMT
expires
Wed, 13 Sep 2023 18:02:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
googleads.g.doubleclick.net/pagead/ Frame C8D7 		25 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c56bee01d221acab0c08562d7fabe75cb4c32afe2435a02717f0b57eb930f5b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11803
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 37E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309060101&jk=421810002138787&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame A2C1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
generate_204
tpc.googlesyndication.com/ Frame A2C1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0wJ6LA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame BC02 		0
0
container.html
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B5E0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:09 GMT
expires
Thu, 12 Sep 2024 18:02:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 431F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B13CQHcaPOmLOy5r-QoRVOYjzT_vGRlBAVePyFvqdUF-XtCUi8NSWGMN8FH8Jrgd7hfTZrWNTMJcc71Ahspr6O2iaHctaZWppjoDxcxYobfa2Dhsc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 431F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14630770024622245914&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 431F 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 431F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
17118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:16:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 431F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
15370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:46:00 GMT
l
www.google.com/ads/measurement/ Frame 431F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgVXgdVN1PqZJl_vjbxeX6g7O5gXj1vXTUhg27n2MzBHpve8PMi0-TT1SN7EF3DyYKEc2c0sSBRDavcHa7WwiQxS5WyQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 431F 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2905 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNUrFAfExceSTUdLbS8SYOpL9XJrn-2VF364meabC56o5UG59wOYCPxxiImq8xbT1McnmDXNEgRkvjl0JTvPlJ6rsM-I5xQbxOoXmF3j_ojVJk7HAXqjBW4pViM5z6thkGpe7MaGmcuAjKYEIhDdleXgvCZW0kSj4250c4qgfRBX6H9ZFPw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:10 GMT
expires
Wed, 13 Sep 2023 18:02:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A1E9 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNV1RJDXWmmX3V1AEif4YBVYYv9UqOHSNfVS9kq2lcX7Y1ufgpzCgb-kYGFa6OEgOVIdqyvEWED_FZfYfs1vNogo6nXa5L-OeM2JWdYehx7x4nlsiOMadERyXu2wXqA8UkfjZIDl6AnQjtZ8Kzt-WWAUHOQQRcX8Ta0spuug87ws5HZ03Pc
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:10 GMT
expires
Wed, 13 Sep 2023 18:02:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B5E0 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5E0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkCAps5SOXxU28oR5MClXQcm9lxs1ZPKf838s_mSTAh0iOX0k5bke5ANJlVCwVaY2MQMt3HrHZq6Fb3EGN6rWysW0GUmxf4nLnyO28YGvGy5dNkps
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5E0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=815246409079483689&x=1&ct=77
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame B5E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
17118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:16:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame B5E0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
15370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:46:00 GMT
l
www.google.com/ads/measurement/ Frame B5E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwsWqUOLpMJqnv0oaoTYpHAgAyba1dNwlhxQk8qORcmIwkacdssWRCHww3bRNKQ4EKxAcN4SpkYbUgizO8yUlot1ah2g
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B5E0 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B455 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BMY-hX-3LXEIrbhyCAu_FQxSWMock5nrvtRQFefxBQAbxewbqJi6Jf4REMwjmizngVZ0uGZS_S5azaZrVp1r6ZL2sUCny5yqHuN5SxIoyKi4lJMIQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B455 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16355129604742314019&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B455 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame B455 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
17118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:16:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame B455 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
15370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:46:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B455 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
rum
dsum-sec.casalemedia.com/ Frame 2905
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNUrFAfExceSTUdLbS8SYOpL9XJrn-2VF364meabC56o5UG59wOYCPxxiImq8xbT1McnmDXNEgRkvjl0JTvPlJ6rsM-I5xQbxOoXmF3j_ojVJk7HAXqjBW4pViM5z6thkGpe7MaGmcuAjKYEIhDdleXgvCZW0kSj4250c4qgfRBX6H9ZFPw
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH9okntK3ofundKkZtrLNbaDCTfiY%2Bx9vKuKmxDsFV3E8%2BAWqT78Iwjc5PAop82oHuEcwuPVu0qgp3IaTzsegtKPe3T%2BR4kPxZuEnL1uAS1%2BPDVjPIR9il5aGb%2FQDX43iFCV2nHdthsHkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80624cb79f2e44f2-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnpDc9tzh5moXiYGDzNhvFDC3wadCFDqmGGydFxOHm04qM8rtkcSTghL542ZXGylR4XnttJ5i1jnVcnTh2QRGM%2FDPZpMrrd7OeJU5Nj9fUyRSUXxWOLfSAGUZEVqGdsJtaPKfWSDfqnkZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
cache-control
no-cache
cf-ray
80624cb6df484522-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 2905
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQH5IudasACriT-z7wNsSwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNUrFAfExceSTUdLbS8SYOpL9XJrn-2VF364meabC56o5UG59wOYCPxxiImq8xbT1McnmDXNEgRkvjl0JTvPlJ6rsM-I5xQbxOoXmF3j_ojVJk7HAXqjBW4pViM5z6thkGpe7MaGmcuAjKYEIhDdleXgvCZW0kSj4250c4qgfRBX6H9ZFPw
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMACJh671hxPCyIj4JXstbqLgUkPlq0BCfzlHZSJZpuTePI1SaN9VPfMFoIiiLb2MMlSjhsnZPkrLCv7attuTXWaEyiv29iWNGqpQD0lgidAQaAiYjBW1sGV9Uh4PNBFom7YSEPk%2FbDHPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80624cb8182f44f2-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 2905
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECpenp3thU42qOj1IUVErYY%26google_cver%3D1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECpenp3thU42qOj1IUVErYY%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNUrFAfExceSTUdLbS8SYOpL9XJrn-2VF364meabC56o5UG59wOYCPxxiImq8xbT1McnmDXNEgRkvjl0JTvPlJ6rsM-I5xQbxOoXmF3j_ojVJk7HAXqjBW4pViM5z6thkGpe7MaGmcuAjKYEIhDdleXgvCZW0kSj4250c4qgfRBX6H9ZFPw
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
an-x-request-uuid
326401e2-79f3-4035-96e4-ab468f772710
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
an-x-request-uuid
f8bb3f1d-aab4-4111-9278-4618314d832c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECpenp3thU42qOj1IUVErYY%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2905
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNUrFAfExceSTUdLbS8SYOpL9XJrn-2VF364meabC56o5UG59wOYCPxxiImq8xbT1McnmDXNEgRkvjl0JTvPlJ6rsM-I5xQbxOoXmF3j_ojVJk7HAXqjBW4pViM5z6thkGpe7MaGmcuAjKYEIhDdleXgvCZW0kSj4250c4qgfRBX6H9ZFPw
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
an-x-request-uuid
f84eeb85-1847-468c-a9d8-24304029d1a4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
x-proxy-origin
217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 67B0 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNXXTDf5yDq6bdABUMgQXELU9HpdiHpm0vk_F65fL6o3-72F7YDI4ARIZJ0ZLWRcetWJ_Key1tukSiR2y8EcPqJxxHThO3wi3wfjtlKv-gPKrLsPvevr1RvdCfffNbmr2F6vZbSzprm5Tf8dNbBQLBn-pz-c2xtpzJ4jDClLXPh92cpwG-w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 431F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2373316999303&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 431F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2373316999303&version=m202307240101&ct=76&x=1&cor=14630770024622246000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 431F 		93 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMd_InsNaVEegGXOaFLkUJrrjOpy1cr4liyMPUIBVXAf31Uelo6S7r_NTta0LwdVXI3uiQ77lRgR6UqN9ZpQXaRjx_3DfyOQb68-d7AKfbvYuq8Yk&cry=1&dbm_d=AKAmf-Ae0C398tH3WdQy5lCCz0Re3GT8QyplUs49PiZDaWFFbVmz6XbgD31MqEf3uHhYMCbM_GdETZXA0hpB2gCIHfRte43FqYDOpBmG5i7tWEXvxGOVDE5Ir67ObAEccyK-KtIhLiJjsfJr7FTIyxUjf_wbLxmoNCfmtlFDBpr5zgJgyPAWMhtvnF25zEbCcd9-yxf5VbQscscnW8fYIxwym4FneUETUB_XLlymwhOfaBuzew7HnaR2Vf_eUf_iGfo8nERmZyojPYQ8m5CXcBqO5stKrcpRwWueI6eG7Uis-gWzI8z6JSBVsv3g695e1VuBoQWw6vpSeG1LdYlJfs9izP2lgvsqonHRa_WiKTAXrqifov197t_NwH8CTBlz8AwpIO3BVambN2hDLjrwI62gI4RozXw__340KpGjIP_WLpT2cFblnhVjN7ERNSbrlMJJT96kYkamG6syhFmdnI6sKaGggCzBHwBlvoFfw38nZPIgpNCX78J4gK-FLtBQHuSnKlYbnpU6WcpaUzBm8dXOsv2QVeOYoClDX6eCtxfJ2jsmyhpIMaCDuUbDfj5WmdSyB1Ks_mF5ofe9R7DBv3PK2ojZdHhdOWMxAL_FOEjyLHlp6BSD0rCcSKnZvuHuHecZMI0mjiwpoanSN1_kpqEytLu8_HE_6fagNl-_3w03O4yB7Mdtzo3g_IuTUijYqVRQobEitvladGPUnZH_5zzcJqD00ve-e_QuENze822hn_0H56_h6T6rNi8GAA9pPbUAjB1RWyKjlKRXDk8ComPB0ssfDBCjNLQNg4MsYyUiyOzTaJRH1qgR1ARmPniMHmVtM1JEK1kLDRPBqrZ4K9jnK6ZLKTRHV1JhNttsrdu2yD0rv2DlFZWb9KHpYiFu6C8zt04ty5Dcu1R6pGVDv7UQB79Pz0JItL-Op8Dq-wcNS5dMESy0gQaHlE-tuMudFnXJeLFUXrwYh9INvUhEex6hiAdTVC0DdvqOrsYYa_7WuQcj38oCaEsL99qP9Yb9svsSn3RXz7AmELHtBhC9-X8kcerHcAlxZagh6Jv9U6Da_WYDNJM1SAx_nLMZpYK_levjUjEXXVCn8xglyQ9GNd_pVEG4SyuhT5BaQvRouEUiX8Lq7aB_dGNO-w97CQxMInubE0D2eiknHVmpCH2U8Tn2gIpytKP5EnHsgckDbik2yVbR2pMX_IYp0aaqcpcqgIxcxQscl54enjreULFk22k9_aiSx3W5-xop52-8cPGhq_15YrLM5c-tWnh8l3bEy4XsNV3SDPf0EuBqeb-CCAnVcTb4CwS6vi4ULEMlvqMdpaw0p0dYMLaOpFSN6wOMy1MTywR34-fQ-v_8lbnAAlNw-tHmQWpBmNJOkTMVQ-EJeZe5_CXkF_28yb2DMi0I_FLnMoraJuf3OM7Y4a6z98Jj576FNK6xfdP0zj7wsDY35tuSKe0aL8vBSf8_qG9tWwwIJzPf589HoX70P9SQge8i8bx_7RtD4tSbjUuo0dViAkKgAkf-LsD-NOCieRV8ncOICR1tsRWmnvCiiUBGbaxShOqtuQA2n1oMHXI4Ao_-4aNX02IfsZtMW5t5RSgZDqMARcbxycQNfb_eNAwmwCNl7gjQ2Ux2hHnDk78daYOaf3htxAPuYZn_gX8PeGmQzY4aMIIaEDYenBnx5CDtlVCCP0sCLrwloCsgBBhhEUry5b4CdzWr_W1tP92fqd_iYX4p_CeywM8sYcUXLlxbv73HLc9XEHsJX6My5Q8WyqqzRBjCqASP-cq6fUm8O5gpZraq-QEfSHcUPZmRxVjWDY4NfQZAMGjuYT1hwE2gNptTrz8Z61KTUbY-hLhBTDe0eH405H-WhCQvJoSi-Jd1Az-lOZPciK1lIyOZ3RT0fUgIdMWWwqfMDubhLWyEjtxpx0dYQ3skmQcF1XYgYRsAXNwTU5-L-bwUnHl4l1nXdVwztqlM45FUMYReAYA36fyKw8tc5u9gwiWG6n7rmFVdzZ7C2VokJBj_RQiZUf5JjE_qaBYQUYg3ZbCegtfK-YdRDJKhYqO9XBK2K5Wq0U_9-8wxY0w1jaCPH8mpywEhMUv5CYiHxwCrwV-ZyQ3BwuTNOBEJgTMS5FakKFp413D5-ksAY63udPzvJjm5QiF7BqrX2jQemWiz-_MX_gEbV0wRbU-tOA_OSjpk5J2mM1v38zsELxNweCQ_TmAU6PXJeCYbdXcL5B8t2LMen_LEtsnpoRLFRiPE-_dazv2F678ozP2Mvzku9cmotJLer9KvIhBO1zNIDlpKHRO-s7lKc_CP-0bsaVxE2_zmCuXfgDFJB3kXJJ3DUmexmeecE_vNAg_S2bVLNAqEN1MJPoQ38MbVKop6RrQEpOEKEISCeSIgv9obQhFDW3Z_UbcJM80jfMl7Ew9WCkStVgjMkwotympvrYnCOaZXaLLvLN2JnDAfWnlTogqQlVFhNhGOER73YOrN3nSQN-Oumt4mp7dCZEthQe1LsNBcLhzqmdU_mnPWtrg9Nso4Jlv2fvqzZH0BtfPhQI0xWDZXCFgDKmXe79Zaq3BfvjNku89EYHH0E9tily8TeYuFlZ4L_Df6TkAHM9OMXoQ4RAEBE9DCir9ZP4oGz_AQ80uBmGuI34tJLmpMRXI84U62vF9H45j2BchEPSK6Xz4wFaX-kquPwBI-fMjd_O7tDtTAymRwMv4fKWlyuWyDkSvikJuxfK8sph7nVeMVqRFngJELCBASov5Ccoitj9OFTVqo1GcRQfwNNmX0Wz5e8scWTIHnDMPxXDU1hMAIwdLOb1dVXE2A1Gbum7uvxrFfFbxdEESB5fbgsqYsQzPkmKStt4MR3YAhwvpysdeva5_4olhHbkQlsDJzV070xrPVW-KWRaIZ5Rwi4bpxeMHRpJ8XfTsSQUoV2BuE76KS9pZ5sunJ-0rq9JuxUEYBpk7RmN7uulh63Dzm8cZ_hCblrZcOOAATScsWYhZqXkctVVneBIBPm4y60vcs6D3V7l8xV2fOKLcGpvyyxs6jKB2wg1SSgPo6iwGUjkUos68Kds85YvDRMUT7cEqgGMHyaAOQz8q-8nlGIV8ak95NimIWfuVDx6Xfauv_zJHwCf7bu6gfNXek9hETuKPM0qU2ICPHLW-psIXRGChgG259eZyx4Ak-F_Nr1yvwrd0bd_DUE_XPDT4pO_PWBHDWPRSKYt4SjdxZeOon5NgNrLe_FI7daPvWOIerD70_ESHtTz3zpnRMNCsk3H5cagC4ToQfLT6y22pl3JXC8y46ilfWPjNZ63fIphLInC0TXU7g85ySl96BaXfmEwCT_BbmhoFSSLUQjJvF5Lt_NMSoFveAfBPRM5_fmLQoMnEEOdcfY7X2rFNC0VWAfdAyJ4VTJHRQchNgZ-YkTld3X5LVmAS5YV0rEXEbN8TLJkxPkAxJtAtr-wgP-YPZBUhg5LRsiuBC9ultqwN-_nFTNFqj_QNsO5yNiXwbjOY0kjavh8EuTECGZyGlOVvoocG61BJl3DwqzjDBRL5gjH0ndTyRSJCrbpn445siI6DcQm01hzaap7E8s639fb9BFdh6I3VvBUHUhg7C7lmJOgzy&cid=CAQSKQBpAlJW4euz9qO9hAWBqEcZE2xI9yAK-1T0BevSIqEu5LiD-9jADL9NGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14630770024622246000&adk=3676778483&idt=101&cac=0&dtd=41
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
640e688524f77b3f2fe966f41d5cfb87a0b2787d265f482cfe43eee6b51dd1f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38597
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A1E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNV1RJDXWmmX3V1AEif4YBVYYv9UqOHSNfVS9kq2lcX7Y1ufgpzCgb-kYGFa6OEgOVIdqyvEWED_FZfYfs1vNogo6nXa5L-OeM2JWdYehx7x4nlsiOMadERyXu2wXqA8UkfjZIDl6AnQjtZ8Kzt-WWAUHOQQRcX8Ta0spuug87ws5HZ03Pc
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjx6hUHyhGZalO8ASrjhl0uIialabxhE0B%2BObvUKqhsPq9eHbOSlCWGOcxPFOc5HRXgcnWb%2BebbiSf6lElO3KMzaICntUy55q1Bii5cxdpx8VITD89jhoDSNurAm6hals8QaDyX7LU8POA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80624cb79f4244f2-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XExGg4kivXA3sHTLkMTNVJ7EU6SvDetZZ5oPvfnO8IWoaSZ1Z4LD1VTJnRAq9u5P5pVF%2BvemaqGJMAXTAtcQzYGZusYLUXl8wVkZUIne3MEkWgPWRlQLwURxdaxQFCf7TtNBO4oSkVCSWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
cache-control
no-cache
cf-ray
80624cb6ff954522-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame A1E9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQH5IpAPOV2TDaM-zUYyxQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNV1RJDXWmmX3V1AEif4YBVYYv9UqOHSNfVS9kq2lcX7Y1ufgpzCgb-kYGFa6OEgOVIdqyvEWED_FZfYfs1vNogo6nXa5L-OeM2JWdYehx7x4nlsiOMadERyXu2wXqA8UkfjZIDl6AnQjtZ8Kzt-WWAUHOQQRcX8Ta0spuug87ws5HZ03Pc
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmwUQUM8zb9TjveXyIx4y2cJu1XhQsOwj9V%2FWQOv9Af4iRaOlwfr5OqZvwwmtrEr8i7kZ8oUackQtXSXujq2Pez5%2Fc0zj%2BU0Ldr0fT1hDV4oTnNlG02uEB%2Fu5w%2BgsM0Bogk0zL%2F6noxlQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80624cb8285344f2-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A1E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNV1RJDXWmmX3V1AEif4YBVYYv9UqOHSNfVS9kq2lcX7Y1ufgpzCgb-kYGFa6OEgOVIdqyvEWED_FZfYfs1vNogo6nXa5L-OeM2JWdYehx7x4nlsiOMadERyXu2wXqA8UkfjZIDl6AnQjtZ8Kzt-WWAUHOQQRcX8Ta0spuug87ws5HZ03Pc
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
an-x-request-uuid
38fb1b17-ccbb-4dcd-ad60-a37d1f7bc02e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A1E9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkyMzUzMTA4MzMzODMzMjE4Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkyMzUzMTA4MzMzODMzMjE4Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNV1RJDXWmmX3V1AEif4YBVYYv9UqOHSNfVS9kq2lcX7Y1ufgpzCgb-kYGFa6OEgOVIdqyvEWED_FZfYfs1vNogo6nXa5L-OeM2JWdYehx7x4nlsiOMadERyXu2wXqA8UkfjZIDl6AnQjtZ8Kzt-WWAUHOQQRcX8Ta0spuug87ws5HZ03Pc
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
an-x-request-uuid
637900a1-6843-4b61-8376-5273a350639c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkyMzUzMTA4MzMzODMzMjE4Ng%3D%3D
x-proxy-origin
217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 67B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNXXTDf5yDq6bdABUMgQXELU9HpdiHpm0vk_F65fL6o3-72F7YDI4ARIZJ0ZLWRcetWJ_Key1tukSiR2y8EcPqJxxHThO3wi3wfjtlKv-gPKrLsPvevr1RvdCfffNbmr2F6vZbSzprm5Tf8dNbBQLBn-pz-c2xtpzJ4jDClLXPh92cpwG-w
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FRQXc1tw%2F0ETt9gcL5YzJ9AjtPsZ7fR2W7nzsPvAl7s%2BbNIUcUfMNh4fDnXmAesIl8DY0CyezzZR0%2Fo7xZ3%2F8F3LwsAYAzJ%2FpG42jaI2lTU5E1lxKyFbcx7hdNcKBzT3%2B%2B0I6fpSpsWkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80624cb79f4144f2-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ireEfVFAEKaerT3H32kcvYvPSLwqKbnsgvKIuZx5esz2%2B9%2ByiMxOXJTFtPF6pJ6VTWn5ymKQP8D%2BHoaSEssejFlspTJ7uVNVW6TviDr473UjDbz9oGUt0x3pVQ8Quhlp6T4Y5%2BcclgKvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1&C=1
cache-control
no-cache
cf-ray
80624cb6ff9c4522-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 67B0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQH5IudasACriT-z7wNsSwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNXXTDf5yDq6bdABUMgQXELU9HpdiHpm0vk_F65fL6o3-72F7YDI4ARIZJ0ZLWRcetWJ_Key1tukSiR2y8EcPqJxxHThO3wi3wfjtlKv-gPKrLsPvevr1RvdCfffNbmr2F6vZbSzprm5Tf8dNbBQLBn-pz-c2xtpzJ4jDClLXPh92cpwG-w
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAfEbkNC%2FVPtXe0Z4PNhhBNfr8ebBlsxVqdixg6%2F66vA7QyjXCIIELUEUvnXnBUTH94Dsu8iJaINwO2ZbbgK2%2F4zyPwUIz24LYTIFhr6yFvkaPMrj1LiTxoio67WtU5E6NOfYM%2BONNhcRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80624cb8b94444f2-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 67B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNXXTDf5yDq6bdABUMgQXELU9HpdiHpm0vk_F65fL6o3-72F7YDI4ARIZJ0ZLWRcetWJ_Key1tukSiR2y8EcPqJxxHThO3wi3wfjtlKv-gPKrLsPvevr1RvdCfffNbmr2F6vZbSzprm5Tf8dNbBQLBn-pz-c2xtpzJ4jDClLXPh92cpwG-w
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
an-x-request-uuid
1f577961-8f53-4bf3-8437-24eaf94c4013
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 67B0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpJTk7wEwAQ&v=APEucNXXTDf5yDq6bdABUMgQXELU9HpdiHpm0vk_F65fL6o3-72F7YDI4ARIZJ0ZLWRcetWJ_Key1tukSiR2y8EcPqJxxHThO3wi3wfjtlKv-gPKrLsPvevr1RvdCfffNbmr2F6vZbSzprm5Tf8dNbBQLBn-pz-c2xtpzJ4jDClLXPh92cpwG-w
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
an-x-request-uuid
219b3c80-f663-4e4f-b586-938463006e72
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
x-proxy-origin
217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C8D7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CCIgJVxsiIwdk2AklGeqNk8ufQqiCng8403H3ZlW6r4CarPF3BMf_cVIZRMBPRRjBKMVVOV4LBWgdyF6ilTZIO7aRXx402v9X3w2TFyyocyyQbaGA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C8D7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5628051520045560919&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C8D7 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame C8D7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
17118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:16:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame C8D7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:46:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
15370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:46:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8D7 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9B54 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNV9Sh4EFjOigRlaQDgPYs7AEl1fkcxX2AUDhbxwwg7rh6WnNywjKLkn-KCqRS7lsEXV7NYmbaeM_fUB57izkj5ondj7j2gSBbPcmT3-dIZ91IXQsj6-wNipY6kfUI-I9cKyz75OfTUI98jd_SNjME_lI1ycdU6MXBLglHEwY5fM7b5q71k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B455 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=195075446264&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B455 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=195075446264&version=m202307240101&ct=76&x=1&cor=16355129604742314000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B455 		93 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcDYiIKkHqciapyOVlyMeX96PEN0YOf8tothNaxBphBADpFHmbnH4013NP4zJdFFyDgPHFFy6d1BkEvmtgWiemqU0eMpMs_adBwtQ8usPGe1v-QAA&cry=1&dbm_d=AKAmf-AFZGuy16a6XNOy4DT4kHA7xDJ0I3Iib7afwxdh6BCF6GevNh63EAx467kAuyQJQaY1sF16G54Mh_lr-yt7nernd-iFYpkGvoUnIi3yr0K0lgynejMO9R_ro7IJaP_JX1bbcgGhLZkcAVUksxlw4-OiQHLbSDEtAg5AqB-F0oetM23Dxc9Ez2AGSdOrpPiBEkJFziqqQOw3dmDJjoWY7O2kcBL78Glg29Eb72meMCuHg1pZvYG08nw6eZaa5_nqvB1cpXaDKKt3C6QQZX6mrEklmOoxyrLUH28dRcvpTeYy8FtZNJeIXnxmPbDJvM7fOA4QaCk1ddpISWSL-2T2M3yPbkWRPGinlyV1qaHtq7E3LxzQxt0Cwo3rpJJNM9uSZC1nYTkyphz9OMR2QPbemLlDqgJmGXydj-pkjTkHf_d3EU71IodPobPtUdGKshfmQcWvH0kik7bU3rhaz4T2OE9HIDAzxXNu471FX_8ZfLmnYay1Oa-0GhsFf96YBtvPoWwV20TL_rgV_jyP6AkKSmgbgUMY4er8WeS4It4uOQr7I60RYqL9Lgl6Lw-Vr8tI1x7SxEv2VOUgxGI1GzdqN6yttNtluqy_ikwN9DiODr3KBvgxg39Z9yPqS7ytipYPbiOHFmTj-W7EgBciAo1Pid9KIoMApMCNN84PhyQQPcGhdyoOFj7vOmUsgNnGdSmsLFN3I4n7OlMKPJv4MvoAAeh7lpjas7VX8MVQlk7jJvRhQhoFX9FOSUCzDbDgVOUdEnX-ettzJi2cJIpXFnQq6eFdUMMwMO9VEvrfcq9M-smEz063ECk4zYeYhYp9Mgw4TeKd1VJ_yOzW5wAMkHM44JzfV1T8-SxE7NiBo3pLKBYCtbeN1rsqN7ezV3Y15OZIbnOxrv1lVcS0ktEgAGXEQk2K6fBBSBgkpeRRXdDL9oh5zAS5KrTfglT6FCfPvCO6rdA4ZfltnBz-12u1eBgbADLZ30rWrj4PwPbu1k1lornIwgZ725cUSWn_LRCglpoRrZKSXMqz3yEqBR5klMSal8n_57A99sj7lx8Cbe6miQsx6elbKV9mcE0UifSeb3kj8sS6bxpgmDHHQrpumXMqST65Ac7ElCSXFFcj2d_u7vLn4JL-AiMKHqwFb9NxWQwccGWvvnQcvDlbCnRlY1f5X1NGbXPJ3lnRcP_yBpMJdDQoLAsgdoc7bsnVj7PxH5mTBdPYORNCAuVFlERtS5XXnER5fwbf6F27iGdEWCDzmlvEGl2bPnYqk7LuvqcJE-CQNulZXGC2e_kHadPvaU256U2lv9jnIlH08U4_FCzfvt3--Xnvg82Zu2TLEXKcIZOeqrjfDOehcB86XPaQ8iz4-lp2E2ftMnGXRf9n2m5x06me3kJbt6ZF3Ubjk6R2j1QdFHmRa9AFfBOVv3GW0SLJDWGLkW1D_twWxLm6iksC_dIIO1F1zllG4g2vA_tPUcmvZ7fFYMoLIbnKmap5tej9gHhOPQv1-dzyWwdXCdwNbGtUJ4NQz35L9Jr8hWoxL1gOK7lAC4nBaNumNmCzb9m5hPN-f6f409xh49UmsSW5w47kwCgWYngjqoQPknr3WGAeOsv9FyQ-upcUXeATeWWrkIBPp9dwUmxT1uBM5vMRhaxAVJ_6aW7rKqQofZvhYUwVLse8YMmIRLTWoONNrp2hv1Oj60WERCv_OLNnSyGR2hSkqDP-mgx8aBRsKodt2NOUYa8cFsC3KOFRHLUAi1fLC1G8MgyxuO_EaSF3fxA1Z5uCVgP3i-Ehm6cJdLfTo3D1pXetVmVyfvIUcJjUejzZfhFdF9CchGbGuuEWQE8m8OvZdEfWeXKImKkZ-uE3z3cQzuf4T6XATVT0mZ4KnJedWqvQs72n2RRav4Eh2iSt7h7vXo1m4ODXXjOSDxg4teo_OrPWM_uhBuMIK6HOUFMnQRMYVo27TKRRmTSog33p02TcSWVE7PjLKUYgA6P_rwqJ23T6kleWuK_s2Cg_xsMwnQEL_sLN9Bu8RZJ113bRrnn17K8P05WDc93Qspry4IOabmH9OBuoyQotacigEtWznru4-40S_hQg5tH5dGN7eLebdvRm8AQd9__lC32vGX-RwZLuUTb2b2qQDsKzJdKE9wVezIKxSy5o4hNVx262PpSihQaZ8lQYAYjqVSFA8W8U_AkGamsvdkr4-s62ptlcGXenugwIsYwxBNPLvamKBKgSRdIj_1HgPP6Gjf7OUtcvif9igqeWesD0x3YS-rpjpgLUNLaO67NLzag_Npmy0FgvpkokSrXzRyRP6RU5QUraHSMMM2LDi7LZqatI4EaokLefZUPAw3420kEchSCM9ZCBS2EaaJ010PcVMELedawGijS9b3KxPLK04gheQNXjSEE-7v-UbgngNXBD8s1C4zVPECAX4OB84wNBZ2_UuJcx7bUSDRUiJHpYjW-cFyweQlT2lBYw9FWRGldvzdI7D8GBsZRyYWi7CkAj633U4iwiV1rQyrVAG4gMt-MThZl2YK-D9HyeETfnAFick6sT0Qy9KfLVgvId7c0S7trDxxmRkvjk5InmLbBvYyOW_Bn4gfMYPfKkR7UgDQOcI3MR87VlugKr0N9S1vH5591YYlZ4Ix0tjRqn3oJyGOiGqOcTFYUPF5CsBi6ogd8F5gAIoKU8ldEuxutPWaFP4ae0WA6GIiLmG6FxXMxKZHhwYQryOJyVAz9s0Rm-H_YhQOUI0evi_CHzSukID__gSO4DspvgeUvaJaOKkpxl7w9qJebrPXEHOIfqpji3gc4aqG2azOu8RgtBa62V1L8hIp5rBiuB1lh3H869mb-bKOJy6jV0IVOfIIR1_qY6s1k-zL4DJJTAtqR2pFeIy8tYyJqsvFRWafJfsUdOuAYCi1Z30mdpWtsKi2oYHRReD5N797Jf6oLi4LA9PPrxCe9RVuaf4BWjDuyahu-fEyqTPtSCqMmr7sLUjGw5cFvWhDO3JhDWPQuCzAlRSJxA3DZjS29oQTVOn0RhCw_pah7a_1N_3s7jAhmMd06avOqR9KTONd5oiakLkMY9ilhCGsXxoZToqipGwWiCgfDttOB0JYwbMrDuqhRzj8DZyhgMUQJBy7H1B0EmlboiyZ82eIEwN-OhOyICUFOpx5CVI-mlVMKdwOb8GZiegF3GvR3ldWt_PqyiGnZryiWFqTmm_1Uverus5p7_ymWYEnwXQfhH8MybL71VbQY4drpOjAq8YhX8UZipyXve6MpFnLK6TF_9-1DfRHfhl9WjSL7JkbeDt9TIPPyQz4QkxkzOgZJMPm6ipREXHgu1Z909j7o-MqU-2404xsXT7OE2co-vKhmkCDlo__p02ehjraQ8xiBeT4yag0eq_kwCzwe4jqllJXm2SLT_dh5YLF5IHNgBVaJS_cXbUY8cyskt3Y_gcjReNqtz4SOwBZ-uvCzbrIvC92QzrhrHsLYvAvMCTOrGWSjvaWb5Gz_XZdAyEhKKAg77nADU8ZtKdI67qp-Bl4XciyYyp-UI47cKD_K_x38obUTx9oWXGtf9Blu7swaZAFeIzxuYR5tpozN3WkXzMgw&cid=CAQSKQBpAlJWepKTdCmh8zhGPBoHh3EDGMFozLItOIWfXP2r7XkOKXS8CHVaGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=16355129604742314000&adk=497053795&idt=117&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaf5ffd9644dd21ebe7b2c371532049a1b29dcf257cfc32b6d4047b72c2bb47b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38561
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5E0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8439432906691&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5E0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8439432906691&version=m202307240101&ct=77&x=1&cor=815246409079483600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B5E0 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dk2qaB6aaHHn7WbOhAIT-Qkg2f3Xc_TQiRtQSNobwgFZga1lNYLQLBRBdzdYdiFOiJofLt-FIZf1Oo05MUVH128HkdvTOgRd1qAb9YFJhwgdO2rtogWGolOCYh8xELaLOxLd_DQtTraXraRcufX4sOOhAsekS_XMRgKserm2wHQ0rSnL8&cry=1&dbm_d=AKAmf-CEZ59I6xjWDbFRMVrtkbV3sCVTFNk_sCUom9DH-cUTPYxYfH6wv0KwB4AExWK1aLaIGmNcTePBvPM-dCPPUJprKYpN0inMtLQaa0EPhPQevK9oRpqb25ZhwObK62Wfjkyv9hnzy-61jjRysywfxS1xMnyAd38IuJsLBFxUY9mtlqDfzXxdBa7BQ2dRBR7y4BQvyl1zKWoWxlUvOGfyqj4Jqo_RhDfI2JMr5wnqdc6Kbf0HOdrIZltVGX9l_9eK4uoZlBV9ApsZyUcxNZSCje5jCAyie4Fm_lkpEdIJEI5jpA7NXT42v4snsSTxCNEIpceYfWIQjYm_k_cpjsrqlzi0P5h2dJdF99U6e-N3g3DAXdgcwe2Tjx7gnEE_Qtn_c3m4P5QE-mEnVADVjf99GFxo4e64093RPTtrwl0J3sxpl3wtXVNUje54yaE0_wS9NwWbxJ_k1SnczruOqC6SCAdpfvU06suAJJ7rXiG6YwdQbbIZhNZJJBgMNoJrC6vE2VEaqTlKm7T9xYCJ6yTSiuAACw7OF7GITPW4lMedggikw2Y-FHVS1B2t962YQDHWwRsrRYpCb-TMUG8pxG8D32wZP99BC_vwyVsqCIP3-Yavs3L_L0XCfUszVPwjikJe8LRBOB3DbWTlNRggANF4KWut8iHOlVr8YvmZ2v3VYPA_FVFJisiSk8ohP7WDIxIFKGOKBWF_8t3mtxBV-kuKWae07tiLrMOU6w8lwTbAKzdIQNRQjU6NTgNXIDOaXMmdxsK4e93MMOrWhjvyYZFZXzsMbn6HJWh-IR0LHFF2WHgMfVotgSELjCR8Qo_9ggopfHg5tSdDtyAIC0A17T1rrMAcZ5d2muMhDIgl_K-JYoJyyEXFM8gvP-BI3EfH3oxsdzYdFij_LD5fzjKIKZIswOpn-RfjobiVoakWUyO3EkThUblfgCezKSabKayObiXHNIoANiYUd-ODSc86ipnkqVEoh4-1XL9o-hLYHtXYeClI2ipcvPW0n9Wy8p9IoeCAU0HfvSWj4JGuK6BzlHSoM5HX6mq9Icw_QxYVS-XlP8Ve27bSObRw7OFC9MSGRp7IQkXwFM1GW7iWFQu6_ZLoQdiy8hTDy9r1hmk4y69SVZcXfueCzEMQYIR-KiVBIVj9oZW64tX8ovA-L8eUIxvTqLbvJGH8VQvWH8-RK6XF8QHb4ziIqMse8lNaTwdKGTdrvxvokaU8H9ZdNk5DX-dNliLP86dV-2sCJ91dS9i3RpQ8JAj7XjPwcx6X3S8q2vQCV1K-FUo96jamBCsRIapbK42P0rC-S2prj0H0AJxGfkxHljgu6vfOKJ5-ksNroYg_JVSuk3Nd5VqNm6Cyt21wGwrHijD3nMvOTQ4e7M1laej59-e2FDeYkRC-Q1CcLrqSecuGEF4aWEDeZcwANz4DCnnb-6slc2AURv9bl8Vo04bqPQHcTOb_C0ARRxOO7m4WjPn7sbG8nxvfqWJ_vWgAD4vyMgpmPYpzgaHXGwH_HrI1lG__hpcKhg8HfV7YeEIXnk0weg1HYWWVk7RKvnisnYQI5le6ztw0H7ZkdfEXhOQ6N_RW6BOaCbomlLUatuSwrQaTJP_P383NXTULYxBWHfW-S3rD0ZvkqCs8VdctzrqH8F4kqyYXn8RBOLN_6uikZT2LWFiL86wxeiZ1J7y7Gj-xP0Riap2pgtsXdmoS6AJQN9PVCaoRZAWeOKhKq9WLnJM0cM0oJ26iwKcNOTFE2m7sm3WQdotNSpuEKrO5H1fJNqz16Dy0UW7rqho7IgLmQ0MckHHJu5vcNrYwdnKv0LOVTMYd7eWzu2Setgd-i_2N4SgSS7DgUBit71JYDsJZo05bpO-n5N-rxnIgVZdgfY6A61t-vuvGThp6nucYZMTuw3Gqim56TI-46LPw31j6zS489eHGeeuJj86vxvlC5wvol6CuiP1yanQfYWgJuGKrDRk5q1hab8ZcCh6sCjdV4BbYeWCyRQ4BHw2Q8hPbbLnidTYpBneFrW5i_lTbE8XyvO5aYq5stlXPElY7w4oTJ_KYAJXH5j7ebkESs-D1_FsdXfEAOddoKE_WIQ3NkfUQOYwYLxrGGTGU-Emynqq2kmYUsd4K_eRynIpRa2ANcXDzJVhj1Z591h6bYLbBmABvUcrayW5Y1wWsPI_zrnI0duOjfbkLUFeCtXpoqbczqAGh6oPbJETwG4waq3CZwPOkAravvk-ZauNuZiU80BJStTv2g0kBkugXGZC1yingPbhrXKTKXivfresV5omC5SfBAfIwOjHARjYkEAGdEs6mSgS9-OXejjxB3jnk4vdstyJ1-Yub2-_J8kYKnWMLrVDivTvl18WUBhyicA2y6pzMxx-f1ASRtSEZRWAlkNoBwJoEFIbF9PNl0Xg0xw0kgz2cvEUwJ61y5NUlvBN2xQCZQMSZVYIB1MFhcB82FQHBUb-_pwrZPuPUdX9PEhwm6ZlqeuXmHdVwZxLYWexBQyy0xMypGuU0Awm59v4m-_9eARXgIcQ_sQ5p1Fu7dXaKl-aJHGQOJzbEQZ_QCF4N5noBUYhxBz-QyBD29uIHsZSDI0lK6_iKCm1Ilt5cPRfuuWrKAE03q70jDbYCO7yQ3Ad3zRsNRVX_XR62VjJ--cwQJBY3qm_apgwVNkRHF9oevPdpECY2T33mwQV9r7oIkwgLmVZnyVR6s1H5GiLI-vO5w-aag-Zh_LNldPC2n6zJNJCerFxdO-Z_n9QHJokXoACVeLZ24yIrYpA5estPTS8yGjR2X4JEt_SmbSdzVUdyImGxkUps06cejLPluhQVOFRSSwOesGM0G2F9LJdwVHJtY0H-Tr39FVq4fje-MggkU1ZJGzAsZqRqQXNl21XHLF9OlaJoEvYeMu9_t42urQ_bde9voDWOyqfeyswhqKN10hyIMJIQ4B8ueKmpWY1K-vtvJosVcQBHlioeWIWI-MG_xw_iLGbH54OSNOdyb7WXS2axZAg9bhcI744ncf-_uXqKr7jYTEluAcqF-qX05nB9Xo_ETYU8bSWSFcEfrFZOl4WtlclkYCnl3OSFrf6nExZUcc_SXJ3CxLPlyFWx6-cLhjLpEPBP4sv9B0wSoxHl_9ePMibdRaTKDGBNtQuItvJ1P17JIR5Dt-n2VF4SoMvTZPaWSYO0c0azLZXU98SGDQ1-ym_4J_l7ao8BdJHiuQMfO2J_9VcRqI7ZGLtExobyZBI-Twou4NcJWXxtCbVeP3SfSNf98z2lbyOJQsmDLqBtNwJ4xLm98-FIHFcVeAeNbnuCf6j6Usfxpyek-TOAHilj9bFdN448zigK23jaQni5v5au0jIwyDbZRaqrIceCt8FU4p6b5PDVmeCD7USHWJNrrn_z-oXCyISWrghhCAGLkzrhnEvFkN-Ei_shxZB7TKtR729b0eEAyILuTLNDI762YTZuhyvdzBKQBr4o0l331cRxTD1ydakQ1jZijR3jdpCN5khXRQywUQTaoFSexaqWRFwZQHtsxWov5iqncpCeDy0YsQ7hLcIvNewlrOynkEBF8nh3XKtup1fGrZEwbmiG0PTaFHjpaw1F5p_GUNPbTXmRPVwNBYTwPVVEArGdMVYpAp4bHJmDSgAqFUXiXfRzGBE4z3HtSQEDCITN5UbNxtlmcHZsxNZ3KFtyty2G6gTUDjQAHkdRpPwdMy94J9j56QbB8OaXegpO9ou-GuC5KAuHyz9zGlo0PUhX8bzQTP0HDKaJH7mKmcYt7IN_rHs3-hkAwO57A8OJST4y_oQwuwMJjS88k7Dcd6EBC-_LZ6SX4t1ZiHuMIj36qsURNzv-JVlbLzI&cid=CAQSKQBpAlJWYJIi80dEK_vGcM8F_yQnyYwT82NyEY8MC_BzpHt8Dcbz1DTTGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=815246409079483600&adk=1268836065&idt=156&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47db23f3ce0dde244b99ff5ab1248750a4a8d20d14db0850e78d0e955317c919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11699
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 431F 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 06:26:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/ Frame 431F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMd_InsNaVEegGXOaFLkUJrrjOpy1cr4liyMPUIBVXAf31Uelo6S7r_NTta0LwdVXI3uiQ77lRgR6UqN9ZpQXaRjx_3DfyOQb68-d7AKfbvYuq8Yk&cry=1&dbm_d=AKAmf-Ae0C398tH3WdQy5lCCz0Re3GT8QyplUs49PiZDaWFFbVmz6XbgD31MqEf3uHhYMCbM_GdETZXA0hpB2gCIHfRte43FqYDOpBmG5i7tWEXvxGOVDE5Ir67ObAEccyK-KtIhLiJjsfJr7FTIyxUjf_wbLxmoNCfmtlFDBpr5zgJgyPAWMhtvnF25zEbCcd9-yxf5VbQscscnW8fYIxwym4FneUETUB_XLlymwhOfaBuzew7HnaR2Vf_eUf_iGfo8nERmZyojPYQ8m5CXcBqO5stKrcpRwWueI6eG7Uis-gWzI8z6JSBVsv3g695e1VuBoQWw6vpSeG1LdYlJfs9izP2lgvsqonHRa_WiKTAXrqifov197t_NwH8CTBlz8AwpIO3BVambN2hDLjrwI62gI4RozXw__340KpGjIP_WLpT2cFblnhVjN7ERNSbrlMJJT96kYkamG6syhFmdnI6sKaGggCzBHwBlvoFfw38nZPIgpNCX78J4gK-FLtBQHuSnKlYbnpU6WcpaUzBm8dXOsv2QVeOYoClDX6eCtxfJ2jsmyhpIMaCDuUbDfj5WmdSyB1Ks_mF5ofe9R7DBv3PK2ojZdHhdOWMxAL_FOEjyLHlp6BSD0rCcSKnZvuHuHecZMI0mjiwpoanSN1_kpqEytLu8_HE_6fagNl-_3w03O4yB7Mdtzo3g_IuTUijYqVRQobEitvladGPUnZH_5zzcJqD00ve-e_QuENze822hn_0H56_h6T6rNi8GAA9pPbUAjB1RWyKjlKRXDk8ComPB0ssfDBCjNLQNg4MsYyUiyOzTaJRH1qgR1ARmPniMHmVtM1JEK1kLDRPBqrZ4K9jnK6ZLKTRHV1JhNttsrdu2yD0rv2DlFZWb9KHpYiFu6C8zt04ty5Dcu1R6pGVDv7UQB79Pz0JItL-Op8Dq-wcNS5dMESy0gQaHlE-tuMudFnXJeLFUXrwYh9INvUhEex6hiAdTVC0DdvqOrsYYa_7WuQcj38oCaEsL99qP9Yb9svsSn3RXz7AmELHtBhC9-X8kcerHcAlxZagh6Jv9U6Da_WYDNJM1SAx_nLMZpYK_levjUjEXXVCn8xglyQ9GNd_pVEG4SyuhT5BaQvRouEUiX8Lq7aB_dGNO-w97CQxMInubE0D2eiknHVmpCH2U8Tn2gIpytKP5EnHsgckDbik2yVbR2pMX_IYp0aaqcpcqgIxcxQscl54enjreULFk22k9_aiSx3W5-xop52-8cPGhq_15YrLM5c-tWnh8l3bEy4XsNV3SDPf0EuBqeb-CCAnVcTb4CwS6vi4ULEMlvqMdpaw0p0dYMLaOpFSN6wOMy1MTywR34-fQ-v_8lbnAAlNw-tHmQWpBmNJOkTMVQ-EJeZe5_CXkF_28yb2DMi0I_FLnMoraJuf3OM7Y4a6z98Jj576FNK6xfdP0zj7wsDY35tuSKe0aL8vBSf8_qG9tWwwIJzPf589HoX70P9SQge8i8bx_7RtD4tSbjUuo0dViAkKgAkf-LsD-NOCieRV8ncOICR1tsRWmnvCiiUBGbaxShOqtuQA2n1oMHXI4Ao_-4aNX02IfsZtMW5t5RSgZDqMARcbxycQNfb_eNAwmwCNl7gjQ2Ux2hHnDk78daYOaf3htxAPuYZn_gX8PeGmQzY4aMIIaEDYenBnx5CDtlVCCP0sCLrwloCsgBBhhEUry5b4CdzWr_W1tP92fqd_iYX4p_CeywM8sYcUXLlxbv73HLc9XEHsJX6My5Q8WyqqzRBjCqASP-cq6fUm8O5gpZraq-QEfSHcUPZmRxVjWDY4NfQZAMGjuYT1hwE2gNptTrz8Z61KTUbY-hLhBTDe0eH405H-WhCQvJoSi-Jd1Az-lOZPciK1lIyOZ3RT0fUgIdMWWwqfMDubhLWyEjtxpx0dYQ3skmQcF1XYgYRsAXNwTU5-L-bwUnHl4l1nXdVwztqlM45FUMYReAYA36fyKw8tc5u9gwiWG6n7rmFVdzZ7C2VokJBj_RQiZUf5JjE_qaBYQUYg3ZbCegtfK-YdRDJKhYqO9XBK2K5Wq0U_9-8wxY0w1jaCPH8mpywEhMUv5CYiHxwCrwV-ZyQ3BwuTNOBEJgTMS5FakKFp413D5-ksAY63udPzvJjm5QiF7BqrX2jQemWiz-_MX_gEbV0wRbU-tOA_OSjpk5J2mM1v38zsELxNweCQ_TmAU6PXJeCYbdXcL5B8t2LMen_LEtsnpoRLFRiPE-_dazv2F678ozP2Mvzku9cmotJLer9KvIhBO1zNIDlpKHRO-s7lKc_CP-0bsaVxE2_zmCuXfgDFJB3kXJJ3DUmexmeecE_vNAg_S2bVLNAqEN1MJPoQ38MbVKop6RrQEpOEKEISCeSIgv9obQhFDW3Z_UbcJM80jfMl7Ew9WCkStVgjMkwotympvrYnCOaZXaLLvLN2JnDAfWnlTogqQlVFhNhGOER73YOrN3nSQN-Oumt4mp7dCZEthQe1LsNBcLhzqmdU_mnPWtrg9Nso4Jlv2fvqzZH0BtfPhQI0xWDZXCFgDKmXe79Zaq3BfvjNku89EYHH0E9tily8TeYuFlZ4L_Df6TkAHM9OMXoQ4RAEBE9DCir9ZP4oGz_AQ80uBmGuI34tJLmpMRXI84U62vF9H45j2BchEPSK6Xz4wFaX-kquPwBI-fMjd_O7tDtTAymRwMv4fKWlyuWyDkSvikJuxfK8sph7nVeMVqRFngJELCBASov5Ccoitj9OFTVqo1GcRQfwNNmX0Wz5e8scWTIHnDMPxXDU1hMAIwdLOb1dVXE2A1Gbum7uvxrFfFbxdEESB5fbgsqYsQzPkmKStt4MR3YAhwvpysdeva5_4olhHbkQlsDJzV070xrPVW-KWRaIZ5Rwi4bpxeMHRpJ8XfTsSQUoV2BuE76KS9pZ5sunJ-0rq9JuxUEYBpk7RmN7uulh63Dzm8cZ_hCblrZcOOAATScsWYhZqXkctVVneBIBPm4y60vcs6D3V7l8xV2fOKLcGpvyyxs6jKB2wg1SSgPo6iwGUjkUos68Kds85YvDRMUT7cEqgGMHyaAOQz8q-8nlGIV8ak95NimIWfuVDx6Xfauv_zJHwCf7bu6gfNXek9hETuKPM0qU2ICPHLW-psIXRGChgG259eZyx4Ak-F_Nr1yvwrd0bd_DUE_XPDT4pO_PWBHDWPRSKYt4SjdxZeOon5NgNrLe_FI7daPvWOIerD70_ESHtTz3zpnRMNCsk3H5cagC4ToQfLT6y22pl3JXC8y46ilfWPjNZ63fIphLInC0TXU7g85ySl96BaXfmEwCT_BbmhoFSSLUQjJvF5Lt_NMSoFveAfBPRM5_fmLQoMnEEOdcfY7X2rFNC0VWAfdAyJ4VTJHRQchNgZ-YkTld3X5LVmAS5YV0rEXEbN8TLJkxPkAxJtAtr-wgP-YPZBUhg5LRsiuBC9ultqwN-_nFTNFqj_QNsO5yNiXwbjOY0kjavh8EuTECGZyGlOVvoocG61BJl3DwqzjDBRL5gjH0ndTyRSJCrbpn445siI6DcQm01hzaap7E8s639fb9BFdh6I3VvBUHUhg7C7lmJOgzy&cid=CAQSKQBpAlJW4euz9qO9hAWBqEcZE2xI9yAK-1T0BevSIqEu5LiD-9jADL9NGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14630770024622246000&adk=3676778483&idt=101&cac=0&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:50:04 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame 431F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMd_InsNaVEegGXOaFLkUJrrjOpy1cr4liyMPUIBVXAf31Uelo6S7r_NTta0LwdVXI3uiQ77lRgR6UqN9ZpQXaRjx_3DfyOQb68-d7AKfbvYuq8Yk&cry=1&dbm_d=AKAmf-Ae0C398tH3WdQy5lCCz0Re3GT8QyplUs49PiZDaWFFbVmz6XbgD31MqEf3uHhYMCbM_GdETZXA0hpB2gCIHfRte43FqYDOpBmG5i7tWEXvxGOVDE5Ir67ObAEccyK-KtIhLiJjsfJr7FTIyxUjf_wbLxmoNCfmtlFDBpr5zgJgyPAWMhtvnF25zEbCcd9-yxf5VbQscscnW8fYIxwym4FneUETUB_XLlymwhOfaBuzew7HnaR2Vf_eUf_iGfo8nERmZyojPYQ8m5CXcBqO5stKrcpRwWueI6eG7Uis-gWzI8z6JSBVsv3g695e1VuBoQWw6vpSeG1LdYlJfs9izP2lgvsqonHRa_WiKTAXrqifov197t_NwH8CTBlz8AwpIO3BVambN2hDLjrwI62gI4RozXw__340KpGjIP_WLpT2cFblnhVjN7ERNSbrlMJJT96kYkamG6syhFmdnI6sKaGggCzBHwBlvoFfw38nZPIgpNCX78J4gK-FLtBQHuSnKlYbnpU6WcpaUzBm8dXOsv2QVeOYoClDX6eCtxfJ2jsmyhpIMaCDuUbDfj5WmdSyB1Ks_mF5ofe9R7DBv3PK2ojZdHhdOWMxAL_FOEjyLHlp6BSD0rCcSKnZvuHuHecZMI0mjiwpoanSN1_kpqEytLu8_HE_6fagNl-_3w03O4yB7Mdtzo3g_IuTUijYqVRQobEitvladGPUnZH_5zzcJqD00ve-e_QuENze822hn_0H56_h6T6rNi8GAA9pPbUAjB1RWyKjlKRXDk8ComPB0ssfDBCjNLQNg4MsYyUiyOzTaJRH1qgR1ARmPniMHmVtM1JEK1kLDRPBqrZ4K9jnK6ZLKTRHV1JhNttsrdu2yD0rv2DlFZWb9KHpYiFu6C8zt04ty5Dcu1R6pGVDv7UQB79Pz0JItL-Op8Dq-wcNS5dMESy0gQaHlE-tuMudFnXJeLFUXrwYh9INvUhEex6hiAdTVC0DdvqOrsYYa_7WuQcj38oCaEsL99qP9Yb9svsSn3RXz7AmELHtBhC9-X8kcerHcAlxZagh6Jv9U6Da_WYDNJM1SAx_nLMZpYK_levjUjEXXVCn8xglyQ9GNd_pVEG4SyuhT5BaQvRouEUiX8Lq7aB_dGNO-w97CQxMInubE0D2eiknHVmpCH2U8Tn2gIpytKP5EnHsgckDbik2yVbR2pMX_IYp0aaqcpcqgIxcxQscl54enjreULFk22k9_aiSx3W5-xop52-8cPGhq_15YrLM5c-tWnh8l3bEy4XsNV3SDPf0EuBqeb-CCAnVcTb4CwS6vi4ULEMlvqMdpaw0p0dYMLaOpFSN6wOMy1MTywR34-fQ-v_8lbnAAlNw-tHmQWpBmNJOkTMVQ-EJeZe5_CXkF_28yb2DMi0I_FLnMoraJuf3OM7Y4a6z98Jj576FNK6xfdP0zj7wsDY35tuSKe0aL8vBSf8_qG9tWwwIJzPf589HoX70P9SQge8i8bx_7RtD4tSbjUuo0dViAkKgAkf-LsD-NOCieRV8ncOICR1tsRWmnvCiiUBGbaxShOqtuQA2n1oMHXI4Ao_-4aNX02IfsZtMW5t5RSgZDqMARcbxycQNfb_eNAwmwCNl7gjQ2Ux2hHnDk78daYOaf3htxAPuYZn_gX8PeGmQzY4aMIIaEDYenBnx5CDtlVCCP0sCLrwloCsgBBhhEUry5b4CdzWr_W1tP92fqd_iYX4p_CeywM8sYcUXLlxbv73HLc9XEHsJX6My5Q8WyqqzRBjCqASP-cq6fUm8O5gpZraq-QEfSHcUPZmRxVjWDY4NfQZAMGjuYT1hwE2gNptTrz8Z61KTUbY-hLhBTDe0eH405H-WhCQvJoSi-Jd1Az-lOZPciK1lIyOZ3RT0fUgIdMWWwqfMDubhLWyEjtxpx0dYQ3skmQcF1XYgYRsAXNwTU5-L-bwUnHl4l1nXdVwztqlM45FUMYReAYA36fyKw8tc5u9gwiWG6n7rmFVdzZ7C2VokJBj_RQiZUf5JjE_qaBYQUYg3ZbCegtfK-YdRDJKhYqO9XBK2K5Wq0U_9-8wxY0w1jaCPH8mpywEhMUv5CYiHxwCrwV-ZyQ3BwuTNOBEJgTMS5FakKFp413D5-ksAY63udPzvJjm5QiF7BqrX2jQemWiz-_MX_gEbV0wRbU-tOA_OSjpk5J2mM1v38zsELxNweCQ_TmAU6PXJeCYbdXcL5B8t2LMen_LEtsnpoRLFRiPE-_dazv2F678ozP2Mvzku9cmotJLer9KvIhBO1zNIDlpKHRO-s7lKc_CP-0bsaVxE2_zmCuXfgDFJB3kXJJ3DUmexmeecE_vNAg_S2bVLNAqEN1MJPoQ38MbVKop6RrQEpOEKEISCeSIgv9obQhFDW3Z_UbcJM80jfMl7Ew9WCkStVgjMkwotympvrYnCOaZXaLLvLN2JnDAfWnlTogqQlVFhNhGOER73YOrN3nSQN-Oumt4mp7dCZEthQe1LsNBcLhzqmdU_mnPWtrg9Nso4Jlv2fvqzZH0BtfPhQI0xWDZXCFgDKmXe79Zaq3BfvjNku89EYHH0E9tily8TeYuFlZ4L_Df6TkAHM9OMXoQ4RAEBE9DCir9ZP4oGz_AQ80uBmGuI34tJLmpMRXI84U62vF9H45j2BchEPSK6Xz4wFaX-kquPwBI-fMjd_O7tDtTAymRwMv4fKWlyuWyDkSvikJuxfK8sph7nVeMVqRFngJELCBASov5Ccoitj9OFTVqo1GcRQfwNNmX0Wz5e8scWTIHnDMPxXDU1hMAIwdLOb1dVXE2A1Gbum7uvxrFfFbxdEESB5fbgsqYsQzPkmKStt4MR3YAhwvpysdeva5_4olhHbkQlsDJzV070xrPVW-KWRaIZ5Rwi4bpxeMHRpJ8XfTsSQUoV2BuE76KS9pZ5sunJ-0rq9JuxUEYBpk7RmN7uulh63Dzm8cZ_hCblrZcOOAATScsWYhZqXkctVVneBIBPm4y60vcs6D3V7l8xV2fOKLcGpvyyxs6jKB2wg1SSgPo6iwGUjkUos68Kds85YvDRMUT7cEqgGMHyaAOQz8q-8nlGIV8ak95NimIWfuVDx6Xfauv_zJHwCf7bu6gfNXek9hETuKPM0qU2ICPHLW-psIXRGChgG259eZyx4Ak-F_Nr1yvwrd0bd_DUE_XPDT4pO_PWBHDWPRSKYt4SjdxZeOon5NgNrLe_FI7daPvWOIerD70_ESHtTz3zpnRMNCsk3H5cagC4ToQfLT6y22pl3JXC8y46ilfWPjNZ63fIphLInC0TXU7g85ySl96BaXfmEwCT_BbmhoFSSLUQjJvF5Lt_NMSoFveAfBPRM5_fmLQoMnEEOdcfY7X2rFNC0VWAfdAyJ4VTJHRQchNgZ-YkTld3X5LVmAS5YV0rEXEbN8TLJkxPkAxJtAtr-wgP-YPZBUhg5LRsiuBC9ultqwN-_nFTNFqj_QNsO5yNiXwbjOY0kjavh8EuTECGZyGlOVvoocG61BJl3DwqzjDBRL5gjH0ndTyRSJCrbpn445siI6DcQm01hzaap7E8s639fb9BFdh6I3VvBUHUhg7C7lmJOgzy&cid=CAQSKQBpAlJW4euz9qO9hAWBqEcZE2xI9yAK-1T0BevSIqEu5LiD-9jADL9NGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14630770024622246000&adk=3676778483&idt=101&cac=0&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:52:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
14981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:52:29 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 431F 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 21:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
73657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Sep 2024 21:34:33 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B5CC 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30360
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 09:36:10 GMT
etag
48472445140208031
expires
Thu, 14 Sep 2023 09:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 9B54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNV9Sh4EFjOigRlaQDgPYs7AEl1fkcxX2AUDhbxwwg7rh6WnNywjKLkn-KCqRS7lsEXV7NYmbaeM_fUB57izkj5ondj7j2gSBbPcmT3-dIZ91IXQsj6-wNipY6kfUI-I9cKyz75OfTUI98jd_SNjME_lI1ycdU6MXBLglHEwY5fM7b5q71k
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iO36d8tgnmWe3%2FB4Gp5k3cR98ILbMkhApQWMnMG2LiIWw0YEnzwKujHbTtfBUXEktGQuWCr5pWQhPiESBHX9rmHuOX8xMHe9warux%2Bt120xJLt3VQMjTmag%2BXML1rD1i8Pq6ykeUs5ETeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80624cb8081f44f2-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9B54
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQH5IivbddhP3l-uUs49HgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNV9Sh4EFjOigRlaQDgPYs7AEl1fkcxX2AUDhbxwwg7rh6WnNywjKLkn-KCqRS7lsEXV7NYmbaeM_fUB57izkj5ondj7j2gSBbPcmT3-dIZ91IXQsj6-wNipY6kfUI-I9cKyz75OfTUI98jd_SNjME_lI1ycdU6MXBLglHEwY5fM7b5q71k
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZA6BgAGrE6XTVC6BciaUMA8yLMJcUa2H3BHxGBhgjfQYHMsFS3a7moBBw06582eF6u%2FP9ysYJ2lVSnjxeQI3sYksP8ekX5Vg2hVCIW5jqf%2BfpSWA4S5rZAviC6oLCabLU8cN1aJnySShbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80624cb8b93f44f2-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOS7b1R-IXOHzJg_dQVFQCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9B54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNV9Sh4EFjOigRlaQDgPYs7AEl1fkcxX2AUDhbxwwg7rh6WnNywjKLkn-KCqRS7lsEXV7NYmbaeM_fUB57izkj5ondj7j2gSBbPcmT3-dIZ91IXQsj6-wNipY6kfUI-I9cKyz75OfTUI98jd_SNjME_lI1ycdU6MXBLglHEwY5fM7b5q71k
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
an-x-request-uuid
ee500ecf-c2d4-43c2-87a6-3112e994b1b7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECpenp3thU42qOj1IUVErYY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9B54
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNV9Sh4EFjOigRlaQDgPYs7AEl1fkcxX2AUDhbxwwg7rh6WnNywjKLkn-KCqRS7lsEXV7NYmbaeM_fUB57izkj5ondj7j2gSBbPcmT3-dIZ91IXQsj6-wNipY6kfUI-I9cKyz75OfTUI98jd_SNjME_lI1ycdU6MXBLglHEwY5fM7b5q71k
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
an-x-request-uuid
0fa9aa50-3694-4846-a418-25f482e39285
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D
x-proxy-origin
217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 431F 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f78bcfb24cdfc6217359b967f4200a9bf32244c549c04bb7f3e681e1430c678

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B5E0 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dk2qaB6aaHHn7WbOhAIT-Qkg2f3Xc_TQiRtQSNobwgFZga1lNYLQLBRBdzdYdiFOiJofLt-FIZf1Oo05MUVH128HkdvTOgRd1qAb9YFJhwgdO2rtogWGolOCYh8xELaLOxLd_DQtTraXraRcufX4sOOhAsekS_XMRgKserm2wHQ0rSnL8&cry=1&dbm_d=AKAmf-CEZ59I6xjWDbFRMVrtkbV3sCVTFNk_sCUom9DH-cUTPYxYfH6wv0KwB4AExWK1aLaIGmNcTePBvPM-dCPPUJprKYpN0inMtLQaa0EPhPQevK9oRpqb25ZhwObK62Wfjkyv9hnzy-61jjRysywfxS1xMnyAd38IuJsLBFxUY9mtlqDfzXxdBa7BQ2dRBR7y4BQvyl1zKWoWxlUvOGfyqj4Jqo_RhDfI2JMr5wnqdc6Kbf0HOdrIZltVGX9l_9eK4uoZlBV9ApsZyUcxNZSCje5jCAyie4Fm_lkpEdIJEI5jpA7NXT42v4snsSTxCNEIpceYfWIQjYm_k_cpjsrqlzi0P5h2dJdF99U6e-N3g3DAXdgcwe2Tjx7gnEE_Qtn_c3m4P5QE-mEnVADVjf99GFxo4e64093RPTtrwl0J3sxpl3wtXVNUje54yaE0_wS9NwWbxJ_k1SnczruOqC6SCAdpfvU06suAJJ7rXiG6YwdQbbIZhNZJJBgMNoJrC6vE2VEaqTlKm7T9xYCJ6yTSiuAACw7OF7GITPW4lMedggikw2Y-FHVS1B2t962YQDHWwRsrRYpCb-TMUG8pxG8D32wZP99BC_vwyVsqCIP3-Yavs3L_L0XCfUszVPwjikJe8LRBOB3DbWTlNRggANF4KWut8iHOlVr8YvmZ2v3VYPA_FVFJisiSk8ohP7WDIxIFKGOKBWF_8t3mtxBV-kuKWae07tiLrMOU6w8lwTbAKzdIQNRQjU6NTgNXIDOaXMmdxsK4e93MMOrWhjvyYZFZXzsMbn6HJWh-IR0LHFF2WHgMfVotgSELjCR8Qo_9ggopfHg5tSdDtyAIC0A17T1rrMAcZ5d2muMhDIgl_K-JYoJyyEXFM8gvP-BI3EfH3oxsdzYdFij_LD5fzjKIKZIswOpn-RfjobiVoakWUyO3EkThUblfgCezKSabKayObiXHNIoANiYUd-ODSc86ipnkqVEoh4-1XL9o-hLYHtXYeClI2ipcvPW0n9Wy8p9IoeCAU0HfvSWj4JGuK6BzlHSoM5HX6mq9Icw_QxYVS-XlP8Ve27bSObRw7OFC9MSGRp7IQkXwFM1GW7iWFQu6_ZLoQdiy8hTDy9r1hmk4y69SVZcXfueCzEMQYIR-KiVBIVj9oZW64tX8ovA-L8eUIxvTqLbvJGH8VQvWH8-RK6XF8QHb4ziIqMse8lNaTwdKGTdrvxvokaU8H9ZdNk5DX-dNliLP86dV-2sCJ91dS9i3RpQ8JAj7XjPwcx6X3S8q2vQCV1K-FUo96jamBCsRIapbK42P0rC-S2prj0H0AJxGfkxHljgu6vfOKJ5-ksNroYg_JVSuk3Nd5VqNm6Cyt21wGwrHijD3nMvOTQ4e7M1laej59-e2FDeYkRC-Q1CcLrqSecuGEF4aWEDeZcwANz4DCnnb-6slc2AURv9bl8Vo04bqPQHcTOb_C0ARRxOO7m4WjPn7sbG8nxvfqWJ_vWgAD4vyMgpmPYpzgaHXGwH_HrI1lG__hpcKhg8HfV7YeEIXnk0weg1HYWWVk7RKvnisnYQI5le6ztw0H7ZkdfEXhOQ6N_RW6BOaCbomlLUatuSwrQaTJP_P383NXTULYxBWHfW-S3rD0ZvkqCs8VdctzrqH8F4kqyYXn8RBOLN_6uikZT2LWFiL86wxeiZ1J7y7Gj-xP0Riap2pgtsXdmoS6AJQN9PVCaoRZAWeOKhKq9WLnJM0cM0oJ26iwKcNOTFE2m7sm3WQdotNSpuEKrO5H1fJNqz16Dy0UW7rqho7IgLmQ0MckHHJu5vcNrYwdnKv0LOVTMYd7eWzu2Setgd-i_2N4SgSS7DgUBit71JYDsJZo05bpO-n5N-rxnIgVZdgfY6A61t-vuvGThp6nucYZMTuw3Gqim56TI-46LPw31j6zS489eHGeeuJj86vxvlC5wvol6CuiP1yanQfYWgJuGKrDRk5q1hab8ZcCh6sCjdV4BbYeWCyRQ4BHw2Q8hPbbLnidTYpBneFrW5i_lTbE8XyvO5aYq5stlXPElY7w4oTJ_KYAJXH5j7ebkESs-D1_FsdXfEAOddoKE_WIQ3NkfUQOYwYLxrGGTGU-Emynqq2kmYUsd4K_eRynIpRa2ANcXDzJVhj1Z591h6bYLbBmABvUcrayW5Y1wWsPI_zrnI0duOjfbkLUFeCtXpoqbczqAGh6oPbJETwG4waq3CZwPOkAravvk-ZauNuZiU80BJStTv2g0kBkugXGZC1yingPbhrXKTKXivfresV5omC5SfBAfIwOjHARjYkEAGdEs6mSgS9-OXejjxB3jnk4vdstyJ1-Yub2-_J8kYKnWMLrVDivTvl18WUBhyicA2y6pzMxx-f1ASRtSEZRWAlkNoBwJoEFIbF9PNl0Xg0xw0kgz2cvEUwJ61y5NUlvBN2xQCZQMSZVYIB1MFhcB82FQHBUb-_pwrZPuPUdX9PEhwm6ZlqeuXmHdVwZxLYWexBQyy0xMypGuU0Awm59v4m-_9eARXgIcQ_sQ5p1Fu7dXaKl-aJHGQOJzbEQZ_QCF4N5noBUYhxBz-QyBD29uIHsZSDI0lK6_iKCm1Ilt5cPRfuuWrKAE03q70jDbYCO7yQ3Ad3zRsNRVX_XR62VjJ--cwQJBY3qm_apgwVNkRHF9oevPdpECY2T33mwQV9r7oIkwgLmVZnyVR6s1H5GiLI-vO5w-aag-Zh_LNldPC2n6zJNJCerFxdO-Z_n9QHJokXoACVeLZ24yIrYpA5estPTS8yGjR2X4JEt_SmbSdzVUdyImGxkUps06cejLPluhQVOFRSSwOesGM0G2F9LJdwVHJtY0H-Tr39FVq4fje-MggkU1ZJGzAsZqRqQXNl21XHLF9OlaJoEvYeMu9_t42urQ_bde9voDWOyqfeyswhqKN10hyIMJIQ4B8ueKmpWY1K-vtvJosVcQBHlioeWIWI-MG_xw_iLGbH54OSNOdyb7WXS2axZAg9bhcI744ncf-_uXqKr7jYTEluAcqF-qX05nB9Xo_ETYU8bSWSFcEfrFZOl4WtlclkYCnl3OSFrf6nExZUcc_SXJ3CxLPlyFWx6-cLhjLpEPBP4sv9B0wSoxHl_9ePMibdRaTKDGBNtQuItvJ1P17JIR5Dt-n2VF4SoMvTZPaWSYO0c0azLZXU98SGDQ1-ym_4J_l7ao8BdJHiuQMfO2J_9VcRqI7ZGLtExobyZBI-Twou4NcJWXxtCbVeP3SfSNf98z2lbyOJQsmDLqBtNwJ4xLm98-FIHFcVeAeNbnuCf6j6Usfxpyek-TOAHilj9bFdN448zigK23jaQni5v5au0jIwyDbZRaqrIceCt8FU4p6b5PDVmeCD7USHWJNrrn_z-oXCyISWrghhCAGLkzrhnEvFkN-Ei_shxZB7TKtR729b0eEAyILuTLNDI762YTZuhyvdzBKQBr4o0l331cRxTD1ydakQ1jZijR3jdpCN5khXRQywUQTaoFSexaqWRFwZQHtsxWov5iqncpCeDy0YsQ7hLcIvNewlrOynkEBF8nh3XKtup1fGrZEwbmiG0PTaFHjpaw1F5p_GUNPbTXmRPVwNBYTwPVVEArGdMVYpAp4bHJmDSgAqFUXiXfRzGBE4z3HtSQEDCITN5UbNxtlmcHZsxNZ3KFtyty2G6gTUDjQAHkdRpPwdMy94J9j56QbB8OaXegpO9ou-GuC5KAuHyz9zGlo0PUhX8bzQTP0HDKaJH7mKmcYt7IN_rHs3-hkAwO57A8OJST4y_oQwuwMJjS88k7Dcd6EBC-_LZ6SX4t1ZiHuMIj36qsURNzv-JVlbLzI&cid=CAQSKQBpAlJWYJIi80dEK_vGcM8F_yQnyYwT82NyEY8MC_BzpHt8Dcbz1DTTGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=815246409079483600&adk=1268836065&idt=156&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 21:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
73657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Sep 2024 21:34:33 GMT
33lgkyejwpt3
hal9000.redintelligence.net/zone/ Frame B5E0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1694628129748475&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR-epIfkBZbvXLc_E7gOisKzwD6blvaBpnZycp8kP8C4QASDTy84wYJX68IGMB8gBCakC9j0qZY8Csj6oAwHIA5uEgIAEqgTwAU_QyldnXDOMSca-BYIZxUFi3-WbzexovxWwvow4J4wCd2ymw8DYv_Rzm3cwWxuc6ToPjzWEVI7-0TNJ0uHjnhpzua5c-qeyopvrd_ky2d4ipObZw7ilNxfHyMjTxe2mFgxl1hRhW6oVmhd5XDjX7taKfJhXoxW_RSDTbItz06IQ9TABO87ZfUPlLoxxT9yQywTq0sG3_wG4vWTufV-lA0m7J-bsC3qdLswDuXmcwFeyQI208ftYtxWX-wlGTseGFohbHrZPRteJBz7aX3qyynuKjhuTzHAjL0-FYzvocS-neFHeuIFc6Yd715757-ewpcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI--vM3ZWogQMVT6J7Ch0iGAv-EAEYASAAEgLk_PD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWYJIi80dEK_vGcM8F_yQnyYwT82NyEY8MC_BzpHt8Dcbz1DTTGAE%26sig%3DAOD64_3RDD1GJNG6Vs2RVzb3zmRiipeQcg%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Da2fTOCxtqrOMj04BD3sqHtB6zSWoAKTzxPR1eGx0J4iN6F41IxI9RMK1t0YE1wBs015fSXPKNSZ6HMczUZaIF9_6nxWgb64V3ITyeivOPVksOsk_Hu97ybSAUwOl2nqTIVXy-78lBltiMv-COQ2OuP3CSf8OLAgFUA7h4bU4H8Scitj8%26cry%3D1%26dbm_d%3DAKAmf-AI8CyBFDQwLUNJLUs5tFW1k68Un7D8iDTW2YfO-FUCxS4X94Mh84aLG3RA43WgWrnay3hu6RKTyi2Dh1q5pk7jYGniJMiDMnrnkZrP_lyBHgWaRZ3K2dQiJ2sCFS8EF8lICrZyiQOtIah_sC2QG2rp9p2_npCqLqjxTZ1aiM58G9IRQI-mSJ8DpiQ6BZQCpoNZ0isCdgWTvEyX4QIdu3CpaD1xNhR81SBJazfS7CokFA9pyyymgHWvV3umgHuwDBmF1Dz7-fw_ms_9v51S-YxozYw_8f2rBMBl3qLFuhfMTZ8Gw1_xZo61KjNLMBjNCB5RD-Rkmd84Nl7lLbGQku4P_jQrUGAFwWw02FmNIwOFIy8Yv2MqSCS8k3uH0nOHnGpcjpaBEokfnSAovBzrAwG13JsUTmYkJpztyLzmwuzQN9zhgX1NllVJQV7d1Cp6MQEf2H8zhcAIsHZDlK6drKLO5PTM_TessLABIYsm9b2sxe6tFTYeVr03FfDKsR54Z91AcTBR6FuSiV_JQZ-1Qti2vYCPPW1lEz58w_RSSj9jsZ2V9z9y-qN8wMvKhtOVaR0zEPdH4jlBB3TDTVbaUn_-3ueLsI8ftsdx7fKCX_-g8c2iRa0%26adurl%3D
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
b0ab616b1a74fb45f9075d33e1eeda880f5f0050a54831353331c04d0b79e689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Wed, 13 Sep 2023 18:02:10 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4219
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9457 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
73657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 21:34:33 GMT
expires
Wed, 11 Sep 2024 21:34:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B455 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 06:26:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/ Frame B455 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcDYiIKkHqciapyOVlyMeX96PEN0YOf8tothNaxBphBADpFHmbnH4013NP4zJdFFyDgPHFFy6d1BkEvmtgWiemqU0eMpMs_adBwtQ8usPGe1v-QAA&cry=1&dbm_d=AKAmf-AFZGuy16a6XNOy4DT4kHA7xDJ0I3Iib7afwxdh6BCF6GevNh63EAx467kAuyQJQaY1sF16G54Mh_lr-yt7nernd-iFYpkGvoUnIi3yr0K0lgynejMO9R_ro7IJaP_JX1bbcgGhLZkcAVUksxlw4-OiQHLbSDEtAg5AqB-F0oetM23Dxc9Ez2AGSdOrpPiBEkJFziqqQOw3dmDJjoWY7O2kcBL78Glg29Eb72meMCuHg1pZvYG08nw6eZaa5_nqvB1cpXaDKKt3C6QQZX6mrEklmOoxyrLUH28dRcvpTeYy8FtZNJeIXnxmPbDJvM7fOA4QaCk1ddpISWSL-2T2M3yPbkWRPGinlyV1qaHtq7E3LxzQxt0Cwo3rpJJNM9uSZC1nYTkyphz9OMR2QPbemLlDqgJmGXydj-pkjTkHf_d3EU71IodPobPtUdGKshfmQcWvH0kik7bU3rhaz4T2OE9HIDAzxXNu471FX_8ZfLmnYay1Oa-0GhsFf96YBtvPoWwV20TL_rgV_jyP6AkKSmgbgUMY4er8WeS4It4uOQr7I60RYqL9Lgl6Lw-Vr8tI1x7SxEv2VOUgxGI1GzdqN6yttNtluqy_ikwN9DiODr3KBvgxg39Z9yPqS7ytipYPbiOHFmTj-W7EgBciAo1Pid9KIoMApMCNN84PhyQQPcGhdyoOFj7vOmUsgNnGdSmsLFN3I4n7OlMKPJv4MvoAAeh7lpjas7VX8MVQlk7jJvRhQhoFX9FOSUCzDbDgVOUdEnX-ettzJi2cJIpXFnQq6eFdUMMwMO9VEvrfcq9M-smEz063ECk4zYeYhYp9Mgw4TeKd1VJ_yOzW5wAMkHM44JzfV1T8-SxE7NiBo3pLKBYCtbeN1rsqN7ezV3Y15OZIbnOxrv1lVcS0ktEgAGXEQk2K6fBBSBgkpeRRXdDL9oh5zAS5KrTfglT6FCfPvCO6rdA4ZfltnBz-12u1eBgbADLZ30rWrj4PwPbu1k1lornIwgZ725cUSWn_LRCglpoRrZKSXMqz3yEqBR5klMSal8n_57A99sj7lx8Cbe6miQsx6elbKV9mcE0UifSeb3kj8sS6bxpgmDHHQrpumXMqST65Ac7ElCSXFFcj2d_u7vLn4JL-AiMKHqwFb9NxWQwccGWvvnQcvDlbCnRlY1f5X1NGbXPJ3lnRcP_yBpMJdDQoLAsgdoc7bsnVj7PxH5mTBdPYORNCAuVFlERtS5XXnER5fwbf6F27iGdEWCDzmlvEGl2bPnYqk7LuvqcJE-CQNulZXGC2e_kHadPvaU256U2lv9jnIlH08U4_FCzfvt3--Xnvg82Zu2TLEXKcIZOeqrjfDOehcB86XPaQ8iz4-lp2E2ftMnGXRf9n2m5x06me3kJbt6ZF3Ubjk6R2j1QdFHmRa9AFfBOVv3GW0SLJDWGLkW1D_twWxLm6iksC_dIIO1F1zllG4g2vA_tPUcmvZ7fFYMoLIbnKmap5tej9gHhOPQv1-dzyWwdXCdwNbGtUJ4NQz35L9Jr8hWoxL1gOK7lAC4nBaNumNmCzb9m5hPN-f6f409xh49UmsSW5w47kwCgWYngjqoQPknr3WGAeOsv9FyQ-upcUXeATeWWrkIBPp9dwUmxT1uBM5vMRhaxAVJ_6aW7rKqQofZvhYUwVLse8YMmIRLTWoONNrp2hv1Oj60WERCv_OLNnSyGR2hSkqDP-mgx8aBRsKodt2NOUYa8cFsC3KOFRHLUAi1fLC1G8MgyxuO_EaSF3fxA1Z5uCVgP3i-Ehm6cJdLfTo3D1pXetVmVyfvIUcJjUejzZfhFdF9CchGbGuuEWQE8m8OvZdEfWeXKImKkZ-uE3z3cQzuf4T6XATVT0mZ4KnJedWqvQs72n2RRav4Eh2iSt7h7vXo1m4ODXXjOSDxg4teo_OrPWM_uhBuMIK6HOUFMnQRMYVo27TKRRmTSog33p02TcSWVE7PjLKUYgA6P_rwqJ23T6kleWuK_s2Cg_xsMwnQEL_sLN9Bu8RZJ113bRrnn17K8P05WDc93Qspry4IOabmH9OBuoyQotacigEtWznru4-40S_hQg5tH5dGN7eLebdvRm8AQd9__lC32vGX-RwZLuUTb2b2qQDsKzJdKE9wVezIKxSy5o4hNVx262PpSihQaZ8lQYAYjqVSFA8W8U_AkGamsvdkr4-s62ptlcGXenugwIsYwxBNPLvamKBKgSRdIj_1HgPP6Gjf7OUtcvif9igqeWesD0x3YS-rpjpgLUNLaO67NLzag_Npmy0FgvpkokSrXzRyRP6RU5QUraHSMMM2LDi7LZqatI4EaokLefZUPAw3420kEchSCM9ZCBS2EaaJ010PcVMELedawGijS9b3KxPLK04gheQNXjSEE-7v-UbgngNXBD8s1C4zVPECAX4OB84wNBZ2_UuJcx7bUSDRUiJHpYjW-cFyweQlT2lBYw9FWRGldvzdI7D8GBsZRyYWi7CkAj633U4iwiV1rQyrVAG4gMt-MThZl2YK-D9HyeETfnAFick6sT0Qy9KfLVgvId7c0S7trDxxmRkvjk5InmLbBvYyOW_Bn4gfMYPfKkR7UgDQOcI3MR87VlugKr0N9S1vH5591YYlZ4Ix0tjRqn3oJyGOiGqOcTFYUPF5CsBi6ogd8F5gAIoKU8ldEuxutPWaFP4ae0WA6GIiLmG6FxXMxKZHhwYQryOJyVAz9s0Rm-H_YhQOUI0evi_CHzSukID__gSO4DspvgeUvaJaOKkpxl7w9qJebrPXEHOIfqpji3gc4aqG2azOu8RgtBa62V1L8hIp5rBiuB1lh3H869mb-bKOJy6jV0IVOfIIR1_qY6s1k-zL4DJJTAtqR2pFeIy8tYyJqsvFRWafJfsUdOuAYCi1Z30mdpWtsKi2oYHRReD5N797Jf6oLi4LA9PPrxCe9RVuaf4BWjDuyahu-fEyqTPtSCqMmr7sLUjGw5cFvWhDO3JhDWPQuCzAlRSJxA3DZjS29oQTVOn0RhCw_pah7a_1N_3s7jAhmMd06avOqR9KTONd5oiakLkMY9ilhCGsXxoZToqipGwWiCgfDttOB0JYwbMrDuqhRzj8DZyhgMUQJBy7H1B0EmlboiyZ82eIEwN-OhOyICUFOpx5CVI-mlVMKdwOb8GZiegF3GvR3ldWt_PqyiGnZryiWFqTmm_1Uverus5p7_ymWYEnwXQfhH8MybL71VbQY4drpOjAq8YhX8UZipyXve6MpFnLK6TF_9-1DfRHfhl9WjSL7JkbeDt9TIPPyQz4QkxkzOgZJMPm6ipREXHgu1Z909j7o-MqU-2404xsXT7OE2co-vKhmkCDlo__p02ehjraQ8xiBeT4yag0eq_kwCzwe4jqllJXm2SLT_dh5YLF5IHNgBVaJS_cXbUY8cyskt3Y_gcjReNqtz4SOwBZ-uvCzbrIvC92QzrhrHsLYvAvMCTOrGWSjvaWb5Gz_XZdAyEhKKAg77nADU8ZtKdI67qp-Bl4XciyYyp-UI47cKD_K_x38obUTx9oWXGtf9Blu7swaZAFeIzxuYR5tpozN3WkXzMgw&cid=CAQSKQBpAlJWepKTdCmh8zhGPBoHh3EDGMFozLItOIWfXP2r7XkOKXS8CHVaGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=16355129604742314000&adk=497053795&idt=117&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:50:04 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame B455 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcDYiIKkHqciapyOVlyMeX96PEN0YOf8tothNaxBphBADpFHmbnH4013NP4zJdFFyDgPHFFy6d1BkEvmtgWiemqU0eMpMs_adBwtQ8usPGe1v-QAA&cry=1&dbm_d=AKAmf-AFZGuy16a6XNOy4DT4kHA7xDJ0I3Iib7afwxdh6BCF6GevNh63EAx467kAuyQJQaY1sF16G54Mh_lr-yt7nernd-iFYpkGvoUnIi3yr0K0lgynejMO9R_ro7IJaP_JX1bbcgGhLZkcAVUksxlw4-OiQHLbSDEtAg5AqB-F0oetM23Dxc9Ez2AGSdOrpPiBEkJFziqqQOw3dmDJjoWY7O2kcBL78Glg29Eb72meMCuHg1pZvYG08nw6eZaa5_nqvB1cpXaDKKt3C6QQZX6mrEklmOoxyrLUH28dRcvpTeYy8FtZNJeIXnxmPbDJvM7fOA4QaCk1ddpISWSL-2T2M3yPbkWRPGinlyV1qaHtq7E3LxzQxt0Cwo3rpJJNM9uSZC1nYTkyphz9OMR2QPbemLlDqgJmGXydj-pkjTkHf_d3EU71IodPobPtUdGKshfmQcWvH0kik7bU3rhaz4T2OE9HIDAzxXNu471FX_8ZfLmnYay1Oa-0GhsFf96YBtvPoWwV20TL_rgV_jyP6AkKSmgbgUMY4er8WeS4It4uOQr7I60RYqL9Lgl6Lw-Vr8tI1x7SxEv2VOUgxGI1GzdqN6yttNtluqy_ikwN9DiODr3KBvgxg39Z9yPqS7ytipYPbiOHFmTj-W7EgBciAo1Pid9KIoMApMCNN84PhyQQPcGhdyoOFj7vOmUsgNnGdSmsLFN3I4n7OlMKPJv4MvoAAeh7lpjas7VX8MVQlk7jJvRhQhoFX9FOSUCzDbDgVOUdEnX-ettzJi2cJIpXFnQq6eFdUMMwMO9VEvrfcq9M-smEz063ECk4zYeYhYp9Mgw4TeKd1VJ_yOzW5wAMkHM44JzfV1T8-SxE7NiBo3pLKBYCtbeN1rsqN7ezV3Y15OZIbnOxrv1lVcS0ktEgAGXEQk2K6fBBSBgkpeRRXdDL9oh5zAS5KrTfglT6FCfPvCO6rdA4ZfltnBz-12u1eBgbADLZ30rWrj4PwPbu1k1lornIwgZ725cUSWn_LRCglpoRrZKSXMqz3yEqBR5klMSal8n_57A99sj7lx8Cbe6miQsx6elbKV9mcE0UifSeb3kj8sS6bxpgmDHHQrpumXMqST65Ac7ElCSXFFcj2d_u7vLn4JL-AiMKHqwFb9NxWQwccGWvvnQcvDlbCnRlY1f5X1NGbXPJ3lnRcP_yBpMJdDQoLAsgdoc7bsnVj7PxH5mTBdPYORNCAuVFlERtS5XXnER5fwbf6F27iGdEWCDzmlvEGl2bPnYqk7LuvqcJE-CQNulZXGC2e_kHadPvaU256U2lv9jnIlH08U4_FCzfvt3--Xnvg82Zu2TLEXKcIZOeqrjfDOehcB86XPaQ8iz4-lp2E2ftMnGXRf9n2m5x06me3kJbt6ZF3Ubjk6R2j1QdFHmRa9AFfBOVv3GW0SLJDWGLkW1D_twWxLm6iksC_dIIO1F1zllG4g2vA_tPUcmvZ7fFYMoLIbnKmap5tej9gHhOPQv1-dzyWwdXCdwNbGtUJ4NQz35L9Jr8hWoxL1gOK7lAC4nBaNumNmCzb9m5hPN-f6f409xh49UmsSW5w47kwCgWYngjqoQPknr3WGAeOsv9FyQ-upcUXeATeWWrkIBPp9dwUmxT1uBM5vMRhaxAVJ_6aW7rKqQofZvhYUwVLse8YMmIRLTWoONNrp2hv1Oj60WERCv_OLNnSyGR2hSkqDP-mgx8aBRsKodt2NOUYa8cFsC3KOFRHLUAi1fLC1G8MgyxuO_EaSF3fxA1Z5uCVgP3i-Ehm6cJdLfTo3D1pXetVmVyfvIUcJjUejzZfhFdF9CchGbGuuEWQE8m8OvZdEfWeXKImKkZ-uE3z3cQzuf4T6XATVT0mZ4KnJedWqvQs72n2RRav4Eh2iSt7h7vXo1m4ODXXjOSDxg4teo_OrPWM_uhBuMIK6HOUFMnQRMYVo27TKRRmTSog33p02TcSWVE7PjLKUYgA6P_rwqJ23T6kleWuK_s2Cg_xsMwnQEL_sLN9Bu8RZJ113bRrnn17K8P05WDc93Qspry4IOabmH9OBuoyQotacigEtWznru4-40S_hQg5tH5dGN7eLebdvRm8AQd9__lC32vGX-RwZLuUTb2b2qQDsKzJdKE9wVezIKxSy5o4hNVx262PpSihQaZ8lQYAYjqVSFA8W8U_AkGamsvdkr4-s62ptlcGXenugwIsYwxBNPLvamKBKgSRdIj_1HgPP6Gjf7OUtcvif9igqeWesD0x3YS-rpjpgLUNLaO67NLzag_Npmy0FgvpkokSrXzRyRP6RU5QUraHSMMM2LDi7LZqatI4EaokLefZUPAw3420kEchSCM9ZCBS2EaaJ010PcVMELedawGijS9b3KxPLK04gheQNXjSEE-7v-UbgngNXBD8s1C4zVPECAX4OB84wNBZ2_UuJcx7bUSDRUiJHpYjW-cFyweQlT2lBYw9FWRGldvzdI7D8GBsZRyYWi7CkAj633U4iwiV1rQyrVAG4gMt-MThZl2YK-D9HyeETfnAFick6sT0Qy9KfLVgvId7c0S7trDxxmRkvjk5InmLbBvYyOW_Bn4gfMYPfKkR7UgDQOcI3MR87VlugKr0N9S1vH5591YYlZ4Ix0tjRqn3oJyGOiGqOcTFYUPF5CsBi6ogd8F5gAIoKU8ldEuxutPWaFP4ae0WA6GIiLmG6FxXMxKZHhwYQryOJyVAz9s0Rm-H_YhQOUI0evi_CHzSukID__gSO4DspvgeUvaJaOKkpxl7w9qJebrPXEHOIfqpji3gc4aqG2azOu8RgtBa62V1L8hIp5rBiuB1lh3H869mb-bKOJy6jV0IVOfIIR1_qY6s1k-zL4DJJTAtqR2pFeIy8tYyJqsvFRWafJfsUdOuAYCi1Z30mdpWtsKi2oYHRReD5N797Jf6oLi4LA9PPrxCe9RVuaf4BWjDuyahu-fEyqTPtSCqMmr7sLUjGw5cFvWhDO3JhDWPQuCzAlRSJxA3DZjS29oQTVOn0RhCw_pah7a_1N_3s7jAhmMd06avOqR9KTONd5oiakLkMY9ilhCGsXxoZToqipGwWiCgfDttOB0JYwbMrDuqhRzj8DZyhgMUQJBy7H1B0EmlboiyZ82eIEwN-OhOyICUFOpx5CVI-mlVMKdwOb8GZiegF3GvR3ldWt_PqyiGnZryiWFqTmm_1Uverus5p7_ymWYEnwXQfhH8MybL71VbQY4drpOjAq8YhX8UZipyXve6MpFnLK6TF_9-1DfRHfhl9WjSL7JkbeDt9TIPPyQz4QkxkzOgZJMPm6ipREXHgu1Z909j7o-MqU-2404xsXT7OE2co-vKhmkCDlo__p02ehjraQ8xiBeT4yag0eq_kwCzwe4jqllJXm2SLT_dh5YLF5IHNgBVaJS_cXbUY8cyskt3Y_gcjReNqtz4SOwBZ-uvCzbrIvC92QzrhrHsLYvAvMCTOrGWSjvaWb5Gz_XZdAyEhKKAg77nADU8ZtKdI67qp-Bl4XciyYyp-UI47cKD_K_x38obUTx9oWXGtf9Blu7swaZAFeIzxuYR5tpozN3WkXzMgw&cid=CAQSKQBpAlJWepKTdCmh8zhGPBoHh3EDGMFozLItOIWfXP2r7XkOKXS8CHVaGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=16355129604742314000&adk=497053795&idt=117&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:52:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
14981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:52:29 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B455 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 21:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
73657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Sep 2024 21:34:33 GMT
google
match.adsrvr.org/track/cmf/ Frame B5CC 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFtTC4GstWrpBRHXdcJnlqY&google_cver=1&google_push=AXcoOmRTWoSSVkVoKYmLriiocWc0YnvHccl6b304HmXghGHvBf7odlB0vUo-boxOFGoK0sh_lH6eVhT7GIxMjE2u8lvy1SfrNHAYpKSOywxvqiDa_BP-vvBmzvEU03Dg5rbTcDhlSsEPWjXSO3uGKc5r1stI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B5CC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGVzwiQM6my8JdhxjXWFojs&google_cver=1&google_push=AXcoOmSPpu6O1Y30_Kd13s4ASE6trR1WYXNK3ib8r5fedhXHbEaAP7je4p7Hq_JMDPNNuYGTGvPNnk0H-Sie_ouE-k68ySM...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSPpu6O1Y30_Kd13s4ASE6trR1WYXNK3ib8r5fedhXHbEaAP7je4p7Hq_JMDPNNuYGTGvPNnk0H-Sie_ouE-k68ySMJ6Zl585JqD7wkBu1M_1VB3XXeZ2nXl2syJ8R5i...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSPpu6O1Y30_Kd13s4ASE6trR1WYXNK3ib8r5fedhXHbEaAP7je4p7Hq_JMDPNNuYGTGvPNnk0H-Sie_ouE-k68ySMJ6Zl585JqD7wkBu1M_1VB3XXeZ2nXl2syJ8R5iXhL_Z5nYHuw01CQZ4h8ggR_&google_hm=eS1vZE1fRFk1RTJwSFhfaG1RNUhtMzJlQjVoNlRXS1RnV35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 13 Sep 2023 18:02:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSPpu6O1Y30_Kd13s4ASE6trR1WYXNK3ib8r5fedhXHbEaAP7je4p7Hq_JMDPNNuYGTGvPNnk0H-Sie_ouE-k68ySMJ6Zl585JqD7wkBu1M_1VB3XXeZ2nXl2syJ8R5iXhL_Z5nYHuw01CQZ4h8ggR_&google_hm=eS1vZE1fRFk1RTJwSFhfaG1RNUhtMzJlQjVoNlRXS1RnV35B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame B5CC 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRO4rAOW02MoKKI7wMQDcJt355hPydDFW8INLhOK1sfn0-Ezrt4AXIrwGYqCr5_xTvzlgwRervK6doj1Ae7LW2TISNe0Z01--AtNE9YWkxUKVZg-SVM_psC8eSOxArkeOWkuet66w6OVyt-6mEYetj3&google_gid=CAESENRPR8R5j4aCxcV1EnM86Ts&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:09 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
204260
expires
Wed, 13 Sep 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame B5CC 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEFbnHcvBzIq3LDzZ74g8Nbw&google_cver=1&google_push=AXcoOmTUzxTjTJ2gup7u8VitJSEqH-rPbkCYvAhgfwwSdjici_6kn8E_iQXL39Sh25jGoDYyB0G63fy5pseO8EgwAItxXpGSia6EPixad5cl8URmt15XlzPZRY0-HqiGUGd-Vp6dzLJdiUcWH9VnjVHltGdc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
sync
ssbsync.smartadserver.com/api/ Frame B5CC 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESED6EdCOdCfVSmL-wgyyCohs&google_cver=1&google_push=AXcoOmTj_0k_tE-hhrDJApAcaDhJYhpVMjlVvwL56Amr8f37TLaI9mSfjXzcI1-3lBZxfrBOAhpDsonCdD7g45lG4WthGQCbh7CnBQbrKTWW_5MlFn6Qb1yI9dyincfFDGCSDh__SMjSqsvyZJOD1JHJu35u
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame B5CC
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEGRqHAbOVChyAXFEaE4EBhs&google_cver=1&google_push=AXcoOmSGH2q3AyhWMfR6yQ36sbJObObnAFHWalel8_z0xW94rqOnBDWbDHKE6mobPv...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSGH2q3AyhWMfR6yQ36sbJObObnAFHWalel8_z0xW94rqOnBDWbDHKE6mobPvnAsDMndiarKvsmhR-d5rqK9DjHQIJ-2HlhF7QEm2rojX6yo_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSGH2q3AyhWMfR6yQ36sbJObObnAFHWalel8_z0xW94rqOnBDWbDHKE6mobPvnAsDMndiarKvsmhR-d5rqK9DjHQIJ-2HlhF7QEm2rojX6yo_bbJ-F7aAVPy0h5odcRNiUktihLOKyBzjmN_7VAsS7a7Q&google_hm=ujs5uxj1Sdu6J--BMpVcLR0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSGH2q3AyhWMfR6yQ36sbJObObnAFHWalel8_z0xW94rqOnBDWbDHKE6mobPvnAsDMndiarKvsmhR-d5rqK9DjHQIJ-2HlhF7QEm2rojX6yo_bbJ-F7aAVPy0h5odcRNiUktihLOKyBzjmN_7VAsS7a7Q&google_hm=ujs5uxj1Sdu6J--BMpVcLR0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B5CC
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=9a98909c-58a1-4ecc-8dc9-bbd360b57d4b&google_cver=1&google_gid=CAESEA9sV1kOvLyhdOi0Wwm89Fc&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=9a98909c-58a1-4ecc-8dc9-bbd360b57d4b&google_cver=1&google_gid=CAESEA9sV1kOvLyhdOi0Wwm89Fc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQmrRdIZNiYHOuP4jzkEkdqs9sW79DObypZLHhQx8BVtLafXrk_1YR5hk1LpeBpHZzOF6Vkhbdrzj79xxOOkfWGCbnwZhtwCIHHVYweRPE-CsY6KxFMD2rAs44RpWOX-esE4f5MKWj97IB-EfZ3Gyb5&gdpr=${GDPR}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=9a98909c-58a1-4ecc-8dc9-bbd360b57d4b&google_cver=1&google_gid=CAESEA9sV1kOvLyhdOi0Wwm89Fc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQmrRdIZNiYHOuP4jzkEkdqs9sW79DObypZLHhQx8BVtLafXrk_1YR5hk1LpeBpHZzOF6Vkhbdrzj79xxOOkfWGCbnwZhtwCIHHVYweRPE-CsY6KxFMD2rAs44RpWOX-esE4f5MKWj97IB-EfZ3Gyb5&gdpr=${GDPR}
date
Wed, 13 Sep 2023 18:02:10 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame B5CC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjvxcvOof1Eg7uDYCEA4YZAhz9V-9FXEfEsuk57MitFwpSLNekB-zkwbsyQHohFjVafNwYSvM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame C8D7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=546699507850&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C8D7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=546699507850&version=m202307240101&ct=76&x=1&cor=5628051520045561000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C8D7 		102 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cb1Oynt9dpb3FmYaQ6KfyWmvIbaNpM-laZaitOj41pJN25bzDkHxcHHPJpVRW9ExyolUzBVDV2se0Mb7q5QtMxrsJRCOroFp5bQteJoroDmu5Ccaw1SoWWkI-DMJVouI0jiAXrKL5gJO4V60hHQZif-1l8hK6ka_StYwqeMD_M8gTuqTs&dbm_d=AKAmf-BftZNDGqEuatwkys3Z1xgcMZYtOvByT6je7Ho7KLvFW266YjCbqCOC9NCcvMg5OxPSRfDJy9a5cWqOJwg6fQjmTYsp_g_5e-y3t0-qCmnThAdxyaJAIRapa97c_Gy9uOlzqRAkkHW6JResVDOTUCb2x340Wo5q3k7gCC9pCns0AI1ZuqWRPNDdE3rqQDPDtpbNZG5qzk2_uuKMhnoKgUtoqJfOMdpyJl2OIxR5KUitur3NDHILz-vPkGe6C2gJB4NTStKvglJVmxci-sJ0UoeJp_M5wY03ElB0HTnD93qRq9ky51SOqUHJiXnE22Vfv6zWyWcO8k-AmWaElSKpMzGJigQxaYSSpOI7O7KhBN75BgeX8j7IAaXgiuPRZpjkKQni6vRhtnL9hlVi2-_hLgK37HbMZtwgANtYs56ZDo2RPFvntvJuKuJPpgMKCy6vde3-UPenoCXykhcOBLVhIix5PLa_CIp6bjFEdAbwojQpP-2lH7GfUkEA3e93uC0Ef-eq4jIXryui8DNfaMewdP_6KWHrytBLTK6VjUdWPipyaqGbqPYAduELGqv5uafx8ssQfV6tx9F7LSp2TsgEf_wx5ZvbSBQ8AToZE13R1FfxwZa6mbY3Ha71c3rFlFp96U5Fk2dljKsGe0uALm_ZJkhcJGkbwP60I5fw5be1c6dBDDiPfqiUIh9xukw2l5XNO11g306BZzW6wA1y_lJkDXGaC9aUaIi_ig-6ImwVSeNLl5GII7w-cqccxvV3OQU-JFP8nqITHKw4_3MJeOLAISpdKI7aSVJSbMXZuWeIjIwiYO-8Cf2VhneWKf5c-2B9YRVweZWqnrvZlT4x2HJTHkqE0KazohQLgdKRPOBTaVpSble2gf9PcdgzxEZuKqmUXQlVWcFbxgNccmMQOV9cXAzqPuYrYn8GwFCIvX8qyOPgGMNE0utX1ubFUZQ01YSjbPmiLqUM7BD2YCNOfQMdBK97fhdHVn5jU8Pe_guMETd_lDDt3O7yczzZswNVqKLHYUqnDcBbCZ1qp0Fs68cIQygCTrE9-sUnwGBDGELVD9D1hQfGpsChYuS1futpM2uOFdhoSdQpYu90jrBVhyFwXNYDh7go_MqW8wf40yCpXu8qcdNLmbHleRJi5tenXymEgEZUq96ovseWrPL9pl6u6ptMeMEjOGS3cYJlb88__SuBDSU7VZvGMd9vQ3Vq0eRR5GdBTStUu90MfVC1aKYkEe7vrRUczuxZ-A41rUrGDkkxYaedkWQRhvff351BK5jc_3yRwZWT_iZZH_of2D7goxxCYEPeEvtZUMBD7QUUg_09KTuff5BO5NDpHBp1wd3hGHh5sQwFCQt5YLeBqWfWMHmtqcq2qLHdPC7rRl21OWmimI0dqhRUwxLZQXCOqxmh5oD9Dtrs_L0DHHzsQsWR-umuzoxygxMJyGSEGqb8MssRIVP1TsijeYCLejtlWujWRNvOktkYSZgDuq_SRdKeE46dhMesyhqBa7izdvCb05QZjniyZPhrB-ar_01TgwUgVpdygIHgICoKUVBZcvgIR0XKlQeG7faW6kxvQITeicGUhOt50fIRUMAk9lOzbNLS1i0c3E25PT_8H1WiR2KptjARlhN9nqq-8H_roqgbXsS4xKaaeIZbViTw76OQgUF9x_N79Mrzy5Pvq3tGHszXACTCWdpv_mValehZsPrptndrVeRFyQyzZwMlO6-_nYzXdqlzd_MLwvraG65rhczFvCVYGhTQ4gNd1dWzeocx8IfGMvaUv-9fL02NEr72K1AbPsgrOzibbZCGVw6BObcs9R1REuojfvGMiycz-WnT5UN575evPWIg6c-WuhLRkNjbVtEX9cFY178Lt_SEsyZdb64V3LXVWnItskD5Fg05huOs9yF9mIvkRKqLr2tsq_f7qQYnZtMFHk6c66VCDfHT4i2P2kzlkUO-L-3P5AnFAM5iCx4rP7oIAeZlpHSqHbvkjeA8Gz09g9GmyBHQGe7H_2pegtWZSXOz-Qe1Ve65CD3WZuB-roO-4OR2VAFyXVBF7Crf9MMzRpQqztiuxnffln9a4gojnW_nyVFMdMP3jfaZtO2tSKu4GEdZ32OD0tKicvT7gRkXqmfVryyzyznwC29DtZhMI5kh7NmH6p6wRvyJp6yMR44GPgrydWF5Qf0cRiXtt4S9TBBAouPDbsKMRmPu7ieun9z3d_QhYIrnLBnpmloGFsRpMMxdL6l5qFGX2OPGqQEvLAkSL_adP0w5_uGIvrzYKS708ZlOpx_w774UnQs8MCfFrFNVqKpR5ARq-uLjgtC7et6P0Q9LpSE6mDjLMoaEFXFIJE2PpR1lN1N_iv_dqKk7BbVsvOBScBVKo844ggo-iqIUvhVYSg3tMfhBT8X7nftJchYt0Y541LeztQlRpIO-pFX-jV8ebXZ9PHz2VvZV3qzs4XX0_ODy3vCFvOvg5xnAu-DxR95Pcaa0SB1_eKaTSpJ46PLx5sNmkMwaL-QZK11dY4fPZVtQC0RTVAfGOLh2jtPAbaQAZ-TkpVRBdbdk-gddbsXDj7Jb7LdgIvk2M8ArKf4FES7Iu6eeyCfP03OF79BXHGtxvIliryFc4ZDM1qgmgNyz6CeLOLo_PThr0rAicpyr_AoQ2wadefWKAfrdYoCDQTIc76bqaUojSRa3JaSZvQ30BrHEzWsQ6TEq3DWseZLe7zx8I3WnTyw24sC0DPyN99dIfq2Bc18-fYHE5fmoa_K8LpNK5W8YXdxOCFJGOrgrgJTMglXZ8-N_ctAjgjgOmi1EqBSyB1yf_VcO-K1XKZYRl84F_CKvRO3xRTEJ1t5O0xCF7eUG6sw2UFgaM4HSlCPDL2qyekJntRnQD31BGmVCES8B1mY2VMuSG0zpiMzfmWleEmspXq2CnqXeKw2saiyofmsvZQ7yxnda693M5x8EFc-FTJCY8_ItzGAWG9wNEq_hjq7NtU7LliCSwSqUkUCBXQx9W2xnlV3HVAej6mIEKlc-KYkvEoLbWoENTnPf_iVvMnzxbYMcQfRWNg5QyuqXrafM27yUdO3bTVQDAxWLhr_HtHBS9ylvT1rIRhGYa50xh3-ahobqKVMwYQ1CmVvXGTvNn6VBsORus-Xn0MckqxaJzrvWGt5kQvEjBR6DYZ1uPaCywiJG7BXZVrDIv0-howVg7b3KxjSS3e4vRTI_LRTxlHm-6p0h2WIQH6HeWSrX6LPG31I-oJYyGjYuxC81Y17T_tUbmbFXMoG4PVkYdb8ECe4jJrl27hT_TlII3btmK-AHp9aMtypdOweUgDw8r8PYThbTCDEXSE6bcAuQZp-v6_tamHkHHVP8l7azV-hjZKi5vNr8Mx9HCgiy03WbetjN8oM9UHNbAcD331mO5LhSIj6rpK4kRyHC4UrswRxFDE65NWoF5DF-30ceGAatKk_lq9Qhyb_YixCSPgCTIljlDcKnacry4eZCu8WMzVIVoa91mRql57ztlO54RpFtCgc0A7AKXxEyjIFeUc-zvgOcuOuseAlaEGwDS7h8fhhsRgUVuRHmZDcMkA50gdqoIPzs2qrtI5p3qWWISaL7Ji_quzlTplxfOAdUIK2c1WxQaKY4DqdYHQ&cid=CAQSKQBpAlJWPcRquzBEQJHFqpt971nptE_I_sOHVBE3pGohbYVQCeD-mPH8GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=5628051520045561000&adk=1761367587&idt=146&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5171398ce719dee36981f906cd671e5edf5e0c80e3e6c6ff4bcc8637c4e5c023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39259
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5710 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30360
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 09:36:10 GMT
etag
48472445140208031
expires
Thu, 14 Sep 2023 09:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B455 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8099219606d194ca3d95d11568798a1aa902283ac9cdc90327c743388960d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2890 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
73657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 21:34:33 GMT
expires
Wed, 11 Sep 2024 21:34:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/15415463092317913147/ Frame A8C8 		1 KB
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:10 GMT
expires
Thu, 12 Sep 2024 18:02:10 GMT
last-modified
Thu, 27 Apr 2023 13:50:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 431F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0WlOagou2ip4gd2jSUQNSwddoZGr4NDxyNBZmZURjX_-9z8dv_Z3ZdBUPtEdkXm0p5bIq6ub3Jb7jLddXFYuoGbz4e9Q9oFLY4iBOEzYVq4sA0IgxY8Lj8as-uUHxrfpt186KaKeMoM8rCAJs3s1Dgx8I8EU4JBSQ2pP_I_aCYLol7zwt8oY3fY6VuYFZt1rkUhAgcKAfCAExYm7qaWcgxz1DPjZPpv9014dwzG3TCYe9a2fFQvyfSIUpNMvOYJeH_h7qWAQl7Frx-99xcWF0wc9uzSAGGXC2tdBa5s7C-mH1OW4Li2b2IPBkycl83Ku4L2Bjz4RMByPwYkYbRG-xUJZIuPLgGU0hFedd05sAUz-w6KYeyzr_oHfesd9UYYOT2Aotseyvx0RXCT9ljOvsOrIq00wu2LugLVUz1n-_aSeU23YlBj0K6CJzKnqBsTnuCMoidUEd-qxIrw7ulgUIhkALBgZENswAm0objQ8YdcJOWZHpl6PdOO7L6JWzfK0R6UoIWZHObrBySFB_z-CFFYD76T0BTStNwWxFuxRHAUsXMCSRM9ps2AN_oEEqs-Bb0i9qxWHnMMEjV3HN1ZrIFx2vzKI0oe61QYZdGTTjCGDN1O0bepMKXrNChf4SNje5ZaKHmTpX3I7nRjSQ99mR_xCV_On01-LIabogObsWyRFXlp855hgTfj7aPxzVruIkBPOfIQyyzTJAJcQJmf0TqS1rxC-zl_2gCkh-9ymbiSBy9CXfLo84VxuUcIr3eov-Lchjg3-Ux_Lo6eSQ8Cn9snM2hDPDZJAPDh5Dy7VdA43FdvTrg-WIsHOCGUxjOtrWVADOiO-AdgYGo1QVjNfB56rwJlN5gpe-96PmdDGXpvnHs9SauCh8EB57_h1Gt5JxV1WUkR6r1y3oAmn7VTBIrbY9jTvYd3NPKcJmOHAuYFAn6NVJAsMhJimRuO75EDHC4SitNIhuTZCxeg7ksjj86NIxh2Tpp0-7JfJLjUMr3RoRhPLDfvZvxwTf2DQmU_1LkLCe95JMYZwVMxyqRiZO4a0LoSBe-gsyGF8MoXiX5OtNW5AOXlJTXwBVIitfLNWOcdJ5zE5Z5IMVlI6UDOCDNiCaUKYwkqleUesCe1HnF4MH9JrbmppHleg9UViG_0A3Tjbs2AcpxAwWmcoeo1pYyEl1Cm-Y4dMj4T0-TYFLF7Pen7zlva8u36siHcDr0zp79scFdKVSoXeydxaRZTf3kP94zIh-QrVeW-CQLznw-MlCqLLivZL7dLWlWjmJeTcWeYoFzDHMa5MwgFheyQu-3eKZqG9T4MSee5Atye1YPRFD8Eh5mJ4Hzk3SImYT2OJRDw&sai=AMfl-YSGaYtSeWfoQ0HeIumuOgarNOahXw9r9w3Qw7HKg4mXlg20XMg2lp_JCrZ5RqfjdFRD_OH96X19Ef621huRx-o4uQlCX13FHeMhWzOtqiM2FJv0A3yUGH6HWPDbD_IgaNkxIww2lh3vpuVMFIr_ywS1-nHkRY-vq8vEuSqeRR1EohjfZgkpUplhQuyxtvl_eP4vJrpo6h-E&sig=Cg0ArKJSzDymu8hxsuwQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=202&cbvp=1&cstd=187&cisv=r20230911.84667&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
ai.aspx
m.exactag.com/ Frame 431F 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=370570562&gdpr_consent=&gdpr=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129149&bpp=182&bdt=154&idt=406&shv=r20230911&mjsv=m202309070101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3533330818&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31077789%2C44796632%2C31077719&oid=2&pvsid=1497590874737874&tmod=739851348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7041a4hvn55q&fsb=1&dtd=419
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Wed, 13 Sep 2023 18:02:10 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 13 Sep 2023 06:02:10 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1119
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D715 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
73657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 21:34:33 GMT
expires
Wed, 11 Sep 2024 21:34:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 5710 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA4MnqtSNENf5atFCBMOz7Q&google_cver=1&google_push=AXcoOmSWs0MTbO3aVY_bgNiEmioInjwgQbcToRztyZFy07znbf_kEy2aC_mpDBMqH_S_cL7AzvDCSqH_gqhzQWoMMGFTfWz71ucP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 5710 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPQAMPDR72gV5AxDHKhAHOg&google_cver=1&google_push=AXcoOmSKtmqo04l21SoDxX-1bgNwsAi52PzR1ryGsOFQ7h6C64AyPAil0Eo7q113J_aN7nLUNeHA4kLbqlmlUQo0_WAbkW_amU-Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
usersync.aspx
dis.criteo.com/dis/ Frame 5710 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSZBQMOECVDFp6Y5Ww5QumIld4i90QRQluBOPLahtNDGCK2g11HW8obvpY6yaAVOWhumWs6i5W5w2_Z7cJXW8C8qoDB8nqY&google_gid=CAESENRPR8R5j4aCxcV1EnM86Ts&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:09 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
180650
expires
Wed, 13 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5710
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMsBU5d6IIYRoenXsObeUcs&google_cver=1&google_push=AXcoOmTuIewVfMHvkz7tt7ekkF2blh8Sc38ONP8RajAVGJZnX2j6Tu-DZ8wKBdqWixZcG_sKO-qci2eA...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMsBU5d6IIYRoenXsObeUcs&google_cver=1&google_push=AXcoOmTuIewVfMHvkz7tt7ekkF2blh8Sc38ONP8RajAVGJZnX2j6Tu-DZ8wKBdqWixZcG_sKO-q...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwNDQyMjI4NDc3MDczNTEzMA&google_push=AXcoOmTuIewVfMHvkz7tt7ekkF2blh8Sc38ONP8RajAVGJZnX2j6Tu-DZ8wKBdqWixZcG_sKO-qci2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwNDQyMjI4NDc3MDczNTEzMA&google_push=AXcoOmTuIewVfMHvkz7tt7ekkF2blh8Sc38ONP8RajAVGJZnX2j6Tu-DZ8wKBdqWixZcG_sKO-qci2eA9In-xYXknvqNvp4v_G9L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwNDQyMjI4NDc3MDczNTEzMA&google_push=AXcoOmTuIewVfMHvkz7tt7ekkF2blh8Sc38ONP8RajAVGJZnX2j6Tu-DZ8wKBdqWixZcG_sKO-qci2eA9In-xYXknvqNvp4v_G9L
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 5710
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDqvcRL3Si_Gj89gqzjpc5w&google_cver=1&google_push=AXcoOmRLA6-fyHWTOEfmCQAHAV26dDsmIn5HHV6jYGRpyAnc1kLtZgEC7TEoOXglP6p_oaGuN3CwTUtTNhTs...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRLA6-fyHWTOEfmCQAHAV26dDsmIn5HHV6jYGRpyAnc1kLtZgEC7TEoOXglP6p_oaGuN3CwTUtTNhTsdyvw2YEiL44JdOqc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRLA6-fyHWTOEfmCQAHAV26dDsmIn5HHV6jYGRpyAnc1kLtZgEC7TEoOXglP6p_oaGuN3CwTUtTNhTsdyvw2YEiL44JdOqc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRLA6-fyHWTOEfmCQAHAV26dDsmIn5HHV6jYGRpyAnc1kLtZgEC7TEoOXglP6p_oaGuN3CwTUtTNhTsdyvw2YEiL44JdOqc
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 5710
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRvBfvoCh-xMVLjQMW5Xbumka9LBSd-27-hgFHy4h6SIJqhNwT3IOYmDKbqOnqTUPF0Nn5-uU9LhPsQX4SEGY6GmpQyRn56&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-ec865b95-2aa8-4893-9fb6-5d7098b436ae-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRvBfvoCh-xMVLjQMW5X...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRvBfvoCh-xMVLjQMW5Xbumka9LBSd-27-hgFHy4h6SIJqhNwT3IOYmDKbqOnqTUPF0Nn5-uU9LhPsQX4SEGY6GmpQyRn56&google_hm=A-yGW5UqqEiTn7ZdcJi0Nq4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRvBfvoCh-xMVLjQMW5Xbumka9LBSd-27-hgFHy4h6SIJqhNwT3IOYmDKbqOnqTUPF0Nn5-uU9LhPsQX4SEGY6GmpQyRn56&google_hm=A-yGW5UqqEiTn7ZdcJi0Nq4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRvBfvoCh-xMVLjQMW5Xbumka9LBSd-27-hgFHy4h6SIJqhNwT3IOYmDKbqOnqTUPF0Nn5-uU9LhPsQX4SEGY6GmpQyRn56&google_hm=A-yGW5UqqEiTn7ZdcJi0Nq4
date
Wed, 13 Sep 2023 18:02:11 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXec865b952aa848939fb65d7098b436ae003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 5710
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHFrQz9W4BLG48VBvLxT0MY&google_cver=1&google_push=AXcoOmREUSHUvDWzktYpHWOwTRkzwKWNqsDnBzdWKjJWzKO-NU1Lb77WxdJqQX-VwmrLZfWp7TQb4308EBahnnZhkmKopK4kTGM
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmREUSHUvDWzktYpHWOwTRkzwKWNqsDnBzdWKjJWzKO-NU1Lb77WxdJqQX-VwmrLZfWp7TQb4308EBahnnZhkmKopK4kTGM...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NjMyMjUxMzkzMzIzNDEyODgz&google_push=AXcoOmREUSHUvDWzktYpHWOwTRkzwKWNqsDnBzdWKjJWzKO-NU1Lb77WxdJqQX-V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NjMyMjUxMzkzMzIzNDEyODgz&google_push=AXcoOmREUSHUvDWzktYpHWOwTRkzwKWNqsDnBzdWKjJWzKO-NU1Lb77WxdJqQX-VwmrLZfWp7TQb4308EBahnnZhkmKopK4kTGM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NjMyMjUxMzkzMzIzNDEyODgz&google_push=AXcoOmREUSHUvDWzktYpHWOwTRkzwKWNqsDnBzdWKjJWzKO-NU1Lb77WxdJqQX-VwmrLZfWp7TQb4308EBahnnZhkmKopK4kTGM
date
Wed, 13 Sep 2023 18:02:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 5710 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfDymlulg_9FaGTrtyLPID9GeEHYBGqAktGL8zEwNvqEapTqejJbjs0sSXX1l26E6xhU1o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046729&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129277&bpp=198&bdt=197&idt=445&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3013771702&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077704%2C42531706%2C31077719%2C44796700%2C31077838&oid=2&pvsid=1361259775491942&tmod=261016250&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.lvfw8yt9yxdj&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 9457 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9F6F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309060101&jk=421810002138787&bg=!FBelF1jNAAa6D61Rmg87ADQBe5WfOAFDVFRsFHGvlGiAlSmXr6-YW7KKXS29SjY1clNpsnn4SAowP-wwFJX1gZm0IQzlAgAAAKdSAAAACmgBB5kDApK0AxF-4E-4iVQeWhrj5sW0mgG4FRJd0xwdTfPKef6gS-PRtiY0ArF3mUSeseloC0K2c2yXXek9fpVxmx7UBmSrI2tSclSk17CGVPkgUet3mUPKM8-t2mJhtphhQrv1npGOUrqHL9TuDE_lbNMw05YKB3AVPlIwv-Gyx6VHgg1yJfYNrwMVKc6gveMWK42FOFpDOCuwGE9D0Pf_hzM1IwRMSALyBCafgg4_0vcEkyUnFyBbkmXviJs_ZRsJ1_ZsrlzCOOaVmy3OBj1d7VKv0cN0wpVgICWvFY3OwiS7jEd8dgZhKRhGbu2vZkvmZ6N3R005CdDcP_bpq1XbHo5itwKgqUVAbbo7jx3_O2-h4bqTCHzlkRH0li6pekKQ5upfCeWMAnNNP4IDoUXXloUoa7WUj277Nj3XRlHC2mGbM1d_jdKEFjp3bEzveMVv1EEC3QOUeRkSiTc417PDMcMZCf5Xhjt6ZskJ0KxfLpCLO2TOW6H5EjcLTCQsqKAVUza-Sjc0dL2AUsKj51sA0XnF99mbe-wMC4d50DHKdBmbAL5G28bw2XkAOleIWjpU7AmATikfbYLuLvTh_-7puNIS-Ki9c7koEZBjkLAl2TJ6L9lOmB3uyT3aHbVqSKofj4gkgbikl5PZcooHcu1lpCRxRSHateZKKKQBnkU7V1zBAz73uRX5zUEaHdBgjBak3r15OLjsV5-7gLOhGJfzNUDM0NwMg6jtlhjmAYehlievoLKnaQfd5Z0OPW2BiYYS8ga7fZl_jjak3DfkRai3Q0Ro2TFTMPFDCx9elioRlXVjr4IAAjL-qGJlx4qPnI1Srka_vnJ1WC0FeGuKOjdNx6-cls13LKFVlhx9vAH2JrjCXc5SeC-tyVwhN3Up4ntoGGDTBVbj7CSM2M5n_ZUgOyqpFbO5LU5KdOTYnaRdcNsOpo2EHMqeikrpEKiJGn12dWrvv2C-rJaAaeslcdbHcww1PKCxYkf_wTUi6-EG-LeRvTvQzMLxhJcb96ZFQE2Tobb4X9PJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
index.html
s0.2mdn.net/sadbundle/15415463092317913147/ Frame 7E4A 		1 KB
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:10 GMT
expires
Thu, 12 Sep 2024 18:02:10 GMT
last-modified
Thu, 27 Apr 2023 13:50:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B455 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDly5P3TMdnsn1dWIuPtMtcMZsXgoNFEZBvHbtiEkt_wXsSmBCsNvXOEeKYhhXRBmgAxPUndp5jib4fe1ZG_D3plOWB0_sp7FXf9tTVscr0qCQuQRsLwNMU1k79Cbi9TliljFrsDHEl1r9HaPEDziAuzyVBumsbba-bhm7D_Y5df9O-D6uIVtEAyok1dtFrGfCUYxr1LU3YQteK9tOZwRjIXqEE2MOkJ7ire5gZXtwoATImyD3cpPM5ahMnmGaTMh1uw6UgPNkIpDT6kgBu6gH5LVlMCsXFOfUDy4-CqaN_QRNPjMzE6VnYdZeRKKmRMbT3W-sebjiLW5paI3sXEZVoULOfFvRd7odrFVCq2gXA2SQNen-yWfjAenfe4SdDEld-G3RGEqjiUEW0o4VFKQoc0Z5LmnpFMCNZouVYOb1lirfmx6p-MTGyGgtgcll2KAytsBfkOMXeEUym0S4Hdn3zj6URa-v4bTrYdgY8BFDGtwNqApPvYUrrkweL_Qn3eeUfstO32IRuqPBHRmpii5B1TNeGtjyZ8pR1c0KSOHbbGun8tLdVEPyuJI5jRDUG4CMw2rEn4mcSJp3KsGPoFJvSs1YPFLTjaoimoLOGab8cg5tzDdpZ-KO4jWZJSDCl4NyfcgHmlwQ5yJo6Nbi_fTJA8qpLSIrNFHa3iQhpRioYvq3e2z-KK9jUi2LEqt4LhK0EUxQayOlDO94rUE8-bu1Ae_fOsW85CRRvAZ51D013KCXoaabkMKEmp6aCsRdpYOXlozPfEuvfe66Wn3BsOKFNEUZSF3fU-nwJTnNlbnF_wHj8xxlbewBPdF116GtrhCRqnuzDAEVhSb75YJdkpNhxM6U51Yd5i-c_iufeJ67qeMH1jUn7eiG3bzQIwHAKBO6HRkKvQPedUROf_JGgCq92X9zD9bepMTr392ciGd3-j0ps4a2EuyvI_7BU-oTKOV3-0PpF53IysMr9ERXlGwTTo7LNY4HH75gDzwqnvg6ttL_xsocRpFhWTXcvVY-zJvIr0AYJ5yZTkQRBgR77pyu3arUunZwJropqI4dipBzV9qyjCt3rIp147cxyYEFDWG0d4_OFVqdFGOClBhi7jXLc7oJpxde8Rftl5cRNLx5g4IcXvQjZZzofRt7XPGhiictildbWE_5u639tT3HP6x70VrkN3OAj3BjSzX1vHp3_1pB-kfuaHGZ09Q6szxBWKt7E77c4Q_kc7F90F_7zxJcwVugfuxIxifkJlh_qdYhlS6UA32riNVktMvp7JO8P4t_21AfMmkYGe4WflxhMHMVBxgdfWZKvH1sLAyjHKoofisZMhQ5vwCDdT4KfQjaCF6XiAY&sai=AMfl-YTb-0TOBKVA9FRwoou26YCB6mEXvCqV5Dwqt9fXbdUwL19h3iwKEfG4Vx0G9LgmNzhqHrjx4bCB_Bpcugc8A72WMVIL5YeUBwnbRu11LeNPMg1BfdSNNUsHWb3TEHFrCCOMFH42DBq6WMF_nvixcSlOO_IsNRC7d5MrtIUNqP1Axa87PFHPl4a7evodxg0vkZWUwQz1fAr3&sig=Cg0ArKJSzJpdyK3Hs8FHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=156&cbvp=1&cstd=146&cisv=r20230911.76085&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
ai.aspx
m.exactag.com/ Frame B455 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=370570562&gdpr_consent=&gdpr=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 13 Sep 2023 18:02:10 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 13 Sep 2023 06:02:10 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
request.php
hal90009.redintelligence.net/ Frame B5E0
Redirect Chain
  • https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=c3354bd77e&subid=&uid=26acc5b90e959c7f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=c3354bd77e&subid=&uid=26acc5b90e959c7f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=c3354bd77e&subid=&uid=26acc5b90e959c7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR-epIfkBZbvXLc_E7gOisKzwD6blvaBpnZycp8kP8C4QASDTy84wYJX68IGMB8gBCakC9j0qZY8Csj6oAwHIA5uEgIAEqgTwAU_QyldnXDOMSca-BYIZxUFi3-WbzexovxWwvow4J4wCd2ymw8DYv_Rzm3cwWxuc6ToPjzWEVI7-0TNJ0uHjnhpzua5c-qeyopvrd_ky2d4ipObZw7ilNxfHyMjTxe2mFgxl1hRhW6oVmhd5XDjX7taKfJhXoxW_RSDTbItz06IQ9TABO87ZfUPlLoxxT9yQywTq0sG3_wG4vWTufV-lA0m7J-bsC3qdLswDuXmcwFeyQI208ftYtxWX-wlGTseGFohbHrZPRteJBz7aX3qyynuKjhuTzHAjL0-FYzvocS-neFHeuIFc6Yd715757-ewpcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI--vM3ZWogQMVT6J7Ch0iGAv-EAEYASAAEgLk_PD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWYJIi80dEK_vGcM8F_yQnyYwT82NyEY8MC_BzpHt8Dcbz1DTTGAE%26sig%3DAOD64_3RDD1GJNG6Vs2RVzb3zmRiipeQcg%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Da2fTOCxtqrOMj04BD3sqHtB6zSWoAKTzxPR1eGx0J4iN6F41IxI9RMK1t0YE1wBs015fSXPKNSZ6HMczUZaIF9_6nxWgb64V3ITyeivOPVksOsk_Hu97ybSAUwOl2nqTIVXy-78lBltiMv-COQ2OuP3CSf8OLAgFUA7h4bU4H8Scitj8%26cry%3D1%26dbm_d%3DAKAmf-AI8CyBFDQwLUNJLUs5tFW1k68Un7D8iDTW2YfO-FUCxS4X94Mh84aLG3RA43WgWrnay3hu6RKTyi2Dh1q5pk7jYGniJMiDMnrnkZrP_lyBHgWaRZ3K2dQiJ2sCFS8EF8lICrZyiQOtIah_sC2QG2rp9p2_npCqLqjxTZ1aiM58G9IRQI-mSJ8DpiQ6BZQCpoNZ0isCdgWTvEyX4QIdu3CpaD1xNhR81SBJazfS7CokFA9pyyymgHWvV3umgHuwDBmF1Dz7-fw_ms_9v51S-YxozYw_8f2rBMBl3qLFuhfMTZ8Gw1_xZo61KjNLMBjNCB5RD-Rkmd84Nl7lLbGQku4P_jQrUGAFwWw02FmNIwOFIy8Yv2MqSCS8k3uH0nOHnGpcjpaBEokfnSAovBzrAwG13JsUTmYkJpztyLzmwuzQN9zhgX1NllVJQV7d1Cp6MQEf2H8zhcAIsHZDlK6drKLO5PTM_TessLABIYsm9b2sxe6tFTYeVr03FfDKsR54Z91AcTBR6FuSiV_JQZ-1Qti2vYCPPW1lEz58w_RSSj9jsZ2V9z9y-qN8wMvKhtOVaR0zEPdH4jlBB3TDTVbaUn_-3ueLsI8ftsdx7fKCX_-g8c2iRa0%26adurl%3D&documentReferer=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=1827392145952&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
82176ff8e8fd00cc8e0bb14b0512821df445e687933e2bbbaf9f2d885f7fa12a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Sep 2023 18:02:11 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
29610800146378504444556012446009
Connection
close
Content-Length
1328
Expires
Wed, 13 Sep 2023 19:02:11 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 13 Sep 2023 18:02:10 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=c3354bd77e&subid=&uid=26acc5b90e959c7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR-epIfkBZbvXLc_E7gOisKzwD6blvaBpnZycp8kP8C4QASDTy84wYJX68IGMB8gBCakC9j0qZY8Csj6oAwHIA5uEgIAEqgTwAU_QyldnXDOMSca-BYIZxUFi3-WbzexovxWwvow4J4wCd2ymw8DYv_Rzm3cwWxuc6ToPjzWEVI7-0TNJ0uHjnhpzua5c-qeyopvrd_ky2d4ipObZw7ilNxfHyMjTxe2mFgxl1hRhW6oVmhd5XDjX7taKfJhXoxW_RSDTbItz06IQ9TABO87ZfUPlLoxxT9yQywTq0sG3_wG4vWTufV-lA0m7J-bsC3qdLswDuXmcwFeyQI208ftYtxWX-wlGTseGFohbHrZPRteJBz7aX3qyynuKjhuTzHAjL0-FYzvocS-neFHeuIFc6Yd715757-ewpcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI--vM3ZWogQMVT6J7Ch0iGAv-EAEYASAAEgLk_PD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWYJIi80dEK_vGcM8F_yQnyYwT82NyEY8MC_BzpHt8Dcbz1DTTGAE%26sig%3DAOD64_3RDD1GJNG6Vs2RVzb3zmRiipeQcg%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Da2fTOCxtqrOMj04BD3sqHtB6zSWoAKTzxPR1eGx0J4iN6F41IxI9RMK1t0YE1wBs015fSXPKNSZ6HMczUZaIF9_6nxWgb64V3ITyeivOPVksOsk_Hu97ybSAUwOl2nqTIVXy-78lBltiMv-COQ2OuP3CSf8OLAgFUA7h4bU4H8Scitj8%26cry%3D1%26dbm_d%3DAKAmf-AI8CyBFDQwLUNJLUs5tFW1k68Un7D8iDTW2YfO-FUCxS4X94Mh84aLG3RA43WgWrnay3hu6RKTyi2Dh1q5pk7jYGniJMiDMnrnkZrP_lyBHgWaRZ3K2dQiJ2sCFS8EF8lICrZyiQOtIah_sC2QG2rp9p2_npCqLqjxTZ1aiM58G9IRQI-mSJ8DpiQ6BZQCpoNZ0isCdgWTvEyX4QIdu3CpaD1xNhR81SBJazfS7CokFA9pyyymgHWvV3umgHuwDBmF1Dz7-fw_ms_9v51S-YxozYw_8f2rBMBl3qLFuhfMTZ8Gw1_xZo61KjNLMBjNCB5RD-Rkmd84Nl7lLbGQku4P_jQrUGAFwWw02FmNIwOFIy8Yv2MqSCS8k3uH0nOHnGpcjpaBEokfnSAovBzrAwG13JsUTmYkJpztyLzmwuzQN9zhgX1NllVJQV7d1Cp6MQEf2H8zhcAIsHZDlK6drKLO5PTM_TessLABIYsm9b2sxe6tFTYeVr03FfDKsR54Z91AcTBR6FuSiV_JQZ-1Qti2vYCPPW1lEz58w_RSSj9jsZ2V9z9y-qN8wMvKhtOVaR0zEPdH4jlBB3TDTVbaUn_-3ueLsI8ftsdx7fKCX_-g8c2iRa0%26adurl%3D&documentReferer=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=1827392145952&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 13 Sep 2023 19:02:10 +0200
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C8D7 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 06:26:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/ Frame C8D7 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cb1Oynt9dpb3FmYaQ6KfyWmvIbaNpM-laZaitOj41pJN25bzDkHxcHHPJpVRW9ExyolUzBVDV2se0Mb7q5QtMxrsJRCOroFp5bQteJoroDmu5Ccaw1SoWWkI-DMJVouI0jiAXrKL5gJO4V60hHQZif-1l8hK6ka_StYwqeMD_M8gTuqTs&dbm_d=AKAmf-BftZNDGqEuatwkys3Z1xgcMZYtOvByT6je7Ho7KLvFW266YjCbqCOC9NCcvMg5OxPSRfDJy9a5cWqOJwg6fQjmTYsp_g_5e-y3t0-qCmnThAdxyaJAIRapa97c_Gy9uOlzqRAkkHW6JResVDOTUCb2x340Wo5q3k7gCC9pCns0AI1ZuqWRPNDdE3rqQDPDtpbNZG5qzk2_uuKMhnoKgUtoqJfOMdpyJl2OIxR5KUitur3NDHILz-vPkGe6C2gJB4NTStKvglJVmxci-sJ0UoeJp_M5wY03ElB0HTnD93qRq9ky51SOqUHJiXnE22Vfv6zWyWcO8k-AmWaElSKpMzGJigQxaYSSpOI7O7KhBN75BgeX8j7IAaXgiuPRZpjkKQni6vRhtnL9hlVi2-_hLgK37HbMZtwgANtYs56ZDo2RPFvntvJuKuJPpgMKCy6vde3-UPenoCXykhcOBLVhIix5PLa_CIp6bjFEdAbwojQpP-2lH7GfUkEA3e93uC0Ef-eq4jIXryui8DNfaMewdP_6KWHrytBLTK6VjUdWPipyaqGbqPYAduELGqv5uafx8ssQfV6tx9F7LSp2TsgEf_wx5ZvbSBQ8AToZE13R1FfxwZa6mbY3Ha71c3rFlFp96U5Fk2dljKsGe0uALm_ZJkhcJGkbwP60I5fw5be1c6dBDDiPfqiUIh9xukw2l5XNO11g306BZzW6wA1y_lJkDXGaC9aUaIi_ig-6ImwVSeNLl5GII7w-cqccxvV3OQU-JFP8nqITHKw4_3MJeOLAISpdKI7aSVJSbMXZuWeIjIwiYO-8Cf2VhneWKf5c-2B9YRVweZWqnrvZlT4x2HJTHkqE0KazohQLgdKRPOBTaVpSble2gf9PcdgzxEZuKqmUXQlVWcFbxgNccmMQOV9cXAzqPuYrYn8GwFCIvX8qyOPgGMNE0utX1ubFUZQ01YSjbPmiLqUM7BD2YCNOfQMdBK97fhdHVn5jU8Pe_guMETd_lDDt3O7yczzZswNVqKLHYUqnDcBbCZ1qp0Fs68cIQygCTrE9-sUnwGBDGELVD9D1hQfGpsChYuS1futpM2uOFdhoSdQpYu90jrBVhyFwXNYDh7go_MqW8wf40yCpXu8qcdNLmbHleRJi5tenXymEgEZUq96ovseWrPL9pl6u6ptMeMEjOGS3cYJlb88__SuBDSU7VZvGMd9vQ3Vq0eRR5GdBTStUu90MfVC1aKYkEe7vrRUczuxZ-A41rUrGDkkxYaedkWQRhvff351BK5jc_3yRwZWT_iZZH_of2D7goxxCYEPeEvtZUMBD7QUUg_09KTuff5BO5NDpHBp1wd3hGHh5sQwFCQt5YLeBqWfWMHmtqcq2qLHdPC7rRl21OWmimI0dqhRUwxLZQXCOqxmh5oD9Dtrs_L0DHHzsQsWR-umuzoxygxMJyGSEGqb8MssRIVP1TsijeYCLejtlWujWRNvOktkYSZgDuq_SRdKeE46dhMesyhqBa7izdvCb05QZjniyZPhrB-ar_01TgwUgVpdygIHgICoKUVBZcvgIR0XKlQeG7faW6kxvQITeicGUhOt50fIRUMAk9lOzbNLS1i0c3E25PT_8H1WiR2KptjARlhN9nqq-8H_roqgbXsS4xKaaeIZbViTw76OQgUF9x_N79Mrzy5Pvq3tGHszXACTCWdpv_mValehZsPrptndrVeRFyQyzZwMlO6-_nYzXdqlzd_MLwvraG65rhczFvCVYGhTQ4gNd1dWzeocx8IfGMvaUv-9fL02NEr72K1AbPsgrOzibbZCGVw6BObcs9R1REuojfvGMiycz-WnT5UN575evPWIg6c-WuhLRkNjbVtEX9cFY178Lt_SEsyZdb64V3LXVWnItskD5Fg05huOs9yF9mIvkRKqLr2tsq_f7qQYnZtMFHk6c66VCDfHT4i2P2kzlkUO-L-3P5AnFAM5iCx4rP7oIAeZlpHSqHbvkjeA8Gz09g9GmyBHQGe7H_2pegtWZSXOz-Qe1Ve65CD3WZuB-roO-4OR2VAFyXVBF7Crf9MMzRpQqztiuxnffln9a4gojnW_nyVFMdMP3jfaZtO2tSKu4GEdZ32OD0tKicvT7gRkXqmfVryyzyznwC29DtZhMI5kh7NmH6p6wRvyJp6yMR44GPgrydWF5Qf0cRiXtt4S9TBBAouPDbsKMRmPu7ieun9z3d_QhYIrnLBnpmloGFsRpMMxdL6l5qFGX2OPGqQEvLAkSL_adP0w5_uGIvrzYKS708ZlOpx_w774UnQs8MCfFrFNVqKpR5ARq-uLjgtC7et6P0Q9LpSE6mDjLMoaEFXFIJE2PpR1lN1N_iv_dqKk7BbVsvOBScBVKo844ggo-iqIUvhVYSg3tMfhBT8X7nftJchYt0Y541LeztQlRpIO-pFX-jV8ebXZ9PHz2VvZV3qzs4XX0_ODy3vCFvOvg5xnAu-DxR95Pcaa0SB1_eKaTSpJ46PLx5sNmkMwaL-QZK11dY4fPZVtQC0RTVAfGOLh2jtPAbaQAZ-TkpVRBdbdk-gddbsXDj7Jb7LdgIvk2M8ArKf4FES7Iu6eeyCfP03OF79BXHGtxvIliryFc4ZDM1qgmgNyz6CeLOLo_PThr0rAicpyr_AoQ2wadefWKAfrdYoCDQTIc76bqaUojSRa3JaSZvQ30BrHEzWsQ6TEq3DWseZLe7zx8I3WnTyw24sC0DPyN99dIfq2Bc18-fYHE5fmoa_K8LpNK5W8YXdxOCFJGOrgrgJTMglXZ8-N_ctAjgjgOmi1EqBSyB1yf_VcO-K1XKZYRl84F_CKvRO3xRTEJ1t5O0xCF7eUG6sw2UFgaM4HSlCPDL2qyekJntRnQD31BGmVCES8B1mY2VMuSG0zpiMzfmWleEmspXq2CnqXeKw2saiyofmsvZQ7yxnda693M5x8EFc-FTJCY8_ItzGAWG9wNEq_hjq7NtU7LliCSwSqUkUCBXQx9W2xnlV3HVAej6mIEKlc-KYkvEoLbWoENTnPf_iVvMnzxbYMcQfRWNg5QyuqXrafM27yUdO3bTVQDAxWLhr_HtHBS9ylvT1rIRhGYa50xh3-ahobqKVMwYQ1CmVvXGTvNn6VBsORus-Xn0MckqxaJzrvWGt5kQvEjBR6DYZ1uPaCywiJG7BXZVrDIv0-howVg7b3KxjSS3e4vRTI_LRTxlHm-6p0h2WIQH6HeWSrX6LPG31I-oJYyGjYuxC81Y17T_tUbmbFXMoG4PVkYdb8ECe4jJrl27hT_TlII3btmK-AHp9aMtypdOweUgDw8r8PYThbTCDEXSE6bcAuQZp-v6_tamHkHHVP8l7azV-hjZKi5vNr8Mx9HCgiy03WbetjN8oM9UHNbAcD331mO5LhSIj6rpK4kRyHC4UrswRxFDE65NWoF5DF-30ceGAatKk_lq9Qhyb_YixCSPgCTIljlDcKnacry4eZCu8WMzVIVoa91mRql57ztlO54RpFtCgc0A7AKXxEyjIFeUc-zvgOcuOuseAlaEGwDS7h8fhhsRgUVuRHmZDcMkA50gdqoIPzs2qrtI5p3qWWISaL7Ji_quzlTplxfOAdUIK2c1WxQaKY4DqdYHQ&cid=CAQSKQBpAlJWPcRquzBEQJHFqpt971nptE_I_sOHVBE3pGohbYVQCeD-mPH8GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=5628051520045561000&adk=1761367587&idt=146&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
15126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:50:04 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame C8D7 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cb1Oynt9dpb3FmYaQ6KfyWmvIbaNpM-laZaitOj41pJN25bzDkHxcHHPJpVRW9ExyolUzBVDV2se0Mb7q5QtMxrsJRCOroFp5bQteJoroDmu5Ccaw1SoWWkI-DMJVouI0jiAXrKL5gJO4V60hHQZif-1l8hK6ka_StYwqeMD_M8gTuqTs&dbm_d=AKAmf-BftZNDGqEuatwkys3Z1xgcMZYtOvByT6je7Ho7KLvFW266YjCbqCOC9NCcvMg5OxPSRfDJy9a5cWqOJwg6fQjmTYsp_g_5e-y3t0-qCmnThAdxyaJAIRapa97c_Gy9uOlzqRAkkHW6JResVDOTUCb2x340Wo5q3k7gCC9pCns0AI1ZuqWRPNDdE3rqQDPDtpbNZG5qzk2_uuKMhnoKgUtoqJfOMdpyJl2OIxR5KUitur3NDHILz-vPkGe6C2gJB4NTStKvglJVmxci-sJ0UoeJp_M5wY03ElB0HTnD93qRq9ky51SOqUHJiXnE22Vfv6zWyWcO8k-AmWaElSKpMzGJigQxaYSSpOI7O7KhBN75BgeX8j7IAaXgiuPRZpjkKQni6vRhtnL9hlVi2-_hLgK37HbMZtwgANtYs56ZDo2RPFvntvJuKuJPpgMKCy6vde3-UPenoCXykhcOBLVhIix5PLa_CIp6bjFEdAbwojQpP-2lH7GfUkEA3e93uC0Ef-eq4jIXryui8DNfaMewdP_6KWHrytBLTK6VjUdWPipyaqGbqPYAduELGqv5uafx8ssQfV6tx9F7LSp2TsgEf_wx5ZvbSBQ8AToZE13R1FfxwZa6mbY3Ha71c3rFlFp96U5Fk2dljKsGe0uALm_ZJkhcJGkbwP60I5fw5be1c6dBDDiPfqiUIh9xukw2l5XNO11g306BZzW6wA1y_lJkDXGaC9aUaIi_ig-6ImwVSeNLl5GII7w-cqccxvV3OQU-JFP8nqITHKw4_3MJeOLAISpdKI7aSVJSbMXZuWeIjIwiYO-8Cf2VhneWKf5c-2B9YRVweZWqnrvZlT4x2HJTHkqE0KazohQLgdKRPOBTaVpSble2gf9PcdgzxEZuKqmUXQlVWcFbxgNccmMQOV9cXAzqPuYrYn8GwFCIvX8qyOPgGMNE0utX1ubFUZQ01YSjbPmiLqUM7BD2YCNOfQMdBK97fhdHVn5jU8Pe_guMETd_lDDt3O7yczzZswNVqKLHYUqnDcBbCZ1qp0Fs68cIQygCTrE9-sUnwGBDGELVD9D1hQfGpsChYuS1futpM2uOFdhoSdQpYu90jrBVhyFwXNYDh7go_MqW8wf40yCpXu8qcdNLmbHleRJi5tenXymEgEZUq96ovseWrPL9pl6u6ptMeMEjOGS3cYJlb88__SuBDSU7VZvGMd9vQ3Vq0eRR5GdBTStUu90MfVC1aKYkEe7vrRUczuxZ-A41rUrGDkkxYaedkWQRhvff351BK5jc_3yRwZWT_iZZH_of2D7goxxCYEPeEvtZUMBD7QUUg_09KTuff5BO5NDpHBp1wd3hGHh5sQwFCQt5YLeBqWfWMHmtqcq2qLHdPC7rRl21OWmimI0dqhRUwxLZQXCOqxmh5oD9Dtrs_L0DHHzsQsWR-umuzoxygxMJyGSEGqb8MssRIVP1TsijeYCLejtlWujWRNvOktkYSZgDuq_SRdKeE46dhMesyhqBa7izdvCb05QZjniyZPhrB-ar_01TgwUgVpdygIHgICoKUVBZcvgIR0XKlQeG7faW6kxvQITeicGUhOt50fIRUMAk9lOzbNLS1i0c3E25PT_8H1WiR2KptjARlhN9nqq-8H_roqgbXsS4xKaaeIZbViTw76OQgUF9x_N79Mrzy5Pvq3tGHszXACTCWdpv_mValehZsPrptndrVeRFyQyzZwMlO6-_nYzXdqlzd_MLwvraG65rhczFvCVYGhTQ4gNd1dWzeocx8IfGMvaUv-9fL02NEr72K1AbPsgrOzibbZCGVw6BObcs9R1REuojfvGMiycz-WnT5UN575evPWIg6c-WuhLRkNjbVtEX9cFY178Lt_SEsyZdb64V3LXVWnItskD5Fg05huOs9yF9mIvkRKqLr2tsq_f7qQYnZtMFHk6c66VCDfHT4i2P2kzlkUO-L-3P5AnFAM5iCx4rP7oIAeZlpHSqHbvkjeA8Gz09g9GmyBHQGe7H_2pegtWZSXOz-Qe1Ve65CD3WZuB-roO-4OR2VAFyXVBF7Crf9MMzRpQqztiuxnffln9a4gojnW_nyVFMdMP3jfaZtO2tSKu4GEdZ32OD0tKicvT7gRkXqmfVryyzyznwC29DtZhMI5kh7NmH6p6wRvyJp6yMR44GPgrydWF5Qf0cRiXtt4S9TBBAouPDbsKMRmPu7ieun9z3d_QhYIrnLBnpmloGFsRpMMxdL6l5qFGX2OPGqQEvLAkSL_adP0w5_uGIvrzYKS708ZlOpx_w774UnQs8MCfFrFNVqKpR5ARq-uLjgtC7et6P0Q9LpSE6mDjLMoaEFXFIJE2PpR1lN1N_iv_dqKk7BbVsvOBScBVKo844ggo-iqIUvhVYSg3tMfhBT8X7nftJchYt0Y541LeztQlRpIO-pFX-jV8ebXZ9PHz2VvZV3qzs4XX0_ODy3vCFvOvg5xnAu-DxR95Pcaa0SB1_eKaTSpJ46PLx5sNmkMwaL-QZK11dY4fPZVtQC0RTVAfGOLh2jtPAbaQAZ-TkpVRBdbdk-gddbsXDj7Jb7LdgIvk2M8ArKf4FES7Iu6eeyCfP03OF79BXHGtxvIliryFc4ZDM1qgmgNyz6CeLOLo_PThr0rAicpyr_AoQ2wadefWKAfrdYoCDQTIc76bqaUojSRa3JaSZvQ30BrHEzWsQ6TEq3DWseZLe7zx8I3WnTyw24sC0DPyN99dIfq2Bc18-fYHE5fmoa_K8LpNK5W8YXdxOCFJGOrgrgJTMglXZ8-N_ctAjgjgOmi1EqBSyB1yf_VcO-K1XKZYRl84F_CKvRO3xRTEJ1t5O0xCF7eUG6sw2UFgaM4HSlCPDL2qyekJntRnQD31BGmVCES8B1mY2VMuSG0zpiMzfmWleEmspXq2CnqXeKw2saiyofmsvZQ7yxnda693M5x8EFc-FTJCY8_ItzGAWG9wNEq_hjq7NtU7LliCSwSqUkUCBXQx9W2xnlV3HVAej6mIEKlc-KYkvEoLbWoENTnPf_iVvMnzxbYMcQfRWNg5QyuqXrafM27yUdO3bTVQDAxWLhr_HtHBS9ylvT1rIRhGYa50xh3-ahobqKVMwYQ1CmVvXGTvNn6VBsORus-Xn0MckqxaJzrvWGt5kQvEjBR6DYZ1uPaCywiJG7BXZVrDIv0-howVg7b3KxjSS3e4vRTI_LRTxlHm-6p0h2WIQH6HeWSrX6LPG31I-oJYyGjYuxC81Y17T_tUbmbFXMoG4PVkYdb8ECe4jJrl27hT_TlII3btmK-AHp9aMtypdOweUgDw8r8PYThbTCDEXSE6bcAuQZp-v6_tamHkHHVP8l7azV-hjZKi5vNr8Mx9HCgiy03WbetjN8oM9UHNbAcD331mO5LhSIj6rpK4kRyHC4UrswRxFDE65NWoF5DF-30ceGAatKk_lq9Qhyb_YixCSPgCTIljlDcKnacry4eZCu8WMzVIVoa91mRql57ztlO54RpFtCgc0A7AKXxEyjIFeUc-zvgOcuOuseAlaEGwDS7h8fhhsRgUVuRHmZDcMkA50gdqoIPzs2qrtI5p3qWWISaL7Ji_quzlTplxfOAdUIK2c1WxQaKY4DqdYHQ&cid=CAQSKQBpAlJWPcRquzBEQJHFqpt971nptE_I_sOHVBE3pGohbYVQCeD-mPH8GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=5628051520045561000&adk=1761367587&idt=146&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 13:52:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
14981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 13:52:29 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C8D7 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 21:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
73657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Sep 2024 21:34:33 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 48EE 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30360
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 09:36:10 GMT
etag
48472445140208031
expires
Thu, 14 Sep 2023 09:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 2890 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A8C8 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:02:10 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame A8C8 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 06:27:18 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7E4A 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:02:10 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 7E4A 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 06:27:18 GMT
3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js
pagead2.googlesyndication.com/bg/ Frame D715 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 08:08:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
122004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14740
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 08:08:46 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 05E1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
73657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 21:34:33 GMT
expires
Wed, 11 Sep 2024 21:34:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/13317140552759280862/ Frame F0C1 		673 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cd376d8393218f676b2307d0a61f4ad4755417507af59621dcffb426b719b5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
409
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:10 GMT
expires
Thu, 12 Sep 2024 18:02:10 GMT
last-modified
Fri, 01 Sep 2023 16:28:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C8D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKk4blm5P2aoHFGb1uJ-dZ-csi3xu1ee4wIGGLPx-tODqMgjY4zgJCyIUOIYMxbFeKq-ebNqUghhyOeaumvSXZ1w8UcgWkoISbv82ylOvw1atzK83PtJcVV01XCINjW4rChEPhioG98Y3_YJBowIm8z_r-R8rK-GX_UeHXF0t1LcSW5hjwWYa3MtpDUhw9SZzucYdaGYvpffcM0lRNsDJwM8PDu8D_eLZ3NTqFv2DHtr4aaT28IXXYF4pERHo08a7IpdbrNm2mPalcl-cglW5I7L7LN-MsG26nTReMTgqYXFFD1ux-v5gYcgHfZtkEQZeiuR9-R7DA2zKDBkYVLnFPg-X1kClJb_kw7nD-a1qeftcC3y38hsmIhBklJtInYT1d5BkHoMQqj2tIimr0YeYKhG-fqxHiw8ZVIBjjKsAE-92De8wkESrMY9tYIvRSzSNCpKQrO8Tvbjnr7GtEmjskHZ8IQO6mpBWqPvZKKdd8Msninjfv6GtHE_uN0kUMXArHJ-ZgBXHZUXWj4LG78_lnfFiRcSn56COhx1kR-P6bjbSE40nolH4Gem8xOoIg3lMe1ZGGHh4wya9C3o-XeoG0e7UTzIK_ypgMDPxxx6gipYN6RrIWngPj30lgP-5ukoVY-hFggZnDICyzny5bXp9EWhgmLyk53rjVeSEbKkrcbrDhsoho7ZBFbBUmQ6G0fyn657xffdW_CsEpJEDB1RgSX9TWEPOw3IxYlQ8YLqrvcC1hkoRnJ4WtfiDyLVcdOud-NwMY54dfNGatA2fBIlf6UxWUdpZoBi1JZiAuSlmf5RGWKkkhaQk363zuULb2btoRFWObJCMULFm-Ru5AOiaphnG4pMmK5foWuq54j6dLQcHZNuiTTJrv9EmtejEQmhTPWJLXZ4F02XIf7wMGNZOgN6sS77q7kbGA40ifQUzdLBivUYeuz678bQ5PW-EIwpDmxIbQqSHf-uT6Pn8QKr7i_nIn28IAOUQKJeqYd9kAzKGlVxPDYPg70sBqaD2hDkPAz0qxFSxsb1Jm5__XnUUWTOGVJgvG1KSsYKdlunQ87WcaxMfkN8u3fxDpML2ckYst6LrFu7zRly5SWvSyCyBPqafWWKqPG-h2J5hUPUHOKSe_C8b80zk9JL8Ubz9OaXFG-Qh_ttRE-WCQgxStPNRHVC8gofPj_wxcR2h8UXSZtn70zoYn8kvuX88o1yGpNkba0J6czxunRp5uDnqg_sZ6E-8xYhinv_dOcjiKDp3-fCBMd6duuBK-6Vpq9fljAVzOUogIw7MOaooks-nnCpE8S6_g0-DAtPFS5AZUt2yfduAGy9NgD6k&sai=AMfl-YSNB2yZULgN1xOBmC7RM8xEeJL5jrM-MqFNAcQBqVLh6SSmLllGFQrvvi1mh7hvb2mraRJ0DgMqqAvWekOSI1u7AKc3RSZkbHSoLeA94bKiV1BebE-_TpVt6osGFRmsx3sMrlIXYjvw2WQh2bqoxp5r6RjcehLjNOlsmu9qTWHChJvYWJYRHWmqGVH37lUC2mS0rT5PXpGs&sig=Cg0ArKJSzKTprtwpY8MREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=182&cisv=r20230911.32905&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Sep 2023 18:02:10 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 13 Sep 2023 18:02:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 431F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0WlOagou2ip4gd2jSUQNSwddoZGr4NDxyNBZmZURjX_-9z8dv_Z3ZdBUPtEdkXm0p5bIq6ub3Jb7jLddXFYuoGbz4e9Q9oFLY4iBOEzYVq4sA0IgxY8Lj8as-uUHxrfpt186KaKeMoM8rCAJs3s1Dgx8I8EU4JBSQ2pP_I_aCYLol7zwt8oY3fY6VuYFZt1rkUhAgcKAfCAExYm7qaWcgxz1DPjZPpv9014dwzG3TCYe9a2fFQvyfSIUpNMvOYJeH_h7qWAQl7Frx-99xcWF0wc9uzSAGGXC2tdBa5s7C-mH1OW4Li2b2IPBkycl83Ku4L2Bjz4RMByPwYkYbRG-xUJZIuPLgGU0hFedd05sAUz-w6KYeyzr_oHfesd9UYYOT2Aotseyvx0RXCT9ljOvsOrIq00wu2LugLVUz1n-_aSeU23YlBj0K6CJzKnqBsTnuCMoidUEd-qxIrw7ulgUIhkALBgZENswAm0objQ8YdcJOWZHpl6PdOO7L6JWzfK0R6UoIWZHObrBySFB_z-CFFYD76T0BTStNwWxFuxRHAUsXMCSRM9ps2AN_oEEqs-Bb0i9qxWHnMMEjV3HN1ZrIFx2vzKI0oe61QYZdGTTjCGDN1O0bepMKXrNChf4SNje5ZaKHmTpX3I7nRjSQ99mR_xCV_On01-LIabogObsWyRFXlp855hgTfj7aPxzVruIkBPOfIQyyzTJAJcQJmf0TqS1rxC-zl_2gCkh-9ymbiSBy9CXfLo84VxuUcIr3eov-Lchjg3-Ux_Lo6eSQ8Cn9snM2hDPDZJAPDh5Dy7VdA43FdvTrg-WIsHOCGUxjOtrWVADOiO-AdgYGo1QVjNfB56rwJlN5gpe-96PmdDGXpvnHs9SauCh8EB57_h1Gt5JxV1WUkR6r1y3oAmn7VTBIrbY9jTvYd3NPKcJmOHAuYFAn6NVJAsMhJimRuO75EDHC4SitNIhuTZCxeg7ksjj86NIxh2Tpp0-7JfJLjUMr3RoRhPLDfvZvxwTf2DQmU_1LkLCe95JMYZwVMxyqRiZO4a0LoSBe-gsyGF8MoXiX5OtNW5AOXlJTXwBVIitfLNWOcdJ5zE5Z5IMVlI6UDOCDNiCaUKYwkqleUesCe1HnF4MH9JrbmppHleg9UViG_0A3Tjbs2AcpxAwWmcoeo1pYyEl1Cm-Y4dMj4T0-TYFLF7Pen7zlva8u36siHcDr0zp79scFdKVSoXeydxaRZTf3kP94zIh-QrVeW-CQLznw-MlCqLLivZL7dLWlWjmJeTcWeYoFzDHMa5MwgFheyQu-3eKZqG9T4MSee5Atye1YPRFD8Eh5mJ4Hzk3SImYT2OJRDw&sai=AMfl-YSGaYtSeWfoQ0HeIumuOgarNOahXw9r9w3Qw7HKg4mXlg20XMg2lp_JCrZ5RqfjdFRD_OH96X19Ef621huRx-o4uQlCX13FHeMhWzOtqiM2FJv0A3yUGH6HWPDbD_IgaNkxIww2lh3vpuVMFIr_ywS1-nHkRY-vq8vEuSqeRR1EohjfZgkpUplhQuyxtvl_eP4vJrpo6h-E&sig=Cg0ArKJSzDymu8hxsuwQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=594&vt=11&dtpt=392&dett=3&cstd=187&cisv=r20230911.84667&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 18:02:11 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame F0C1 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 06:26:50 GMT
template-489be870.js
s0.2mdn.net/sadbundle/13317140552759280862/ Frame F0C1 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13317140552759280862/template-489be870.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 16:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14187
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 16:28:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Sep 2024 16:29:27 GMT
index-be1f7599.css
s0.2mdn.net/sadbundle/13317140552759280862/ Frame F0C1 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13317140552759280862/index-be1f7599.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 16:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1385
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 16:28:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Sep 2024 16:29:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7764 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIDhJcgFnr6n9Hfh4N1vuH_VCLaKVQmL-HQuwIG-1rUE62KXaqMmoHCMc3UL53RrvyPLtItFPNKvBm2zqd00eQ4e_WS4MCrUaVpJlB8-1L6LwWZsrStqzkDWenJxnrUqvE8gxc7Y8ZG08UVjpjTkdjbJq5gqS-UC3AdxJZotD1PYurm_VEWJ-SW-IJTydambfdRxiOZtrvKzZgwtizCYs9IzKmxSz-B1yopSBlExhY7o6OFWl-7yGpEhrogum1xlFHxQxrG8O8j-V4JV3c6HtIKZzf6T598-7K866cagCKW2wdjvukPqoWDEb3ZNIewXy7GbkFIDG-DqdLM402y2dOaGCUQtyzvzv9zfBy1TOB0UI&sai=AMfl-YS14xtNq-5eufsVkE4OcthmhIgfaOBg-NRXOS0RPWRewEnAa3foY8FEFDnisc_3WgFDX3NjcSWis-c20FA&sig=Cg0ArKJSzGAQaBVQV9opEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 18:02:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7764 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230911&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com&bust=31077789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b16835431577149d11c330372b08ee079e17e4f90dc5cc51591ef2beccc4fe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11662
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 48EE 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPQAMPDR72gV5AxDHKhAHOg&google_cver=1&google_push=AXcoOmTUX5z2EAZF5OX5p8SM63n-cFC6eKXik8xaavaihnLKJ6FvWEAX1XHplqoEY6xJTBnbG-Wh1xOpH-Q6hsrf9feuY3WyDtYbKyCDV_8mkbnuzqueAaFB5UTqaknixc7olc79KHc4eR28mw7SG9SvAdI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 48EE
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJtj3sUbctyrSomMuOaMy2M&google_cver=1&google_push=AXcoOmS0SrRAm9q4ePghXPBJ6S-rNhnsU1W02bFXUmQseUsrJAuxB-rJeh0ucTgrm-GA5PryAyCfJK6l4KQB2Hz5eTY65VDUNa3YZ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=588C9DD8C329440E8BBCED6D0378EAEE&google_push=AXcoOmS0SrRAm9q4ePghXPBJ6S-rNhnsU1W02bFXUmQseUsrJAuxB-rJeh0ucTgrm-GA5PryAyCfJK6l4KQB2Hz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=588C9DD8C329440E8BBCED6D0378EAEE&google_push=AXcoOmS0SrRAm9q4ePghXPBJ6S-rNhnsU1W02bFXUmQseUsrJAuxB-rJeh0ucTgrm-GA5PryAyCfJK6l4KQB2Hz5eTY65VDUNa3YZ2pxCKl9hzlq_TSCUflEuOkzvJyEX82xOjkCQdNXH_8n3ULgCbJ7mQ2j
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 13 Sep 2023 18:02:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=588C9DD8C329440E8BBCED6D0378EAEE&google_push=AXcoOmS0SrRAm9q4ePghXPBJ6S-rNhnsU1W02bFXUmQseUsrJAuxB-rJeh0ucTgrm-GA5PryAyCfJK6l4KQB2Hz5eTY65VDUNa3YZ2pxCKl9hzlq_TSCUflEuOkzvJyEX82xOjkCQdNXH_8n3ULgCbJ7mQ2j
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 12 Sep 2023 18:02:11 GMT
pixel
cm.g.doubleclick.net/ Frame 48EE
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UeCZL1CGQKqWuO3Zt0VJYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UeCZL1CGQKqWuO3Zt0VJYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSQHmdsKHs1NcJQInmuw4d9QmOW-9QSSbVFNvFu8cS1CYRKdMyOBsBTjf2qVIK1XbhB38OxiLDbUj-kUAuEs2DAVQTdG3FcA2ai8uAoykomviehgUdXbockzUJCEqTvEwDUnkJFaS3UQSc6EUGkDC7T
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UeCZL1CGQKqWuO3Zt0VJYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSQHmdsKHs1NcJQInmuw4d9QmOW-9QSSbVFNvFu8cS1CYRKdMyOBsBTjf2qVIK1XbhB38OxiLDbUj-kUAuEs2DAVQTdG3FcA2ai8uAoykomviehgUdXbockzUJCEqTvEwDUnkJFaS3UQSc6EUGkDC7T
date
Wed, 13 Sep 2023 18:02:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
report
sync.teads.tv/um/ Frame 48EE
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELhisF63_bCL...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS0892HRITPyYE4f9rWCA91FL59sswvKYUP7waTFyeTxFMvfDgwt80UOu5XFnQMpBXfpGxL72Fmc8KGAersiTEiphlQEe0938c5eXzyM0WmsL65b...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

expires
Wed, 13 Sep 2023 18:02:11 GMT
pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 48EE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEIzBGiV_eLeOvkZAEfxjzKA&google_cver=1&google_push=AXcoOmTdBVdTKD9vR...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D&google_gid=CAESEIzBGiV_eLeOvkZAEfxjzKA&google_cver=1&google_push=AXcoOmTdBVdTKD9vRS2vEY2IwF4Eo5tbGz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D&google_gid=CAESEIzBGiV_eLeOvkZAEfxjzKA&google_cver=1&google_push=AXcoOmTdBVdTKD9vRS2vEY2IwF4Eo5tbGzSyWukxZpxVeviwNdjM7AsQE7MToagZnCiFgb4ufytifAOhjTkR1o9kImFFhEaaYVa-gSGUbNvDzK12sQQyHg5oK8AyRkgit5uecwwCaBR61QOSC50wf7CkV_ri
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
an-x-request-uuid
3ca301ec-80f3-41eb-8248-8c75143349da
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQxMDA0NjQxNTM1ODg0MTQ5Mw%3D%3D&google_gid=CAESEIzBGiV_eLeOvkZAEfxjzKA&google_cver=1&google_push=AXcoOmTdBVdTKD9vRS2vEY2IwF4Eo5tbGzSyWukxZpxVeviwNdjM7AsQE7MToagZnCiFgb4ufytifAOhjTkR1o9kImFFhEaaYVa-gSGUbNvDzK12sQQyHg5oK8AyRkgit5uecwwCaBR61QOSC50wf7CkV_ri
x-proxy-origin
217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 48EE 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKz7cNG3AjOeuYLgfpNofbM&google_cver=1&google_push=AXcoOmS5gBgek25-scfP9_V03PHnnjHHBg3Gz_-lLkeS_5OCZ4tQWB16CiXpnMfgQ2md2P6WGo1Y27lzcuFXyrai-poZK5fGpC5s70KVewpoOcVAABugXgT_x3iB4g62bjim24dqQHm5WqjI5j6YAcQduFRpuw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.176.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-176-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 48EE
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=9a98909c-58a1-4ecc-8dc9-bbd360b57d4b&google_cver=1&google_gid=CAESEA9sV1kOvLyhdOi0Wwm89Fc&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=9a98909c-58a1-4ecc-8dc9-bbd360b57d4b&google_cver=1&google_gid=CAESEA9sV1kOvLyhdOi0Wwm89Fc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTdSrhspqb7upj4Gy26DdzEKTfQV8wtQIWHz_ZZbWCPFxZzuKXofdAYM0BRpZ3uy7wXj5myELELiTJ3j9FG1H2natZzfE3wxYQcFVGsW6ev8RR-ut1flnuyNSRSNJ3kVfjw0IQEK9G-jjhn-Ct4vpD7xg&gdpr=${GDPR}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=9a98909c-58a1-4ecc-8dc9-bbd360b57d4b&google_cver=1&google_gid=CAESEA9sV1kOvLyhdOi0Wwm89Fc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTdSrhspqb7upj4Gy26DdzEKTfQV8wtQIWHz_ZZbWCPFxZzuKXofdAYM0BRpZ3uy7wXj5myELELiTJ3j9FG1H2natZzfE3wxYQcFVGsW6ev8RR-ut1flnuyNSRSNJ3kVfjw0IQEK9G-jjhn-Ct4vpD7xg&gdpr=${GDPR}
date
Wed, 13 Sep 2023 18:02:11 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 48EE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ip4cULXYlVavMTlAUK4jn_8kDdN5ADwkdqUmQN8UqiaSlVR2arRo5ZIX1NTg6VAeusZoWvO85O1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046728&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694628129438&bpp=161&bdt=121&idt=354&shv=r20230911&mjsv=m202309060101&ptt=5&saldr=sd&is_amp=1&correlator=519&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3979942787&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C31077698%2C44795921%2C31076994%2C31077837&oid=2&pvsid=891632888952585&tmod=1785771784&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.65madmgqduaw&fsb=1&dtd=368
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame B455 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDly5P3TMdnsn1dWIuPtMtcMZsXgoNFEZBvHbtiEkt_wXsSmBCsNvXOEeKYhhXRBmgAxPUndp5jib4fe1ZG_D3plOWB0_sp7FXf9tTVscr0qCQuQRsLwNMU1k79Cbi9TliljFrsDHEl1r9HaPEDziAuzyVBumsbba-bhm7D_Y5df9O-D6uIVtEAyok1dtFrGfCUYxr1LU3YQteK9tOZwRjIXqEE2MOkJ7ire5gZXtwoATImyD3cpPM5ahMnmGaTMh1uw6UgPNkIpDT6kgBu6gH5LVlMCsXFOfUDy4-CqaN_QRNPjMzE6VnYdZeRKKmRMbT3W-sebjiLW5paI3sXEZVoULOfFvRd7odrFVCq2gXA2SQNen-yWfjAenfe4SdDEld-G3RGEqjiUEW0o4VFKQoc0Z5LmnpFMCNZouVYOb1lirfmx6p-MTGyGgtgcll2KAytsBfkOMXeEUym0S4Hdn3zj6URa-v4bTrYdgY8BFDGtwNqApPvYUrrkweL_Qn3eeUfstO32IRuqPBHRmpii5B1TNeGtjyZ8pR1c0KSOHbbGun8tLdVEPyuJI5jRDUG4CMw2rEn4mcSJp3KsGPoFJvSs1YPFLTjaoimoLOGab8cg5tzDdpZ-KO4jWZJSDCl4NyfcgHmlwQ5yJo6Nbi_fTJA8qpLSIrNFHa3iQhpRioYvq3e2z-KK9jUi2LEqt4LhK0EUxQayOlDO94rUE8-bu1Ae_fOsW85CRRvAZ51D013KCXoaabkMKEmp6aCsRdpYOXlozPfEuvfe66Wn3BsOKFNEUZSF3fU-nwJTnNlbnF_wHj8xxlbewBPdF116GtrhCRqnuzDAEVhSb75YJdkpNhxM6U51Yd5i-c_iufeJ67qeMH1jUn7eiG3bzQIwHAKBO6HRkKvQPedUROf_JGgCq92X9zD9bepMTr392ciGd3-j0ps4a2EuyvI_7BU-oTKOV3-0PpF53IysMr9ERXlGwTTo7LNY4HH75gDzwqnvg6ttL_xsocRpFhWTXcvVY-zJvIr0AYJ5yZTkQRBgR77pyu3arUunZwJropqI4dipBzV9qyjCt3rIp147cxyYEFDWG0d4_OFVqdFGOClBhi7jXLc7oJpxde8Rftl5cRNLx5g4IcXvQjZZzofRt7XPGhiictildbWE_5u639tT3HP6x70VrkN3OAj3BjSzX1vHp3_1pB-kfuaHGZ09Q6szxBWKt7E77c4Q_kc7F90F_7zxJcwVugfuxIxifkJlh_qdYhlS6UA32riNVktMvp7JO8P4t_21AfMmkYGe4WflxhMHMVBxgdfWZKvH1sLAyjHKoofisZMhQ5vwCDdT4KfQjaCF6XiAY&sai=AMfl-YTb-0TOBKVA9FRwoou26YCB6mEXvCqV5Dwqt9fXbdUwL19h3iwKEfG4Vx0G9LgmNzhqHrjx4bCB_Bpcugc8A72WMVIL5YeUBwnbRu11LeNPMg1BfdSNNUsHWb3TEHFrCCOMFH42DBq6WMF_nvixcSlOO_IsNRC7d5MrtIUNqP1Axa87PFHPl4a7evodxg0vkZWUwQz1fAr3&sig=Cg0ArKJSzJpdyK3Hs8FHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=624&vt=11&dtpt=468&dett=3&cstd=146&cisv=r20230911.76085&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 18:02:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6B39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujsk3yDIRIOEJ55jsWVwDhxsTg3YkcsxvPrPwKx8pgQm-ACao4fG7PSGW4g8aQt6FoAMPkyaCNw9vFO_i949R3eE2oc8LbLN97avuEIVY-dKUObnFgjZ9ZVLTCt94M8DulnLYWNjx241D4HUMtVhrseqRuB7EiECnEPHfwQ4k79ebL6p0nqgkK66v1eETnK4_dQJvN_cA4FtJhUPzSnF0labKgR6TNXwFuZkAmViCkRGXsq2uNJDUfyY9LN5lSw4gFPQ-Vaxny7rbdIB9gAgrfCKCQI_D66F-jCKoTFYymh95r7_2b08DfFSfBP-679BbYAitun0Woa6ZF47UCXylgcWlGXLd7hq-DrjRlbqkruok&sai=AMfl-YQmAlHF0Qx2vAr7J2l_Py751pZfkpeIThrYIGxv4NALfOMZxHJQhtrHUN9PLBoKjTH1uM3NbKHWqy2zZJs&sig=Cg0ArKJSzEnMovm_rC1WEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 18:02:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6B39 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230911&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com&bust=31077719
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245d41c4771ccefa093778d0d5c19f1e34ce1653f30957b173393190efcd0e76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11648
x-xss-protection
0
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame A8C8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:04:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A8C8 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc24e5875cea1e3e193a5db3dcf914dcfd007d0867b574afea644a9925175952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5673
x-xss-protection
0
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 05E1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7764 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com&bust=31077789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 18:02:11 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 7E4A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:04:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7E4A 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99b1d7db2f0f8254b026b0a82fe6e2cc4116231259d4dfe7f4701e5a424b41b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5670
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C8D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKk4blm5P2aoHFGb1uJ-dZ-csi3xu1ee4wIGGLPx-tODqMgjY4zgJCyIUOIYMxbFeKq-ebNqUghhyOeaumvSXZ1w8UcgWkoISbv82ylOvw1atzK83PtJcVV01XCINjW4rChEPhioG98Y3_YJBowIm8z_r-R8rK-GX_UeHXF0t1LcSW5hjwWYa3MtpDUhw9SZzucYdaGYvpffcM0lRNsDJwM8PDu8D_eLZ3NTqFv2DHtr4aaT28IXXYF4pERHo08a7IpdbrNm2mPalcl-cglW5I7L7LN-MsG26nTReMTgqYXFFD1ux-v5gYcgHfZtkEQZeiuR9-R7DA2zKDBkYVLnFPg-X1kClJb_kw7nD-a1qeftcC3y38hsmIhBklJtInYT1d5BkHoMQqj2tIimr0YeYKhG-fqxHiw8ZVIBjjKsAE-92De8wkESrMY9tYIvRSzSNCpKQrO8Tvbjnr7GtEmjskHZ8IQO6mpBWqPvZKKdd8Msninjfv6GtHE_uN0kUMXArHJ-ZgBXHZUXWj4LG78_lnfFiRcSn56COhx1kR-P6bjbSE40nolH4Gem8xOoIg3lMe1ZGGHh4wya9C3o-XeoG0e7UTzIK_ypgMDPxxx6gipYN6RrIWngPj30lgP-5ukoVY-hFggZnDICyzny5bXp9EWhgmLyk53rjVeSEbKkrcbrDhsoho7ZBFbBUmQ6G0fyn657xffdW_CsEpJEDB1RgSX9TWEPOw3IxYlQ8YLqrvcC1hkoRnJ4WtfiDyLVcdOud-NwMY54dfNGatA2fBIlf6UxWUdpZoBi1JZiAuSlmf5RGWKkkhaQk363zuULb2btoRFWObJCMULFm-Ru5AOiaphnG4pMmK5foWuq54j6dLQcHZNuiTTJrv9EmtejEQmhTPWJLXZ4F02XIf7wMGNZOgN6sS77q7kbGA40ifQUzdLBivUYeuz678bQ5PW-EIwpDmxIbQqSHf-uT6Pn8QKr7i_nIn28IAOUQKJeqYd9kAzKGlVxPDYPg70sBqaD2hDkPAz0qxFSxsb1Jm5__XnUUWTOGVJgvG1KSsYKdlunQ87WcaxMfkN8u3fxDpML2ckYst6LrFu7zRly5SWvSyCyBPqafWWKqPG-h2J5hUPUHOKSe_C8b80zk9JL8Ubz9OaXFG-Qh_ttRE-WCQgxStPNRHVC8gofPj_wxcR2h8UXSZtn70zoYn8kvuX88o1yGpNkba0J6czxunRp5uDnqg_sZ6E-8xYhinv_dOcjiKDp3-fCBMd6duuBK-6Vpq9fljAVzOUogIw7MOaooks-nnCpE8S6_g0-DAtPFS5AZUt2yfduAGy9NgD6k&sai=AMfl-YSNB2yZULgN1xOBmC7RM8xEeJL5jrM-MqFNAcQBqVLh6SSmLllGFQrvvi1mh7hvb2mraRJ0DgMqqAvWekOSI1u7AKc3RSZkbHSoLeA94bKiV1BebE-_TpVt6osGFRmsx3sMrlIXYjvw2WQh2bqoxp5r6RjcehLjNOlsmu9qTWHChJvYWJYRHWmqGVH37lUC2mS0rT5PXpGs&sig=Cg0ArKJSzKTprtwpY8MREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=541&vt=11&dtpt=351&dett=3&cstd=182&cisv=r20230911.32905&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 18:02:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B3BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8lEoXxT4IVeQEBKZfnovoyzgx144ctC-29mStGG_k6Xafuu2AIDgbV17PR3Icnv7hfJ2wEM_oQDArRNGQmxOOG1LIbJLvFHauPZiAR8tfo8IyCBxECd2g4gaACeY4XPSgcXfZoyIN1wN_28JbtVSUYpaIp-JRvL8XJ278va7PewuZ9qLMtNcRKdlNITTYRXKxuR9H_zaQJsIrLtePKckeUvXSFg4fPf7h0Skfk-rte6mV-w-przhiRsEpx5u3Wl70oLtrffMtoZDeuzIqpkBRgEJ-vDNbQvuAQkTuNLOw9RfUVJP4kVV8KBUcZJcl5kF6rda7BiuzBnW-DM_grHb2_mQ-KdqvvhqeSuFQodf7Bw&sai=AMfl-YTonc49lRan19LqcVBK1Qs8KZ-PaDZWXFXVTwTxke9kk_9mHl-cirrWaoGekxSJa5QbdFVTZ_Kqi3vwcv0&sig=Cg0ArKJSzNS8BIZ9uj1JEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 18:02:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B3BF 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230911&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa55b046b78a4ccdb2274654adf8593099d0803ab829e39a7b454a0336a2514a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11534
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A8C8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 18:02:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9457 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkahfIvkBZYCIFfC6x_AP7sKgsAUAAAAAOAHgBAI&bg=!8vGl8b7NAAa6D61Rmg87ADQBe5WfOHJ22AH_jzUdABBWCfOXtvbvS71A_fZo783dY3mIwQfOcMvLin5jLvGuqUAeQzt-AgAAAWNSAAAADWgBB5kDJzqicCiQ8P0nJTYaKGdHZwT1FErxpLM6xu-rRMDKs3YmEfDWKnkiktSwB8_ziBaLshGVeG-TW65F6D2t3FOte1T-zmbVs-qkgZEXXNM4twJtGvhGAjG6qFbFkT-YYOIxMbeykx0wCL8BclvpI-kJnOXH2KUf--KJUrPaEsYbGZ3MIVzlkC7cmGLXjxFVnQMdSfPudOm9xck-p2VvIn1_e3ZLqdZ854lEMx-kYPRYJw00D8OOruZT2ujRFzx8x65to8gBvBhWwQx8MfGL0nD9ibx4XLdiHEU4rG70KDB1uLaLNUcRbXzrLLV1s0c0vxSSmkQaAGJ0JRdDK67lqFU9oLaTbLUnzTdffMHh4jegNUZX3FJmQDsGTt_GiF8UIQCOUZ74W5kKH5_yQaIdGysdA9Y-jXxXfyNR5YwFYhBJ5bxoJ-ClwbD4xf64OaqvA8ORkSVi-jxqnjwHJ6debhXlVqG3PRunuRVziBDPhtzE9mSfbQ1uQTOgP7WeP1h-JhMVJF4Ttnf38E4U-DWdD__I_Z8EF6BVuoFpkd6So6yAHrgsEYBeBnwPHXJVti3sXMksczmaXDnaOQ-8sVWxGUowZfEpg51vg_ucNnr3PoxFYCDQIn8mpeD3r9kk0uQ7xZVpt_HUOjUY_vPS8b3xLxmy7ODFa7wuyxk9zpD4ICOQsXaFkDIhyOjQ0q-N_3CMiA6z8C3oMwlHLCwHQNdVvcMEKkpJmt-sAatjUQrAE2Q5xARybE_GQdcmYxyWPzxLW0e-sPcbtLO_AhsvGBbhsbD0-NAjBFTlGH5Ph2hc3i_QNjyGnRs8NWAAY0BWL132jxkODmspxylm33hvVqu5RF-pstLVrDbmDK0NPpvwIxNCne9NoGFkWKe7wh8fF68bxomTqAokAp4GYNXJngGVycbTZm9zV-yuBjPNHDEol6ETDgGSL1qNX3f8uYeQ3t3U5Dfve-Y9gJwwvTbMZ1V9T5L-SR_5zpcytg6HwVHv62f_9QrUp8jw3Tq9TkfiqhCFRNxTtlaGZrA_KgGsOS067XFgHuY7CaVsS1DyERfem2ibNOotzQB7Ev49pw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame A8C8 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18390
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 10:06:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:14:17 GMT
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame D259 		0
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=29610800146378504444556012446009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=c3354bd77e&subid=&uid=26acc5b90e959c7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR-epIfkBZbvXLc_E7gOisKzwD6blvaBpnZycp8kP8C4QASDTy84wYJX68IGMB8gBCakC9j0qZY8Csj6oAwHIA5uEgIAEqgTwAU_QyldnXDOMSca-BYIZxUFi3-WbzexovxWwvow4J4wCd2ymw8DYv_Rzm3cwWxuc6ToPjzWEVI7-0TNJ0uHjnhpzua5c-qeyopvrd_ky2d4ipObZw7ilNxfHyMjTxe2mFgxl1hRhW6oVmhd5XDjX7taKfJhXoxW_RSDTbItz06IQ9TABO87ZfUPlLoxxT9yQywTq0sG3_wG4vWTufV-lA0m7J-bsC3qdLswDuXmcwFeyQI208ftYtxWX-wlGTseGFohbHrZPRteJBz7aX3qyynuKjhuTzHAjL0-FYzvocS-neFHeuIFc6Yd715757-ewpcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI--vM3ZWogQMVT6J7Ch0iGAv-EAEYASAAEgLk_PD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWYJIi80dEK_vGcM8F_yQnyYwT82NyEY8MC_BzpHt8Dcbz1DTTGAE%26sig%3DAOD64_3RDD1GJNG6Vs2RVzb3zmRiipeQcg%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Da2fTOCxtqrOMj04BD3sqHtB6zSWoAKTzxPR1eGx0J4iN6F41IxI9RMK1t0YE1wBs015fSXPKNSZ6HMczUZaIF9_6nxWgb64V3ITyeivOPVksOsk_Hu97ybSAUwOl2nqTIVXy-78lBltiMv-COQ2OuP3CSf8OLAgFUA7h4bU4H8Scitj8%26cry%3D1%26dbm_d%3DAKAmf-AI8CyBFDQwLUNJLUs5tFW1k68Un7D8iDTW2YfO-FUCxS4X94Mh84aLG3RA43WgWrnay3hu6RKTyi2Dh1q5pk7jYGniJMiDMnrnkZrP_lyBHgWaRZ3K2dQiJ2sCFS8EF8lICrZyiQOtIah_sC2QG2rp9p2_npCqLqjxTZ1aiM58G9IRQI-mSJ8DpiQ6BZQCpoNZ0isCdgWTvEyX4QIdu3CpaD1xNhR81SBJazfS7CokFA9pyyymgHWvV3umgHuwDBmF1Dz7-fw_ms_9v51S-YxozYw_8f2rBMBl3qLFuhfMTZ8Gw1_xZo61KjNLMBjNCB5RD-Rkmd84Nl7lLbGQku4P_jQrUGAFwWw02FmNIwOFIy8Yv2MqSCS8k3uH0nOHnGpcjpaBEokfnSAovBzrAwG13JsUTmYkJpztyLzmwuzQN9zhgX1NllVJQV7d1Cp6MQEf2H8zhcAIsHZDlK6drKLO5PTM_TessLABIYsm9b2sxe6tFTYeVr03FfDKsR54Z91AcTBR6FuSiV_JQZ-1Qti2vYCPPW1lEz58w_RSSj9jsZ2V9z9y-qN8wMvKhtOVaR0zEPdH4jlBB3TDTVbaUn_-3ueLsI8ftsdx7fKCX_-g8c2iRa0%26adurl%3D&documentReferer=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=1827392145952&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Content-Length
0
Content-Type
application/javascript; charset=utf-8
Date
Wed, 13 Sep 2023 18:02:11 GMT
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
Server
nginx
Strict-Transport-Security
max-age=15768000
Vary
Origin
X-IPLB-Instance
40028
X-IPLB-Request-ID
D972DA1D:841A_91EFC182:01BB_6501F923_122F6C32:B82B
/
adv.office-partner.de/ Frame FDD2 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=c3354bd77e&subid=&uid=26acc5b90e959c7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR-epIfkBZbvXLc_E7gOisKzwD6blvaBpnZycp8kP8C4QASDTy84wYJX68IGMB8gBCakC9j0qZY8Csj6oAwHIA5uEgIAEqgTwAU_QyldnXDOMSca-BYIZxUFi3-WbzexovxWwvow4J4wCd2ymw8DYv_Rzm3cwWxuc6ToPjzWEVI7-0TNJ0uHjnhpzua5c-qeyopvrd_ky2d4ipObZw7ilNxfHyMjTxe2mFgxl1hRhW6oVmhd5XDjX7taKfJhXoxW_RSDTbItz06IQ9TABO87ZfUPlLoxxT9yQywTq0sG3_wG4vWTufV-lA0m7J-bsC3qdLswDuXmcwFeyQI208ftYtxWX-wlGTseGFohbHrZPRteJBz7aX3qyynuKjhuTzHAjL0-FYzvocS-neFHeuIFc6Yd715757-ewpcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI--vM3ZWogQMVT6J7Ch0iGAv-EAEYASAAEgLk_PD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWYJIi80dEK_vGcM8F_yQnyYwT82NyEY8MC_BzpHt8Dcbz1DTTGAE%26sig%3DAOD64_3RDD1GJNG6Vs2RVzb3zmRiipeQcg%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Da2fTOCxtqrOMj04BD3sqHtB6zSWoAKTzxPR1eGx0J4iN6F41IxI9RMK1t0YE1wBs015fSXPKNSZ6HMczUZaIF9_6nxWgb64V3ITyeivOPVksOsk_Hu97ybSAUwOl2nqTIVXy-78lBltiMv-COQ2OuP3CSf8OLAgFUA7h4bU4H8Scitj8%26cry%3D1%26dbm_d%3DAKAmf-AI8CyBFDQwLUNJLUs5tFW1k68Un7D8iDTW2YfO-FUCxS4X94Mh84aLG3RA43WgWrnay3hu6RKTyi2Dh1q5pk7jYGniJMiDMnrnkZrP_lyBHgWaRZ3K2dQiJ2sCFS8EF8lICrZyiQOtIah_sC2QG2rp9p2_npCqLqjxTZ1aiM58G9IRQI-mSJ8DpiQ6BZQCpoNZ0isCdgWTvEyX4QIdu3CpaD1xNhR81SBJazfS7CokFA9pyyymgHWvV3umgHuwDBmF1Dz7-fw_ms_9v51S-YxozYw_8f2rBMBl3qLFuhfMTZ8Gw1_xZo61KjNLMBjNCB5RD-Rkmd84Nl7lLbGQku4P_jQrUGAFwWw02FmNIwOFIy8Yv2MqSCS8k3uH0nOHnGpcjpaBEokfnSAovBzrAwG13JsUTmYkJpztyLzmwuzQN9zhgX1NllVJQV7d1Cp6MQEf2H8zhcAIsHZDlK6drKLO5PTM_TessLABIYsm9b2sxe6tFTYeVr03FfDKsR54Z91AcTBR6FuSiV_JQZ-1Qti2vYCPPW1lEz58w_RSSj9jsZ2V9z9y-qN8wMvKhtOVaR0zEPdH4jlBB3TDTVbaUn_-3ueLsI8ftsdx7fKCX_-g8c2iRa0%26adurl%3D&documentReferer=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=1827392145952&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Wed, 13 Sep 2023 18:02:11 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Wed, 20 Sep 2023 18:02:11 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame B5E0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=29610800146378504444556012446009&nw=1
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.176.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-176-194.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
9b8d249516d5670b0841e167898d77db05f4ead4fe78dc6204835e0c076afa7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
last-modified
Wed, 13 Sep 2023 18:02:11 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 13 Sep 2023 18:03:11 GMT
activityi;dc_pre=COygt96VqIEDFdUOaAgdAswI1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158
5994599.fls.doubleclick.net/ Frame 63EE
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COygt96VqIEDFdUOaAgdAswI1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158?
391 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=COygt96VqIEDFdUOaAgdAswI1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158?
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
91a6a0a3affe73abb351d92018296ada9e0786a8ff022505c3561faae4de482f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:11 GMT
expires
Wed, 13 Sep 2023 18:02:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=COygt96VqIEDFdUOaAgdAswI1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90009.redintelligence.net/ Frame 7F08 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request_content.php?s=29610800146378504444556012446009&a=c6d72825
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=c3354bd77e&subid=&uid=26acc5b90e959c7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR-epIfkBZbvXLc_E7gOisKzwD6blvaBpnZycp8kP8C4QASDTy84wYJX68IGMB8gBCakC9j0qZY8Csj6oAwHIA5uEgIAEqgTwAU_QyldnXDOMSca-BYIZxUFi3-WbzexovxWwvow4J4wCd2ymw8DYv_Rzm3cwWxuc6ToPjzWEVI7-0TNJ0uHjnhpzua5c-qeyopvrd_ky2d4ipObZw7ilNxfHyMjTxe2mFgxl1hRhW6oVmhd5XDjX7taKfJhXoxW_RSDTbItz06IQ9TABO87ZfUPlLoxxT9yQywTq0sG3_wG4vWTufV-lA0m7J-bsC3qdLswDuXmcwFeyQI208ftYtxWX-wlGTseGFohbHrZPRteJBz7aX3qyynuKjhuTzHAjL0-FYzvocS-neFHeuIFc6Yd715757-ewpcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI--vM3ZWogQMVT6J7Ch0iGAv-EAEYASAAEgLk_PD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWYJIi80dEK_vGcM8F_yQnyYwT82NyEY8MC_BzpHt8Dcbz1DTTGAE%26sig%3DAOD64_3RDD1GJNG6Vs2RVzb3zmRiipeQcg%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Da2fTOCxtqrOMj04BD3sqHtB6zSWoAKTzxPR1eGx0J4iN6F41IxI9RMK1t0YE1wBs015fSXPKNSZ6HMczUZaIF9_6nxWgb64V3ITyeivOPVksOsk_Hu97ybSAUwOl2nqTIVXy-78lBltiMv-COQ2OuP3CSf8OLAgFUA7h4bU4H8Scitj8%26cry%3D1%26dbm_d%3DAKAmf-AI8CyBFDQwLUNJLUs5tFW1k68Un7D8iDTW2YfO-FUCxS4X94Mh84aLG3RA43WgWrnay3hu6RKTyi2Dh1q5pk7jYGniJMiDMnrnkZrP_lyBHgWaRZ3K2dQiJ2sCFS8EF8lICrZyiQOtIah_sC2QG2rp9p2_npCqLqjxTZ1aiM58G9IRQI-mSJ8DpiQ6BZQCpoNZ0isCdgWTvEyX4QIdu3CpaD1xNhR81SBJazfS7CokFA9pyyymgHWvV3umgHuwDBmF1Dz7-fw_ms_9v51S-YxozYw_8f2rBMBl3qLFuhfMTZ8Gw1_xZo61KjNLMBjNCB5RD-Rkmd84Nl7lLbGQku4P_jQrUGAFwWw02FmNIwOFIy8Yv2MqSCS8k3uH0nOHnGpcjpaBEokfnSAovBzrAwG13JsUTmYkJpztyLzmwuzQN9zhgX1NllVJQV7d1Cp6MQEf2H8zhcAIsHZDlK6drKLO5PTM_TessLABIYsm9b2sxe6tFTYeVr03FfDKsR54Z91AcTBR6FuSiV_JQZ-1Qti2vYCPPW1lEz58w_RSSj9jsZ2V9z9y-qN8wMvKhtOVaR0zEPdH4jlBB3TDTVbaUn_-3ueLsI8ftsdx7fKCX_-g8c2iRa0%26adurl%3D&documentReferer=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=1827392145952&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5b18cdc5416d36448979c98972f96e0028af36c985416419b6191aff9968405c

Request headers

Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2035
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Sep 2023 18:02:11 GMT
Expires
Wed, 13 Sep 2023 19:02:11 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame B5E0
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29610800146378504444556012446009&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29610800146378504444556012446009&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29610800146378504444556012446009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Wed, 13 Sep 2023 18:02:12 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Host
pv.medialead.de
X-IPLB-Request-ID
D972DA1D:841A_91EFC182:01BB_6501F923_122F6C79:B82B
X-IPLB-Instance
40028
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
Content-Length
43
Proxy-Host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29610800146378504444556012446009&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Wed, 13 Sep 2023 18:02:11 GMT
server
nginx
content-length
154
content-type
text/html
cshow.php
www.awin1.com/ Frame B5E0 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=29610800146378504444556012446009&pv=1
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.80.244.96 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-244-96.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Sep 2023 18:02:11 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6B39 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com&bust=31077719
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 18:02:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F0C1 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35e4077beb1931b546f070dbf3678d08e98d7be71c587dbdaccfbb7b96e84ab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5733
x-xss-protection
0
06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame F0C1 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:34:41 GMT
x-content-type-options
nosniff
age
41250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28774
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 06:34:41 GMT
annick_sitzend.png
s0.2mdn.net/4528404/ Frame F0C1 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/annick_sitzend.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 04:18:09 GMT
x-content-type-options
nosniff
age
49442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2539328
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 04:18:09 GMT
congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame F0C1 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 16:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1929
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 16:26:09 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame F0C1 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 21:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 21:22:01 GMT
cta-small.svg
s0.2mdn.net/4528404/1687523402213/ Frame F0C1 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687523402213/cta-small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3259ca7d3e09ade842ae522f7808dfc053a5d9bf7e19ea5ae94403558a361e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 21:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1321
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 21:22:01 GMT
congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame F0C1 		2 KB
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 16:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 16:26:09 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/13317140552759280862/ Frame F0C1 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13317140552759280862/logo-d0d80991.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 16:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 16:28:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Sep 2024 16:29:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7E4A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 18:02:11 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 79C3 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 09:36:10 GMT
etag
48472445140208031
expires
Thu, 14 Sep 2023 09:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B5E0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b225c5826feb7986ee93abd39e79e7182261da719f75e391111deeec8002f210

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0066 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12125
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 14:40:06 GMT
expires
Thu, 12 Sep 2024 14:40:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3A3D 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
51521b1988b5f1d5b5557993191b5078c554ed9870801231234fea585f5f11b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_9pW_xbDsrTqwQroAweLOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-_9pW_xbDsrTqwQroAweLOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:11 GMT
expires
Wed, 13 Sep 2023 18:02:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B3BF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 18:02:11 GMT
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 7E4A 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18390
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 10:06:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:14:17 GMT
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame B993 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F0C1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 18:02:11 GMT
css
fonts.googleapis.com/ Frame 7F08 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=29610800146378504444556012446009&a=c6d72825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 16:54:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Sep 2023 18:02:11 GMT
/
hal9000.redintelligence.net/scale/ Frame 7F08 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=29610800146378504444556012446009&a=c6d72825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
d9233f0645a25adec43251fc2e31a915896cd1ce383339ba73feca0142b0e012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Wed, 13 Sep 2023 18:02:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
27707
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7F08 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=29610800146378504444556012446009&a=c6d72825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
fb001269ace58f64fab7a50f047827b5ede09a938658eda1697b2c650982db93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Wed, 13 Sep 2023 18:02:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16833
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7F08 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=29610800146378504444556012446009&a=c6d72825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
dd1f222ed588ff54d55aa5c2436e07078d42a2afd59a7bad16753d1001b6e93e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Wed, 13 Sep 2023 18:02:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25830
Vary
Accept-Encoding
Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E1BC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12125
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 14:40:06 GMT
expires
Thu, 12 Sep 2024 14:40:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 45B6 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e09d300a54d614f62d5471655333539347ace9e81a343eaf6f25b04d358eadbe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nNftNxrjjz801mmaMpeGMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-nNftNxrjjz801mmaMpeGMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:11 GMT
expires
Wed, 13 Sep 2023 18:02:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2890 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BF9QBIvkBZZ37GNGLjuwPj9OJuAoAAAAAOAHgBAI&bg=!MjGlMX7NAAa6D61Rmg87ADQBe5WfODUmztRHxeQKrhyzaJtDTD8PRLGkLxD9ofr5uX7rIN0PuKU-RfFS2ZEQ7sAu41mcAgAAAa1SAAAABGgBB5kDXGBSx5-Yc2lXZx0YxcuiGxbka4TMaLtoTO_wk2Gn8YKvHjv-UOh-xAQjwnnCUseLAE5nP4koXeVRT0oXPzg2VUGxolMV3NJoswZJTjIi7usN1HVukaLeO0Mqu6m2Fw5X-PqrRTeXGwdky-94UPU0IElgra5IGz-DDZQdCfu5S0i5iXcihSYRwZzqWSzWWLgK4Ig6ALWOD6wyzK_Qwvd4LeB42bhGc7O6xO9QAiFheHFo2G9_H8DysZEUhRXNNcaR7gMV4_xx1xS8wgi6axWKXWhiAAR967_RqkrwzQ1qaMH5CJVls434oCj4COId74y7ZX7jdhSr7Ag4Hi0ZP3EO4jvghQxPgzXWCU3__EoTgj5ydquYhsq5OYlqYAE3dAS3Jb5r2yWV_9bDCgxfNbc2nEcLTZXaK77RlKsA3_j1BuII75_qx91tuYbiYiSHalDvg9njS2k2n0nQAZNbSyjN15qxsW9cJe6CLkktgeBqzQlSBrH4jqe0g6urvutpPz5lZ4yWKHIp0-jrEUkorvsDXnKPowJ-nwBF5-smZik-_1ML47L5Ox34v1c6VQo-RCllGZVuY2Dv7RBF6ShTuI9KBvceHLjg7XKbYP18KtJ8_gCQcQgR4bYTkfnGJC4LxU2JAXHCHJmVDvZ2sljwn6Aq2zPHZV0H6lXvkqHYR_ecAaUy1ABjwABB32UW0SXtVb3voLY8rIYeCk7xRXXgvcfmf_05-Rjx-EAlDG7uiWk56I8AgRmbi3X9_ShvEGC7zUG7hSGrdXB3hbrKiiUlHLCwAHN204NKAzJ4eQJZ8GaTRWyRtSY6mSCkWr9YpNX6R8orlHAHhfaD3yNInwx0gxYHdSauqagD8josgyW3n6RrNvWXmEFs1DDpBQoTP44fKdBALczpCfW2rkhJOSXOVkmViiU2EbTBv4petFbFUmj0vO51Y_Lf_m6Ls0JsIWxbyenPGWFXU0BGQmh51Xbr6EJZ1BPwPN7QsP2EtvdCFLZR_JE5ZM1xcXd3BY3Mjd9PiX8V0AHiANkrYkJJMVMcHTJa9pEiRoh3inX8OJRiBtQiWToh9284B5weFZN-k-2lUKsAkMw_NgRa_qYedjKqqT4Zik3GHboevCsUI62SLLaX6MTERMw_twNA87YWE4Zf
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 79C3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJNz_Awy_zffzC2jkdWTLfI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJNz_Awy_zffzC2jkdWTLfI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFdRekY5NUsxUUd1Yk41&google_gid=CAESEJNz_Awy_zffzC2jkdWTLfI&google_cver=1&google_push=AXcoOmSuKUruE29MEGEtnhgSxqMpAiC-ywH-qFrXKlVTwUf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFdRekY5NUsxUUd1Yk41&google_gid=CAESEJNz_Awy_zffzC2jkdWTLfI&google_cver=1&google_push=AXcoOmSuKUruE29MEGEtnhgSxqMpAiC-ywH-qFrXKlVTwUfEyXf0an0MGxLNxZo1d2vDgSzOJTi2QXxlgYH8xOQAStH5abxoWGmp
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Sep 2023 18:02:11 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0310c9e42ac8c94ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFdRekY5NUsxUUd1Yk41&google_gid=CAESEJNz_Awy_zffzC2jkdWTLfI&google_cver=1&google_push=AXcoOmSuKUruE29MEGEtnhgSxqMpAiC-ywH-qFrXKlVTwUfEyXf0an0MGxLNxZo1d2vDgSzOJTi2QXxlgYH8xOQAStH5abxoWGmp
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 79C3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPJiBJQ8P7Wg_SNxcQE4jI0&google_push=AXcoOmTyn2bbHfytvIpv98Q6-tZ6uM_At8jv1UlpzBMr-wsvs7Y7S_NYjf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPJiBJQ8P7Wg_SNxcQE4jI0&google_push=AXcoOmTyn2bbHfytvIpv98Q6-tZ6uM_At8jv1UlpzBMr-wsvs7Y7S_NYjfi0JEvhBOL0SsYnqIWLgGKcRAiVp1MDR2Fbb0ODPwdHbg
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230022-FRA
pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1694628132.623371,VS0,VE94
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPJiBJQ8P7Wg_SNxcQE4jI0&google_push=AXcoOmTyn2bbHfytvIpv98Q6-tZ6uM_At8jv1UlpzBMr-wsvs7Y7S_NYjfi0JEvhBOL0SsYnqIWLgGKcRAiVp1MDR2Fbb0ODPwdHbg
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 79C3
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJtj3sUbctyrSomMuOaMy2M&google_cver=1&google_push=AXcoOmSrTKf7u3Z45Jistk0l_Gpirm8PzH2CUfhuWwa8T_W4MM3gPCtsu2idGBGxIpNAVjaDrBWvRLXLHJN8zwSS_AbuwDCu_XUBKg
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=588C9DD8C329440E8BBCED6D0378EAEE&google_push=AXcoOmSrTKf7u3Z45Jistk0l_Gpirm8PzH2CUfhuWwa8T_W4MM3gPCtsu2idGBGxIpNAVjaDrBWvRLXLHJN8zwS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=588C9DD8C329440E8BBCED6D0378EAEE&google_push=AXcoOmSrTKf7u3Z45Jistk0l_Gpirm8PzH2CUfhuWwa8T_W4MM3gPCtsu2idGBGxIpNAVjaDrBWvRLXLHJN8zwSS_AbuwDCu_XUBKg
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 13 Sep 2023 18:02:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=588C9DD8C329440E8BBCED6D0378EAEE&google_push=AXcoOmSrTKf7u3Z45Jistk0l_Gpirm8PzH2CUfhuWwa8T_W4MM3gPCtsu2idGBGxIpNAVjaDrBWvRLXLHJN8zwSS_AbuwDCu_XUBKg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 12 Sep 2023 18:02:11 GMT
pixel
cm.g.doubleclick.net/ Frame 79C3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMsBU5d6IIYRoenXsObeUcs&google_cver=1&google_push=AXcoOmT8k3OWr10Wa5GI2HP_1OycXFnVEJsAXB1fh_ozmubU3O90UOYVMXRN4fvZORhm9ZnO-TM2a4ty...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwNDQyMjI4NDc3MDczNTEzMA&google_push=AXcoOmT8k3OWr10Wa5GI2HP_1OycXFnVEJsAXB1fh_ozmubU3O90UOYVMXRN4fvZORhm9ZnO-TM2a4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwNDQyMjI4NDc3MDczNTEzMA&google_push=AXcoOmT8k3OWr10Wa5GI2HP_1OycXFnVEJsAXB1fh_ozmubU3O90UOYVMXRN4fvZORhm9ZnO-TM2a4tyXVcGiDvw6ATlIQpGz_DoMw
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwNDQyMjI4NDc3MDczNTEzMA&google_push=AXcoOmT8k3OWr10Wa5GI2HP_1OycXFnVEJsAXB1fh_ozmubU3O90UOYVMXRN4fvZORhm9ZnO-TM2a4tyXVcGiDvw6ATlIQpGz_DoMw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ebda
match.360yield.com/match/ Frame 79C3 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEOQYW96_WKYXWghQpck2-9E&google_cver=1&google_push=AXcoOmSQ1RlhJTDob3IySCOhsVGZyYtJ4c5LCnXyQ_h_wYfLte-XPGqYek1EA1QsIzxL5QIts4V7etICUHxbXlMgIEsfl3myikS_PQ
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.16.101.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-101-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Sep 2023 18:02:11 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 79C3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
  • https://sync.targeting.unrulymedia.com/csync/RX-ec865b95-2aa8-4893-9fb6-5d7098b436ae-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRnFkxE99Ft9cWZjSuzA...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRnFkxE99Ft9cWZjSuzAxM5X69KZzWWqDRWa6dC4egYoraLHDSVL46-F9avxbOqtdwrC1JvqehDbJD3T5FBjNH7nLSG0IMrxQ&google_hm=A-yGW5UqqEiTn7ZdcJi0Nq4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRnFkxE99Ft9cWZjSuzAxM5X69KZzWWqDRWa6dC4egYoraLHDSVL46-F9avxbOqtdwrC1JvqehDbJD3T5FBjNH7nLSG0IMrxQ&google_hm=A-yGW5UqqEiTn7ZdcJi0Nq4
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRnFkxE99Ft9cWZjSuzAxM5X69KZzWWqDRWa6dC4egYoraLHDSVL46-F9avxbOqtdwrC1JvqehDbJD3T5FBjNH7nLSG0IMrxQ&google_hm=A-yGW5UqqEiTn7ZdcJi0Nq4
date
Wed, 13 Sep 2023 18:02:11 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXec865b952aa848939fb65d7098b436ae003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 79C3
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHFrQz9W4BLG48VBvLxT0MY&google_cver=1&google_push=AXcoOmTKTR3mMgrWkN_bnR7HaOB7iTkh-bBVGVden32snMb0Kjswequt5-fHGPYBSIuTJrp89W1Ej_qTXdqAFrSECu3XqEvkRH...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NjMyMjUxMzkzMzIzNDEyODgz&google_push=AXcoOmTKTR3mMgrWkN_bnR7HaOB7iTkh-bBVGVden32snMb0Kjswequt5-fHGPYB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NjMyMjUxMzkzMzIzNDEyODgz&google_push=AXcoOmTKTR3mMgrWkN_bnR7HaOB7iTkh-bBVGVden32snMb0Kjswequt5-fHGPYBSIuTJrp89W1Ej_qTXdqAFrSECu3XqEvkRHXLxw
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NjMyMjUxMzkzMzIzNDEyODgz&google_push=AXcoOmTKTR3mMgrWkN_bnR7HaOB7iTkh-bBVGVden32snMb0Kjswequt5-fHGPYBSIuTJrp89W1Ej_qTXdqAFrSECu3XqEvkRHXLxw
date
Wed, 13 Sep 2023 18:02:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 79C3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZLL9IorLRrrTE5vubSDAQAAqqQWLCK8TpwSSgo7Klmo_R4mUrPNrCIRwp8uGfJ8dA2uym
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame E817 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
gtm.js
www.googletagmanager.com/ Frame FDD2 		171 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5cc4807a3ca471b5bb06c437fa6e08a1e17d0a293dd1de1b5934dd4c8b0a94fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
63114
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Sep 2023 18:02:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3299 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12125
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 14:40:06 GMT
expires
Thu, 12 Sep 2024 14:40:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1CAA 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d28aee2488fb44ce1d0058dcf890736bfefe3c7fe0772bef796cb0b877b40a6c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8ptQDHKm8_y0dXZCVlBAow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-8ptQDHKm8_y0dXZCVlBAow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 18:02:11 GMT
expires
Wed, 13 Sep 2023 18:02:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame A8C8 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:17:09 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame A8C8 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:08:44 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame A8C8 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:05:41 GMT
NH_D_LA_Beach-Exotic_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame A8C8 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_LA_Beach-Exotic_728x90.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e70ccfac2f6953728129e525dabdd42d5350e82d54c6bb09ae99a6f62632ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:56:42 GMT
x-content-type-options
nosniff
age
329
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83169
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:55:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:11:42 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame A8C8 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=hFTB6J8n9T&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:56:46 GMT
x-content-type-options
nosniff
age
325
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:11:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3A3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230911&jk=1497590874737874&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 03AE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D715 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8oFJIvkBZYa9GIaxx_APoOeXkAYAAAAAOAHgBAI&bg=!mJulm9TNAAYoa5rMCGs7ADQBe5WfOGmgp3wCKp2ic0RxghO9YIIiHv8dFIwV7IIpAmPs6L65h6gjHCwTgFuQOPYW97urAgAAAjRSAAAACWgBBwoALqWblB4W2nrI-3QQn_Hc09SvuNdz1xjPLgDBGKSeG6N_T1tnrz4KJiz-_TjirYqZA0PIFxHKwr4O3fMnrrkmPT-YKFgU6Pe-BbWRA0l_Si5NCMck4cGlrOh0jxCVyNk0NenDX8cuTbARuP67X6b_RAN2mDe2WJXcEAmnWw1BoQpKmmUz8hsPmeVfFDHTjrbcuwOPs5CiuSWq6YHnPkqRLDPwReVnd696P-YFmiyB-BBraB12zdqbxcWGTh0l6gxtAvl1VWunYwSOJujBzEZSBlb9Cu16CRMAXk6-eUH5yKnhTzTL7xbBKXxnn4DXg9BGRqOXsrOwCWX2e_vnw6GzuR0_qC7RyxTYUACp1RrHLK5bPcoB1BLWsXPclfrgPTTOCoImdSMzP2GMBE-DwoEj0saemC-zAQb_6mnZTnMW_WtbdPC6oxzG-vEMOo2OOviJw-bh8a6RYa2SkBHHFLOS6kY388C5Os58lS73BmQ1PzjQVnn36m94y4XMsF-CxoLgpPew7DyL7hszev9MXON14IUVdHRAZlW3xrI49Vg0wlSmHGG7jNRREmxlCJcSJMhQU23VHxei4_v426XeN5YRns_UlXi8RTCETNm5mhJpzVX_4kDmZBzvCast9JW6J2t1PG7pImzOaQnDNwYxVw6QUR7wwv0TaT5irc_JyrCJGsJT31MmiIkObA4lZIYoPIXCLQeNDoSEch_eBT3ekPezK3g6770OvOKsc0WGLUH2Jwh2SK09ZBpwWzOFNFULmAHWxNkG95e7P4io0WQ4Cs6cZHmK_QPKBg-I44T10FxDRcv771y3blbr9WgDRoOaLaqhQln25TjP9hKDj49WbVMTLq3EYqlKTrU9pUFQH1v26dCW9da1y-tPxtglSAWBxkNGfYjsUGmocio7hzg-VuW6cDwDPMz4a-sVEkbMX-BXQRZrfPzIIl2vpAAt7SLUwHwHudNP_qcDfR5CN6LEJVliYcXB2vxCR5QP61evL89-FuHJmwV5u_QWEWwg0DZthKRAVI4HUzjDOMYi8r0toNYMQTVj9KaTwvlzki1Thz7ucbW-S0bmRclBy7d4BF12TxVsXq07K74v7oW7L8mF55UlHeckjwz3Ta-QM37EeMeMx20P4rzDGu1dSJBTS4bRhJVSxBy3WUU3LpvVZGfTPyx-JeLv5Cx4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame B5E0 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=29610800146378504444556012446009&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.26.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-26-39.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 16:40:23 GMT
content-encoding
gzip
via
1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 14:11:27 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
19188
etag
W/"cb7accb6a6fc086cd831549a78a2fe42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
eMSAvcbt2dLN4jQ2yMjDyLc1SQQFkIBQOxhC3wwHSyIh92Z4OXOEJg==
1x1.png
cdn.track.production.webgains.team/7121/ Frame B5E0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1694628431&Signature=R-R-tCVxXAUv9QX9GB66PH-8vM1TuglhhIPoVg4LYQdSFBqOs8KmZBxuMKSaRTVk5Vsbpxm2Oxrwxds5U6ap8h7H5sOpp9JLYo2CZcVT1kyyZhQBDjrbKOntusZZNVKrX7IOrp8LMPzQ46E2hkz92jrohVK4PtCLL9orfeC3IUYmj9SYuyz1DbqFdBd~W2bZqUr2av2y7Lmlc5MJF5gwUDaoabSu-AhVllmnilbLmhVrlCTQHTNsyQmnfNTtSovBkaEduLDxJfOoU9O8pBdSDvIsw1ERZcH4rPIb99CnOtn6FXB~Dk5vbIXCNJw~YfQfvEj-pUtgPacqoJyiJ2z~lw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
URL: https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 12 Sep 2023 19:41:01 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
80471
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
EeQQ8dkW_rmXv91DVUAB1tSL6Rao8Ld484WskMlhC6qbgZTSDv7WrQ==
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 7E4A 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:17:09 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 7E4A 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:08:44 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 7E4A 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:05:41 GMT
NH_D_LA_Beach-Exotic_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 7E4A 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_LA_Beach-Exotic_728x90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e70ccfac2f6953728129e525dabdd42d5350e82d54c6bb09ae99a6f62632ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:56:42 GMT
x-content-type-options
nosniff
age
329
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83169
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:55:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:11:42 GMT
06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame F0C1 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:34:41 GMT
x-content-type-options
nosniff
age
41250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28774
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 06:34:41 GMT
annick_sitzend.png
s0.2mdn.net/4528404/ Frame F0C1 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/annick_sitzend.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 04:18:09 GMT
x-content-type-options
nosniff
age
49442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2539328
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 04:18:09 GMT
congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame F0C1 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 16:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1929
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 16:26:09 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 7E4A 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=tR4tkIcNGv&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:56:46 GMT
x-content-type-options
nosniff
age
325
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 18:11:46 GMT
viewability
hal90009.redintelligence.net/ Frame 7F08 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=29610800146378504444556012446009&a=ad53a81a&vb=m
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=29610800146378504444556012446009&a=c6d72825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=29610800146378504444556012446009&a=c6d72825
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Wed, 13 Sep 2023 18:02:11 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 0066 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
dc_oe=ChMI6pj-3ZWogQMV198RCB3dNQD3EAAYACDwwe5cQhMIkfzX3ZWogQMVfAKtBh0FPAoC;stragg=1;&timestamp=1694628131773;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame C8D7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6pj-3ZWogQMV198RCB3dNQD3EAAYACDwwe5cQhMIkfzX3ZWogQMVfAKtBh0FPAoC;stragg=1;&timestamp=1694628131773;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI6pj-3ZWogQMV198RCB3dNQD3EAAYACDwwe5cQhMIkfzX3ZWogQMVfAKtBh0FPAoC;stragg=1;&timestamp=1694628131774;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame C8D7 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6pj-3ZWogQMV198RCB3dNQD3EAAYACDwwe5cQhMIkfzX3ZWogQMVfAKtBh0FPAoC;stragg=1;&timestamp=1694628131774;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 45B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230911&jk=1361259775491942&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 431F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUKnvnDzvE44LTZK5pYf23X-sss-qrhjeiz6YpVFoe8ViuOfpVIYXvRqzwEt5j4cYMTupxoktb26QA18UIy2EAqJluFQBip0VSwBnaoUveUmV1EfXtTT_iuv1tPnPJJxcgRkLvtI4KAsVr&sai=AMfl-YTBKdnfxo78c-cI-OfWxvpJdthBJiyaouLM52T65c4u8Qe5pT2A5UypHp6IS6WzB7IoZBoUp-_yRoIEzOck_47DOgIQMmV_0yM&sig=Cg0ArKJSzHJ1IiGtyjpAEAE&cid=CAQSKQBpAlJW4euz9qO9hAWBqEcZE2xI9yAK-1T0BevSIqEu5LiD-9jADL9NGAE&id=lidar2&mcvt=1047&p=0,0,90,728&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694628129569&rpt=1160&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7F08 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90009.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 23:04:46 GMT
x-content-type-options
nosniff
age
413845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 23:04:46 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7F08 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90009.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 03:41:01 GMT
x-content-type-options
nosniff
age
483670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 03:41:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1CAA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230911&jk=891632888952585&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame E1BC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
js
www.googletagmanager.com/gtag/ Frame FDD2 		270 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b008e2d24c323d54b6dd52be567dbd4195270d43a614beb75b23f5bc80a2c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92422
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Sep 2023 18:02:11 GMT
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 3299 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
126915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:46:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E1 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGoAXIvkBZer_Ide_x_AP3euAuA8AAAAAOAHgBAI&bg=!0dKl0p3NAAa6D61Rmg87ADQBe5WfOJMQ7YO18en8iGCzVkqe9BLq-QV5OHq-GMnFpUPzMEmJR4BBvldL4GMhHYo_wftMAgAAAghSAAAAB2gBBwoAUE7tsld08C4oYIVnNnk-q093pM0qkqn78qiYA8mXSgugFU7oUNQTRoiJYVsSNBMxfCrds9y17Yz-ft7s3NijBCRJN4sXjgFxOd2MHabsl0yzmQM0KWrS7304qWV1GuITwEtUUvmgCglfl6xmdJ1xG0z2634m_M2mg5LTzfTCYO9CuWeDVoU4GBlNvT1PtpV89yEPk7El3ANNzOgXa_0T8cYIZMJJ0WE9XLjD616bml-VwFjefLrM0PytE6jjQcsF_3Pirt-H0wKWnyRYsUSmtdy1AYKgioqHxLDVTU-hFWtfMlCVICRmr7fZkZXlYtTzRH66n9JHYR3UDlpoCk6cyUaiHXLCJUwgY-BjWb5_9Qc6Hi5CVuGjXHnUxzVMq2NOAQCDIz19W3qIptd3xQPDwZ5VEFqvMs9xUf3IiwV2Uh_afGdfIE0GNZaWY-jon5VqQsd6lpFYDyrhRg7fTIzw-0s_LxXjmu0zetompWzIMEaOT2XDw_Y0IU-2V1lhHug-nABN8fcE9RMxFtGBKQhAbtGwvZs9CJvCeMNNxI6IDEf4muvb2cAZTBxpw1EqEsid0BcftMV8kpmz59pcuX9pgxjjB0Mg3WqioUOGDgAX1v1ult_JdXty-h-QshcovzP8qUk_6QxDQMiFTaCdOaRYS2dwU1dYuZHXErZEorZJtmOrKgx1kK6xoIkDGKeqH4QhNWqGTHaq5rhkv9_BmWUBf6inPhuglT9ul_5jUamfXX4i_r5A5kikC64kK266iu-ndp3Q2w2kNmlOi5L-8LmEFowyvOOBLx7ogZOATZBYJcbiSQU23pWv3065ESGOQkm9UyV-yFgQ25kxPWc0-MP_GVvwFMcJW0Y7gOVm5BeGkArS6kX1KZsE3lGTAyO3k8cFUvKfzwVNO1odC5DyeCwkbeJHjwPeVZp8i3UuJOc3cfbb5B177Xm2j80hIoCrA0roeOu_9h2A2aYD3BRe8EdiC2-y6vlwr95sTXwGjBObYIErQiC82Kbejbnyfwi0Zo6KCl3mVSbISYu5E9DE1ScnYj5WYjIYoH-HMg-J1gNFf1_pg7y1ThET6kLKWdHKQyo-vZ9vsRc8cNTLFDcIMzgSxW7vR3UcxvrmoyeX5_mkjfR3LRbUs1FQWWnWKhz3YLdTKuogralSvu5nEmg2kzYZKDznKSDd7FKc5jNQDFspk3Tk5-jtxj8RCg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=COygt96VqIEDFdUOaAgdAswI1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158
adservice.google.com/ddm/fls/z/ Frame 63EE 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COygt96VqIEDFdUOaAgdAswI1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COygt96VqIEDFdUOaAgdAswI1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1551613707643.158?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 431F 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2373316999303&version=m202307240101&ct=76&x=1&cor=14630770024622246000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7764 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssorlK8IKk1GsuPtfYyD6YsyiW1CkOjsM7xBp5zqoPsBjzHcLBkjdP2x93_RjK-uG_0-7M0Ti3dwhE4009yWWU5cKpBauA7o_bARnA8brXxIeTbc2vUqyr245ipMcKS&sig=Cg0ArKJSzGyN7LEvwnWlEAE&id=lidar2&mcvt=1043&p=0,0,90,728&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694628128866&rpt=2212&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B455 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=195075446264&version=m202307240101&ct=76&x=1&cor=16355129604742314000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 0066 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vMHA_w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame E1BC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QhfGgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 3299 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8Mn2Wg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:02:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C8D7 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=546699507850&version=m202307240101&ct=76&x=1&cor=5628051520045561000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame B5E0 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.77.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-77-36.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Sep 2023 18:02:12 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.77.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-77-36.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 13 Sep 2023 18:02:12 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 7764 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230911&jk=1497590874737874&bg=!sLOls_zNAAa6D61Rmg87ADQBe5WfODwberkexBifgTs9LDg-k1Ctexd4-3bEx-OTIeFx6Rb6YcBEgcayE6M3Wpw1igXeAgAAAS9SAAAAB2gBB5kDAa9m1q_65Jei__rgyxs6lgrQq_8P_V8T4Q40qJlgtqIpIBtdWIl0p1CqrlzfGLeJgmYqat2rWCwE2NEJbaCHe27zzZ1qtFvAs_xQbN1AjZ8-w3b8EUmbIftSu2hRBQVkq3iP79kRQ0rM3a2DZKfePRT_nZCkIe1xVXMgUAGvlFp6CbD4w-9CmJObRm6LOpq5FQG3kKwZiQQ-pC8KVUTIW3iU5cIftGE2kQyTr13QHqdSlFVAdGd7i1UiNv9LRO8aEGwpLt117i_bPK9eWEYTTviekR2RcsQ9NPOQo1mjB0SjAlNXrQEwrw3TAXnAmOEp-8voH_Xhb8dLq8cgopNhNHDpk1BKgmu0BBnB_Wu8UFAZHaXTgn9-AiogJmwJW5BCYPm1EhzMam1VzIg0sCOsFSEe1PR64gM0BZSPuNwBQPtxHFGuTCfAVjaC2hw4cWpavMsojEDFJmhg5J_zTqXEncmq32e54TR8jWpfFiracWhHuLE-nbOM7rbeRPDuqCZ1gU3xRzIXfkRqu-Kv8eyieHHtuovcC3eqwfnbMGl4jcMNgvAaFnnoD98y4_a22bM3ZG6zlBl12b3wjiZy-uw2a36ZqVyhtwuk2bDAtxtGjp5GMGTU41vJkDWlUjsGhzxRobjn9f83w21FR7UVEcNPPs6YCs-LBs0yTxmE4H7SBiI-y-xH81W0QPFPt7pzCleaf8-PcUmgEjvyGqGpH1r-Eq9KoWXOhJW_rPf8ZBFeKgoW3EU_BVKeBNCDzwKKNYGWZ2O7HVBtwtL7thBE5Q-7NABCuq8Xeq4N-SXnjv_XjYwo7632v2IGMRNj4FjD7zETkc0vrUeYjh_r-twrBACDq8BmIdOROJXc5VFwA4I8uggrdy2SoeNCpupAWe69xbe3qXUath0XMLH8p7tVgy_KyaRsi6fEmNdhlabiXFxDWnQqnn8dwks0x-7ODDTBT0YoFdmMB5wmTP_y2-3wSb-MKqVrOtywLFiN-MBYJ15flv6gt434hiTNU0ScpDtez8RoSoA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6B39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230911&jk=1361259775491942&bg=!EBOlE1zNAAa6D61Rmg87ADQBe5WfOI0P4jkcu2KQpJmdYCpVoKUa6dPaXEub4O7Xb7dT67kLcy-ZY4LxXXqJom3dV_FWAgAAAQJSAAAABWgBB5kDB4vxawesF2x8UVYqHNFdVU3twZZAwvcuvnSDWkb5gb72zNFWsVJBQlsz_VLecTXms86PWe3EE_ZrXkWRmLCglZfvohU13T4N5iQGA341b22j0jrkuj6RfNZVPhIX9_KaUbJAT7PlCjgqVSnKsXY7k3ReQdCbv4citNA4CVhnaf26EQDtdJXa_KF8FkcfRfSrKxTO7efQnMsLIEMcinInc6JaYX6M9jJNYkGou1O50JpAWGS3iRiqb72jhHuzpePqPJDAxk4HNDh_uS1zbg7mbuFB_-HWOq4QjbVzfEamm-vWmrguw67JJ7bCE1bFk7Sa8QNluxCbVQU2OXQPJvUjtNAdnQ-mh3jzgo6IfpKot29mW2JxzT-XdK_m0BtVZrEFDOeek2zNBfFe1lDkXb1pjdMDtLdvDfhrhQuh80VkheM1wekcxNHxRFaH6Sohh2E_f8Dg2wzUDyXDY1CNCa9l7XrhpdF1rmc6IKdytZswxPg1JDLc390dgb47SHR1L3ScftS-9ZRldMovBljWIWrURgshCKI2bu_3xePXGGj2w3jhV1FsVsTJdJJLeTBcj7_FCE-eRWiJ0cujH03PTSVTWhvFo9TU5bWvDRlK3USwfruer-yFRESGfrU9CLBtWw4xtBvl0IyML3zyJK9wOQ326PHvPxfRcGYVSfyn8pFqLB2Psgeeg-zrk1FlsNt6SHCs09EO8b9f9AkMcqm4qDBKD0Aucp2hLQdp-NbJcPWFk8z8I3gcgd2BT4OlbrRyQo9Gup7BdbVfsXXhqEXoeFFfYKrxQHFWkCM0v3CXzTQJTiYs--PSBvJNotgAD3Qo_dqOxEOfuoQjuPt-NzeWHeJ_pQPg78hVkWdsEwt4jpPhxs1SgohMa0_cSUh1Cvxq6c5ZQT-OhrGqJU3l_3Sc23s55YDIDOadjVxDL5c54Z-_tkUFkBl04V2Y6eI3cHKZpA5PU4qGJwgv6QBVip_DvzCoi43vTDJ4_2uRW79CLnM0lUB7sMabaECY5wBmyDY-6V7CbM1X4YHu0Qk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B3BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230911&jk=891632888952585&bg=!FBelF1jNAAa6D61Rmg87ADQBe5WfOBwUD2Z4oHhdGFaD7jjLU3C69sqqXKnoHVNPsliz-2Zdjtuk2qgr8H9rPDRvEM5VAgAAAR1SAAAAB2gBBwoAJnEidOupD0Iha1c3hRmq7i1Kz3c65igNkHHQbgGiElu79bXF1VsDmQMHrjobzK8CnL_v3fdONUVI_WM-Npy2MLnJycAZn8jIukw_M0oMCG5JHORbwtEnAW6FWeE2u_xdQA3Q-1ClhPlZ2M1ybkgbtIj_UaCL6GsY0-1l3UJmlB8WjiX9HN-mTj-0knsDL7_Vdkiz91gB3t2ME1UPcEqeX6lJ6oK8S4em2mvrTHDrMfv1E6xHJMK58Rs4meI4lFwF5UUj2jBLXkmRiG-sIOhkEc0ktNTTFd5QRTyD2Jrk5Vq4JdIv33V9vNTSnip4_Yur79WoRsRJiQsRg1oO5yv0rtjgdOF_OhgYsGpjOWC9ST0UuxWZ51PZfHAyvNlZQEwxrcHXiwlswbiV2X-k_gpoQ76NkAYbF9oK9_qgF7xolyXth2XueU_5QKDLcP1tsCARUh6kkM8iBv07a28p7J7xXnMMN-0a6in3u6Lk1wF2oJO-VFpvDLI55NeGITSySAJvXaNblOcvOZH_q5RJM8RVWUv_CAu5m5KO4i61QULC4P2iqi1LSj_UNV98_0_YBrPjhEnK5fJObq8sSo9BluTigsBoQAe3RFpaJRWnrys1iyuFTGP3xucbB2rvXwJTpukXbVYOFn8thFk5W2ExCMAfOsN-OA1j592x2n_W6ARNAtpwAaK-Dl3XPhpfwHEiPj6Rpu13HAOhCOpVZg-q__39oOEEW22kiZgWJQt71PNoF-kZUlySZxZvGWXLuF-CgrteDj0K6Y8ljp0qZpGjpmcURKeIPUI1KI2zF145wEjfjDz2uzWbMrFGdYZn_uTcmyJkh8GRMoGRW_9bBrj3uRDewk8LnB7_TbBfLxuC-ZQTysvs7gZuUlC9O5L1DsV_UYa5YB9Y3lb2zsyNoSwMSRqKGrq3yNhjE8httldm9y8ZORb1nxSqj38KFcr_xiSZ_X4sihw0V4u8oXv5jGEx-eUfvJfEq8wag9AtjicPDyBNwaFwl1T_oOwso3cNhDNTYxRoLKMSl_o-xJEzQwboDLzQ6qb0KQA3-7mQUqYpwqKBAUwnQid85rLRILUbF0eox2l-0g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5E0 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8439432906691&version=m202307240101&ct=77&x=1&cor=815246409079483600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame F0C1 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 21:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 21:22:01 GMT
cta-small.svg
s0.2mdn.net/4528404/1687523402213/ Frame F0C1 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687523402213/cta-small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3259ca7d3e09ade842ae522f7808dfc053a5d9bf7e19ea5ae94403558a361e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 21:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1321
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 21:22:01 GMT
congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame F0C1 		2 KB
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13317140552759280862/index.html?e=69&leftOffset=0&topOffset=0&c=8mpvWjtlWw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 16:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5767
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 16:26:09 GMT
dc_oe=ChMI6pj-3ZWogQMV198RCB3dNQD3EAAYACDwwe5cQhMIkfzX3ZWogQMVfAKtBh0FPAoC;stragg=1;&timestamp=1694628136716;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame C8D7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6pj-3ZWogQMV198RCB3dNQD3EAAYACDwwe5cQhMIkfzX3ZWogQMVfAKtBh0FPAoC;stragg=1;&timestamp=1694628136716;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI6pj-3ZWogQMV198RCB3dNQD3EAAYACDwwe5cQhMIkfzX3ZWogQMVfAKtBh0FPAoC;stragg=1;&timestamp=1694628136718;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame C8D7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6pj-3ZWogQMV198RCB3dNQD3EAAYACDwwe5cQhMIkfzX3ZWogQMVfAKtBh0FPAoC;stragg=1;&timestamp=1694628136718;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 18:02:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8PQXaHO_Dtd359JNFz91qXWQoRI5eA-VXNkuzXH1aLsTNyr9XC4gEpEABkCtRfHiV2cqu3SUEHGfd3zX1oypTB0W-gzqHCPwiN6bwXC8TZmRdiMlW18XN8QApq_V6&sig=Cg0ArKJSzINZDi902V3hEAE&id=lidartos&mcvt=0&p=0,0,1,1&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=19&adk=1862267292&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1694628129677&rpt=85&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter function| FormProxy object| __AMP_EXPERIMENT_BRANCHES number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

35 Cookies

Domain/Path Name / Value
.statcounter.com/ Name: is_unique
Value: sc12916097.1694628127.0
.statcounter.com/ Name: is_visitor_unique
Value: 1694628127320883889
.xgcartoon.com/ Name: _ga
Value: amp-mE-qm2K6ZkN466KOFG5q1g
.doubleclick.net/ Name: IDE
Value: AHWqTUkvXTcxEdCZZGhFz2idH8PkYgirUur1LheTANWahS0yaX7penS6bKSBcMrE5gc
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?a<hNw<!@wnfH8K6pQK`!5=E<*L5?%Ln.BuD@a3R@Oe5Q%MgOw''giEnW?MMsQu*dFZ%nugO%v4VB%nnz_*5!YM
.casalemedia.com/ Name: CMPS
Value: 2193
.adnxs.com/ Name: uuid2
Value: 6410046415358841493
.doubleclick.net/ Name: APC
Value: AfxxVi7Z-s41jRyDkldcHlivvBthsIMEoLe6ZZo8uIkgTnYtRQp__Q
.casalemedia.com/ Name: CMID
Value: ZQH5IudasACriT-z7wNsSwAA
.casalemedia.com/ Name: CMPRO
Value: 2134
.csync.loopme.me/ Name: viewer_token
Value: 9a98909c-58a1-4ecc-8dc9-bbd360b57d4b
.ctnsnet.com/ Name: gid_CAESEGRqHAbOVChyAXFEaE4EBhs
Value: 1
.ctnsnet.com/ Name: cid_ba3b39bb18f549dbba27ef8132955c2d
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBCL5AWUCEAs3REnNhT1osXEd9e_Da8QFEgEBAQFKA2ULZQAAAAAA_eMAAA&S=AQAAAhjpO8c2v7nY42293GBGIF0
.3lift.com/ Name: tluid
Value: 437632251393323412883
.quantserve.com/ Name: d
Value: EEkBCQH4KYEA
.quantserve.com/ Name: mc
Value: 6501f922-b43fc-daa71-64f75
.adform.net/ Name: C
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ec865b95-2aa8-4893-9fb6-5d7098b436ae-003%22%7D
.adform.net/ Name: uid
Value: 5104422284770735130
m.exactag.com/ Name: exactag_new_gk
Value: 33881efdd5d84a41ac88965e07064f67%7C12.11.2023%2018%3A02%3A10
m.exactag.com/ Name: exactag_new_uk
Value: 3591c4e45da44d528ac1d7ab7e02cd0a%7c
m.exactag.com/ Name: session_session
Value: 83638f7f3f5e4a59a0d939f7
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 759a9a297dbb06aa
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ec865b95-2aa8-4893-9fb6-5d7098b436ae-003%22%7D
.simpli.fi/ Name: suid
Value: 588C9DD8C329440E8BBCED6D0378EAEE
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 51E0992F-5086-40AA-96B8-EDD9B7454961
.awin1.com/ Name: awpv11601
Value: 113440|1694628131|a98b1820-525f-11ee-9f65-22389f6b057d
.awin1.com/ Name: AWSESS
Value: 357526:3266505
.w55c.net/ Name: wfivefivec
Value: XWQzF95K1QGubN5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZQH5IwAM1NR-FgBV
.w55c.net/ Name: matchgoogle
Value: 5
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1694628131914,"clickCookie":false}}

2 Console Messages

Source Level URL
Text
javascript warning URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Message:
The resource https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.xgcartoon.com/detail/guaibingyilamuniguaibingyiramuneriyu-adai
Message:
The resource https://513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

513def15f20f0f4a4e0d688b74416081.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
77e669e4a0397f5c205335777bd4c303.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90009.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
ius.ctnsnet.com
m.exactag.com
match.360yield.com
match.adsrvr.org
medialead.de
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pv.medialead.de
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static-a.xgcartoon.com
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.xgcartoon.com
x.bidswitch.net
pagead2.googlesyndication.com
104.20.218.77
104.75.89.75
104.80.244.96
13.248.245.213
13.42.176.194
138.201.63.149
142.250.181.226
142.250.184.194
142.250.186.162
142.250.186.38
145.239.193.130
151.101.130.49
169.150.222.217
172.64.148.101
178.250.7.11
18.197.176.130
18.66.26.39
185.86.138.150
198.47.127.19
2001:4860:4802:32::36
213.202.235.9
2606:4700:10::6816:2e93
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a02:fa8:8806:12::1370
2a05:d018:d29:3605:cca0:8b97:e855:348c
2a0b:4d07:101::1
3.9.77.36
35.157.117.145
35.186.193.173
35.186.253.211
35.204.158.49
35.214.161.6
35.71.131.137
37.157.4.29
37.252.171.21
46.228.174.117
51.89.9.253
52.16.101.30
88.99.165.19
94.23.99.218
99.86.4.52
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
05fefbada7c33ff4c9274a8b7490f5f488ba9b7f07ff337f3461571213123c63
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b16835431577149d11c330372b08ee079e17e4f90dc5cc51591ef2beccc4fe4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbbe27a91eb385c7f86d2203bd841747096782df337bae2afdb74cf4fe90258
0d8f80e3310929ff98c923842f94244b01c32ebfae5f915c46fcb821d715ec3a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
1e8d7b58a7d85453ef7267e187eddd9181d35c4c8d2393ed9563aa9a0089e2d5
20dfd108d75fa2fd6d2b57a0d74c86e7dd5e7c27750e3fd0b83d3cca754da139
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
245d41c4771ccefa093778d0d5c19f1e34ce1653f30957b173393190efcd0e76
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2adf405f8219aabe740003439ad133f617748bd6ca29a389c06cb284b6b74981
2b008e2d24c323d54b6dd52be567dbd4195270d43a614beb75b23f5bc80a2c16
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e9be7d495c1d94c5f282c62534e174d4c228ef96bdebb73aac72f0834a1df0c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3188e9d1bef7774813d2ec8b043d7bd3466ed8ec9091bc81978cea5317064145
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3259ca7d3e09ade842ae522f7808dfc053a5d9bf7e19ea5ae94403558a361e86
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35e4077beb1931b546f070dbf3678d08e98d7be71c587dbdaccfbb7b96e84ab7
36807cb9cf740aa3b279e5e4f10d2cf67d413e253adbd2b58c4d251ab4c47c9a
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47db23f3ce0dde244b99ff5ab1248750a4a8d20d14db0850e78d0e955317c919
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c987d5fc9e4062b3f219ebaf0c14813ce7c062e971a82b32be4e5c4c6553252
4dc48cf4a6ca51b081d0bb595f023105857c72b2b863d584821775c406792811
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51521b1988b5f1d5b5557993191b5078c554ed9870801231234fea585f5f11b6
5171398ce719dee36981f906cd671e5edf5e0c80e3e6c6ff4bcc8637c4e5c023
519425864e1ab04422a71c1adbad8d03badd4b6eeb345970ac5cc2633adfc922
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
540dfacb5653359db263f2d751b3494596b42b5acae30bc379eec33e87ed40bc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
56e70ccfac2f6953728129e525dabdd42d5350e82d54c6bb09ae99a6f62632ab
57ed72a6515bf49841a34fdcd565639c32984b6eaefa786b93eccd32f4503a7e
59e2ce8e4261ee96601f365baff5107208672c28b5956f54636511cbd0cea93d
5b18cdc5416d36448979c98972f96e0028af36c985416419b6191aff9968405c
5b5bf86558934b68f6a6284900ba8f733bd7c22bb3c72bd26471843a44bb743b
5cc4807a3ca471b5bb06c437fa6e08a1e17d0a293dd1de1b5934dd4c8b0a94fa
6095fad790e511839a14a66d15e9fbfa600785775af3ad02e7e412aca2974648
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
640e688524f77b3f2fe966f41d5cfb87a0b2787d265f482cfe43eee6b51dd1f5
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
6a1fd2a2caaca9f57f3598f6d2d4f59e143c214d144f6f2d06c92c501121e959
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6e8f822523f161efbed327dae83ec232aa5e5c199c863fbe88b22a2de86a8751
7076342608a13c13dd5e536f950ce20c7dd773c054de15807e6769af6f141dbc
71b05f6ee32e59a76a93d2717dce5041e504dc287221285cedc7965efed89300
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7e8d9d6282ac349cd48be272b1d8a11e98ef6c37eb0a274dbb6fb730d07a44db
7f78bcfb24cdfc6217359b967f4200a9bf32244c549c04bb7f3e681e1430c678
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
82176ff8e8fd00cc8e0bb14b0512821df445e687933e2bbbaf9f2d885f7fa12a
872e908c3a8f66dcf9c76041b312ae517699643eb320e1036e8404b4060e8ad0
87d7765b7f94dbd192212c56ff8af2a1c25c5b70f0f0fd139a434711acffd4b5
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8cd376d8393218f676b2307d0a61f4ad4755417507af59621dcffb426b719b5c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8defaa254720283d5fa282bbc38df8d5ab8a0eb304e9314ef2a6d37b1eec6c1f
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8f6f75b27916e760410a9f5e799193a6b8b93f82ed224c807179fb0c3df0482a
91a6a0a3affe73abb351d92018296ada9e0786a8ff022505c3561faae4de482f
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
98d272b4525bce1ab0accaba6ccae87c8b72e24ac77f7b76fa2ad10ed8a5fad5
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99b1d7db2f0f8254b026b0a82fe6e2cc4116231259d4dfe7f4701e5a424b41b9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8d249516d5670b0841e167898d77db05f4ead4fe78dc6204835e0c076afa7a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2d0d3fdc1c807ba04b6a66564b4db6c0a1d997cc3b655e60f9ae294c5668225
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af
aa55b046b78a4ccdb2274654adf8593099d0803ab829e39a7b454a0336a2514a
aaf5ffd9644dd21ebe7b2c371532049a1b29dcf257cfc32b6d4047b72c2bb47b
abb10cb48ee591b0c9f225840cbe5db42325f2b8a6e6de024d42f1b35d2c05fb
aee76cc265a32f96f1299fadae425b1b77be17690b471aa6c4c58fd9779c3080
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0ab616b1a74fb45f9075d33e1eeda880f5f0050a54831353331c04d0b79e689
b0d72a01e38febc03edb1ebbe3fb5b88e3976f7f5653af916be131ed3259bddd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b225c5826feb7986ee93abd39e79e7182261da719f75e391111deeec8002f210
b27e3af518964c62659199b1b07a9ebb795f2c0f6a84763ddc4095c1f2d1cbcb
b408113887865a0b8c205fbe2db23859c3f6a29bcee9881c26e6b767ddd63768
b8099219606d194ca3d95d11568798a1aa902283ac9cdc90327c743388960d17
b9f336e47e29bf067293b51d3199c99d2c9bfffd0f01e3dfc9d0a238a1f47d6b
baeb44fbcc34426a9ecaa6da2af021848c04d86850235f2d53503f7e2abf6df0
be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c2313b832ea2d9d8e3c1b5bd2b9ca3498ffe84065c84294ead0a6617f8c1241a
c56bee01d221acab0c08562d7fabe75cb4c32afe2435a02717f0b57eb930f5b8
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
cc24e5875cea1e3e193a5db3dcf914dcfd007d0867b574afea644a9925175952
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d28aee2488fb44ce1d0058dcf890736bfefe3c7fe0772bef796cb0b877b40a6c
d31528f47a5c670e7fbe2c7e3737d1a093c0a0f187a0dc672306ae63a43370f8
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d9233f0645a25adec43251fc2e31a915896cd1ce383339ba73feca0142b0e012
db5eea0f827b8a7e5ae6bd6592e75553d0c1d62dec3c071deefa899b63cbece2
dc1cf1deebcf71a82fd82a70912c91900795d166e666e7d0e02c4ed3f97abae8
dd1f222ed588ff54d55aa5c2436e07078d42a2afd59a7bad16753d1001b6e93e
de07c17694b3b586ecfea8692d819b3fa27a3ed4d895cbb25c48a1c52a8a9d26
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d
e09d300a54d614f62d5471655333539347ace9e81a343eaf6f25b04d358eadbe
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f336ba03f93a51a67f563402bb66f9b94369f61cb6d932b57832ca37a50e30
ecf56b2cabe2c48361ca22818fa72ed1f7fcc164dd5c57868f112ba49dd03f6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8e5e7748228eaf2a0590721245ba6db44367a023531eb1cce6b212f2fdba7a7
fb001269ace58f64fab7a50f047827b5ede09a938658eda1697b2c650982db93
fbce58114e1f25a8bee60afc62603b2d1dfc8a6e54a039961c4110545c6bbc99