urlscan.io logo urlscan.io
SecurityTrails logo

www.xgcartoon.com Open in urlscan Pro
84.17.37.43  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Submission: On February 05 via manual from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 7 countries across 22 domains to perform 126 HTTP transactions. The main IP is 84.17.37.43, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com. The Cisco Umbrella rank of the primary domain is 797467.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 84.17.37.43 60068 (CDN77 ^_^)
13 142.250.180.193 15169 (GOOGLE)
5 104.22.46.147 13335 (CLOUDFLAR...)
4 142.251.208.162 15169 (GOOGLE)
16 142.250.201.194 15169 (GOOGLE)
4 142.251.208.129 15169 (GOOGLE)
1 172.67.73.112 13335 (CLOUDFLAR...)
1 142.251.39.14 15169 (GOOGLE)
15 142.250.201.193 15169 (GOOGLE)
28 142.251.39.2 15169 (GOOGLE)
4 142.250.180.226 15169 (GOOGLE)
3 142.251.39.34 15169 (GOOGLE)
4 11 142.251.39.66 15169 (GOOGLE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
2 3 185.83.142.19 29990 (ASN-APPNEX)
3 142.250.180.228 15169 (GOOGLE)
2 142.251.208.166 15169 (GOOGLE)
1 2 46.228.164.11 56396 (AMOBEE)
1 91.228.74.166 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
3 3 18.192.29.165 16509 (AMAZON-02)
2 2 3.121.253.189 16509 (AMAZON-02)
1 1 51.89.9.251 16276 (OVH)
3 3 213.19.147.45 3356 (LEVEL3)
2 2 13.248.245.213 16509 (AMAZON-02)
2 142.251.208.98 15169 (GOOGLE)
7 104.16.12.64 13335 (CLOUDFLAR...)
126 22
4    84.17.37.43 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-43.cdn77.com
www.xgcartoon.com
13    142.250.180.193 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f1.1e100.net
cdn.ampproject.org
5    104.22.46.147 (None, )

ASN13335 (CLOUDFLARENET, US)
static-a.xgcartoon.com
4    142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net
adservice.google.com
16    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
4    142.251.208.129 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f1.1e100.net
b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
1    172.67.73.112 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
1    142.251.39.14 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f14.1e100.net
www.google-analytics.com
15    142.250.201.193 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f1.1e100.net
tpc.googlesyndication.com
28    142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
pagead2.googlesyndication.com
4    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
www.googletagservices.com
3    142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net
adservice.google.pl
11    142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net
cm.g.doubleclick.net
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    142.250.180.228 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f4.1e100.net
www.google.com
2    142.251.208.166 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f6.1e100.net
s0.2mdn.net
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    18.192.29.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-29-165.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.121.253.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-253-189.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net
googleads4.g.doubleclick.net
7    104.16.12.64 (None, )

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
Apex Domain
Subdomains		 Transfer
47 googlesyndication.com
b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
678 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325
107 KB
13 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 358
254 KB
9 xgcartoon.com
www.xgcartoon.com — Cisco Umbrella Rank: 797467
static-a.xgcartoon.com — Cisco Umbrella Rank: 716919
359 KB
7 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8206
93 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
4 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
4 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
193 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
3 KB
3 google.pl
adservice.google.pl — Cisco Umbrella Rank: 28681
861 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 329
959 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 507
2 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2177
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 748
r.turn.com — Cisco Umbrella Rank: 3187
869 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 283
39 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
576 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
336 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401
586 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 632
464 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
256 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 47488
2 KB
126 22
Domain Requested by
28 pagead2.googlesyndication.com b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.xgcartoon.com
15 tpc.googlesyndication.com b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.xgcartoon.com
13 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
11 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
www.xgcartoon.com
11 securepubads.g.doubleclick.net cdn.ampproject.org
b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
www.googletagservices.com
7 c.bannerflow.net s0.2mdn.net
c.bannerflow.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 static-a.xgcartoon.com www.xgcartoon.com
4 www.googletagservices.com b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 b9468406213763d78a193010488809c9.safeframe.googlesyndication.com cdn.ampproject.org
4 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
4 www.xgcartoon.com www.xgcartoon.com
3 x.bidswitch.net 3 redirects
3 www.google.com tpc.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 adservice.google.pl pagead2.googlesyndication.com
2 googleads4.g.doubleclick.net www.xgcartoon.com
2 eb2.3lift.com 2 redirects
2 sync.1rx.io 2 redirects
2 a.sportradarserving.com 2 redirects
2 s0.2mdn.net www.xgcartoon.com
s0.2mdn.net
1 sync.targeting.unrulymedia.com 1 redirects
1 onetag-sys.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 r.turn.com www.xgcartoon.com
1 ad.turn.com 1 redirects
1 www.google-analytics.com cdn.ampproject.org
1 amp.analytics-debugger.com cdn.ampproject.org
126 30

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G2		 2022-09-14 -
2023-10-16		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.analytics-debugger.com
GTS CA 1P5		 2023-01-22 -
2023-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.pl
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-10 -
2023-06-10		 a year crt.sh

This page contains 21 frames:

Primary Page: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Frame ID: C5B1C44166A005FF94A5C31B08A945DE
Requests: 31 HTTP requests in this frame

Frame: data://truncated
Frame ID: F1DC17CF1F18FA2A72C31ED0B089FD9A
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4B4D758BD0616CE6D4FDB99B22FD9BD1
Requests: 1 HTTP requests in this frame

Frame: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: F00C1610A3F04FCDC27D3C73E8173FB8
Requests: 12 HTTP requests in this frame

Frame: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: BF844AE796833D19A66EF9999AC4017B
Requests: 11 HTTP requests in this frame

Frame: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: DE41EFC962851BAC1782F5D84A9014E6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031639&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377424&bpp=17&bdt=316&idt=220&shv=r20230201&mjsv=m202301190101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2838434248&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071766%2C31071948&oid=2&pvsid=4247938994644921&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rz48kzh1pubp&fsb=1&dtd=240
Frame ID: 528EF68022BCA6C67C3427AB01BBC373
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=1831158112&adf=816031632&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377478&bpp=21&bdt=361&idt=221&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=2&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2838434248&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31071765%2C44779794&oid=2&pvsid=2847370730711133&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oh42fllj0crd&fsb=1&dtd=235
Frame ID: 5D85C2733CF2F569C6AEBE82B091FA74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Frame ID: BCA6F78E566D15F5C3DAF4BBC6EDB7FB
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY_9-vzQEwAQ&v=APEucNU6qhhxe0cDnnPvPAcBBTZmzHEBnySVxSo4FVkjy3hs2b5xqNBoMCG3Gpry76zKV3mevql3ANhrs36_LpuU2FOOfTaaGny02mS4uPctvbbziBRlyHFHL12_JQs7A0XPhs5WOVq8raA8xe51vF0a8npnO-FaFDYHpKHWNwUnAPhRWWt0XwU
Frame ID: 26336AE20FBF87AE37A1765EE4D310A4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C33BF32A9901102C840EBB2AED22DC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE8AB4552575D46894AEED9E137A4DC8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A8B61B78A9BB29F30289F947DC9089E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52B7B6394F209975D909C04553E8D1D0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 490DCDBB3FD786F06DB83DFDE7F98907
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3DD9A641728746994084A2BA655B4972
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12049936552671838208/p-aj-pl-prog_display-prospecting-great_service-office-2022-w26-Polish-728x90-637910740613807534-5740437d-f9eb-416d-a5cd-c0730cfe3521.html
Frame ID: 2B18A325A59365282EBF9898C3619312
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DEB5690872D895D254F30E314F6CD6BB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DAE40F612A72FB2E8BE9DC612B3AE2E0
Requests: 2 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/e8202294-07af-4b2d-a8ef-f7b9d52c9fc9
Frame ID: 02D7B9157939D3658411903C7D89308C
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Faj-produkter%2F55f6c9c5163b58e2a8681ac3%2Fimages%2Ff21bfe9f-5ff3-4005-a50b-1dcde8514ec2.jpg&w=3000&h=927&q=85&f=webp&rt=contain
Frame ID: 9EA4225E95F828DE95A81725CA1E8813
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🍹畫江湖之俠嵐【國語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

126
Requests

90 %
HTTPS

0 %
IPv6

22
Domains

30
Subdomains

22
IPs

7
Countries

1732 kB
Transfer

4492 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6phKvbNEjX7vygZULvRdI&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6phKvbNEjX7vygZULvRdI&google_cver=1&C=1
Request Chain 71
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9.WQpwESDNnnZVRuJKBaQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6phKvbNEjX7vygZULvRdI&google_cver=1&google_hm=2
Request Chain 72
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFFs2M1TRs4fRahN4_4eQO4&google_cver=1
Request Chain 73
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MjY2NzAxOTcxMjczNjkyNg%3D%3D
Request Chain 92
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEF8MhJiodB7o9YEiQMY8aPc&google_cver=1&google_push=Aa02lx8sT7mCvhD2nvaLRNNhjEoMWjFlKZ8JlPJ-wF5ejtiVxvsXQZf0Ig76of_jTbepGUZz6Ia_Let3lhG1C0KG78LdWEQxVhjW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc5OTMyNzgxMTE4MDY2MjI2NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF8MhJiodB7o9YEiQMY8aPc&google_cver=1
Request Chain 94
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBvt6TQq-mWQ_VFLO02bR-4&google_cver=1&google_push=Aa02lx_vxfl-7neCLDUSmkL4i_YsTkfj5iaJFfc8lLpW7fpWwG42s8eZWC0p15RhngnJvxy7UDQirWRkMp5ZhNUtdhfSDLF2dyrrqA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjYzNTkzOTgwMDc0MjAzNw%3D%3D&google_push=Aa02lx_vxfl-7neCLDUSmkL4i_YsTkfj5iaJFfc8lLpW7fpWwG42s8eZWC0p15RhngnJvxy7UDQirWRkMp5ZhNUtdhfSDLF2dyrrqA
Request Chain 95
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJvki4414BuQ22QHEzFELJU&google_cver=1&google_push=Aa02lx8HzHSFt9wLp7oNQx098Qd7Ao-CyoG6q3SIPYbvbPqGOnqLgvUmjw1FmdPSHlIk_PnJ3azWqZ_KGqbB-vlZCzBlZaOrA4Sr HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJvki4414BuQ22QHEzFELJU&google_cver=1&google_push=Aa02lx8HzHSFt9wLp7oNQx098Qd7Ao-CyoG6q3SIPYbvbPqGOnqLgvUmjw1FmdPSHlIk_PnJ3azWqZ_KGqbB-vlZCzBlZaOrA4Sr HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6dbc7b05-0407-49b9-82e5-f1f7f587c16c&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8HzHSFt9wLp7oNQx098Qd7Ao-CyoG6q3SIPYbvbPqGOnqLgvUmjw1FmdPSHlIk_PnJ3azWqZ_KGqbB-vlZCzBlZaOrA4Sr&google_hm=C0GM_G9wQU6cI_NGD50HWA==
Request Chain 96
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBEr0yS1koeLZmvFSqbqPjQ&google_cver=1&google_push=Aa02lx_4XFmqvzlZPTFTGim53HC2wJwPSYB_dQ-7lgBx0_ALhzfWQy8Sin7szEv5hFwiYokoukcGLyxkThxlEGU_H1OowdXUNJ0I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_4XFmqvzlZPTFTGim53HC2wJwPSYB_dQ-7lgBx0_ALhzfWQy8Sin7szEv5hFwiYokoukcGLyxkThxlEGU_H1OowdXUNJ0I
Request Chain 97
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFrOhn5k4-ihGb0bsJ_AJOQ&google_cver=1&google_push=Aa02lx-_2Fh7Zd12n1rMPWd9-JnOf-_noscJ6NgBN2MI8UExgbddS9G0Z_7qPmXShSOFxY2Yr6ClwF5yRpe5Mt7Qfq9mjCW2iZqriQ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx-_2Fh7Zd12n1rMPWd9-JnOf-_noscJ6NgBN2MI8UExgbddS9G0Z_7qPmXShSOFxY2Yr6ClwF5yRpe5Mt7Qfq9mjCW2iZqriQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675597378551 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-580f5327-3a17-481f-aa6c-db6b671f8571-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-_2Fh7Zd12n1rMPWd9-JnOf-_noscJ6NgBN2MI8UExgbddS9G0Z_7qPmXShSOFxY2Yr6ClwF5yRpe5Mt7Qfq9mjCW2iZqriQ%26google_hm%3DA1gPUyc6F0gfqmzba2cfhXE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-_2Fh7Zd12n1rMPWd9-JnOf-_noscJ6NgBN2MI8UExgbddS9G0Z_7qPmXShSOFxY2Yr6ClwF5yRpe5Mt7Qfq9mjCW2iZqriQ&google_hm=A1gPUyc6F0gfqmzba2cfhXE
Request Chain 98
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKcf9xiZpQ-4Nth5tWV1uWI&google_cver=1&google_push=Aa02lx_kRotQAS26Za9kXbyyZrx5lCs6mMEGGjN4XIjEhFwb0V6FCOdMVLErpzfor94RRRaMLm8hBjrCO9PR3r-hL7KwwxVh-4oKbg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_kRotQAS26Za9kXbyyZrx5lCs6mMEGGjN4XIjEhFwb0V6FCOdMVLErpzfor94RRRaMLm8hBjrCO9PR3r-hL7KwwxVh-4oKbg&google_gid=CAESEKcf9xiZpQ-4Nth5tWV1uWI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxNDM1ODU1Mjc2MzEyMzkyNTUwNw%3D%3D&google_push=Aa02lx_kRotQAS26Za9kXbyyZrx5lCs6mMEGGjN4XIjEhFwb0V6FCOdMVLErpzfor94RRRaMLm8hBjrCO9PR3r-hL7KwwxVh-4oKbg

126 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request huajianghuzhixialanguoyu-guanxin
www.xgcartoon.com/detail/ 		85 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6cc3828792d72ef93e6860cac0807c46c6e1f2a4d9ae47d984ccfb21c6daed63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 05 Feb 2023 11:42:54 GMT
ETag
"15354-3jIHvfE9Y4AmcuqOKwBrY16u8D8"
Expires
Sun, 05 Feb 2023 11:43:54 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
ed0293e1640f7af7551ec7175f78ffda8da9e8b834189732fbcc3aa0fa41450d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Feb 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72688
x-xss-protection
0
server
sffe
etag
"674edbe596924c0a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Feb 2023 11:42:54 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
7ab7c9af43dd94efa0cf5362d9ab7902728051251a3875b39d7abab35258a16e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Feb 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23089
x-xss-protection
0
server
sffe
etag
"8d2b4bf31173f520"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Feb 2023 11:42:54 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
8c4782746496d13d1a037741305f1d07a00ac457b2cbd431fc01a6a14e94802c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Feb 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9473
x-xss-protection
0
server
sffe
etag
"c6321f616f371dfa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Feb 2023 11:42:54 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
cb6731124d8b36e7fe0cd3a1bb09a3980ebc59fb4bbde274f1ad7e1b6acc22ef
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Feb 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14977
x-xss-protection
0
server
sffe
etag
"1d120f1cc7733352"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Feb 2023 11:42:54 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
0aab3d6b4165ca27cf899946ebfdf34ac07c682c31e354d2e81076d7e0cdbe5a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Feb 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14307
x-xss-protection
0
server
sffe
etag
"10bd233c2c6ad157"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Feb 2023 11:42:54 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
25bf5a07c544e52b2a6ea1e716d15b8ff097bfad88dbd2c100a558ca6591d340
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Feb 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10293
x-xss-protection
0
server
sffe
etag
"ffa4662108b82d3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Feb 2023 11:42:54 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
b0e0a2a6b0da4532308b86d9989da4ad3a1c6f00d81a6f3e62d9add193a09122
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 05 Feb 2023 11:42:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31946
x-xss-protection
0
server
sffe
etag
"5023241975e48b39"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 05 Feb 2023 11:42:54 GMT
logo.png
www.xgcartoon.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Feb 2023 11:42:54 GMT
Last-Modified
Sun, 28 Aug 2022 14:10:33 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"3473-182e4ca3706"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13427
Expires
Sun, 05 Feb 2023 11:45:54 GMT
huajianghuzhixialanguoyu-guanxin.jpg
static-a.xgcartoon.com/cover/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/huajianghuzhixialanguoyu-guanxin.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.46.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5167edefebe6b9d9810dc00b6953e85bea711bd96d55e1cdfdf1b718299028a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Dec 2022 04:25:24 GMT
server
cloudflare
etag
"3ABD2A9900BCDD23D05B46E645E9BEDA"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
794b62aa8cc7357e-WAW
content-length
154433
expires
Sun, 05 Feb 2023 19:05:46 GMT
play.png
www.xgcartoon.com/img/ 		470 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Feb 2023 11:42:55 GMT
Last-Modified
Wed, 17 Aug 2022 11:09:20 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1d6-182ab7e5700"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
470
Expires
Sun, 05 Feb 2023 11:45:55 GMT
star.png
www.xgcartoon.com/img/ 		424 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 05 Feb 2023 11:42:55 GMT
Last-Modified
Wed, 17 Aug 2022 11:09:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1a8-182ab7e37c0"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
424
Expires
Sun, 05 Feb 2023 11:45:55 GMT
nixiguilai_wodefeichailaopo_dongtaimanhua_dierji-akewenhua.jpg
static-a.xgcartoon.com/cover/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/nixiguilai_wodefeichailaopo_dongtaimanhua_dierji-akewenhua.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.46.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de355ba9a74c5e74b8de3d0aa6c09148fea7d6b8684c4f3a72a82edd6fc614f1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Dec 2022 03:08:00 GMT
server
cloudflare
etag
"E82C8099111E980DF139D61D2E77098B"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
794b62aa8cc2357e-WAW
content-length
77863
expires
Sun, 05 Feb 2023 07:36:53 GMT
saimaniang_pretty_derby_season_2-daoyangjie.jpg
static-a.xgcartoon.com/cover/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/saimaniang_pretty_derby_season_2-daoyangjie.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.46.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba535611e5fff2e27a2068ed844d262e3a83447b2a79372bf9db69a60d90995d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:55 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 26 Oct 2022 04:46:23 GMT
server
cloudflare
etag
"0795A7EBB74437F8AE518C61120D5E20"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
794b62aa8cc3357e-WAW
content-length
10268
expires
Mon, 06 Feb 2023 19:05:39 GMT
hundunjinwu_dongtaimanhua-akewenhua.jpg
static-a.xgcartoon.com/cover/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/hundunjinwu_dongtaimanhua-akewenhua.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.46.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a161b3bc6eeb3e85b56da701793e9191de031d8b6d3019279e9252f5185e5be

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:56 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Jan 2023 02:27:00 GMT
server
cloudflare
etag
"12F8C0340DA5DDF1E124DA97738323C5"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
794b62aa8cc5357e-WAW
content-length
82063
expires
Tue, 07 Feb 2023 02:13:13 GMT
gaiyaaotemanriyu-ribenyuanguzhushihuishe.jpg
static-a.xgcartoon.com/cover/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/gaiyaaotemanriyu-ribenyuanguzhushihuishe.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.46.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157eed6c4ead2e25dae7f93b28d805b05a0f22704cf6cb2788fbb5e6d51b08ff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:56 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 19 Sep 2022 02:39:01 GMT
server
cloudflare
etag
"31AA2DC83BE0EF020574AAF9B2616514"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
794b62aa8cc6357e-WAW
content-length
7830
expires
Mon, 06 Feb 2023 10:15:52 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
fdb5e0585b3f270c1c7acc5f708c7871e79ea339d4cc30af4503d1f107ad6404
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 01:56:52 GMT
age
121563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2993
x-xss-protection
0
server
sffe
etag
"26c3a73b94839cdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 01:56:52 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
eb1bdcb1c8460c8059269ceb223b709105c98f919a641419db7d703aa642827d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 21:08:39 GMT
age
52456
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3947
x-xss-protection
0
server
sffe
etag
"987306f4076d6158"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 21:08:39 GMT
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/ 		240 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
1ce14301b2157149ea815c904d0c3725c883dcc908a41ac00007f2578702b631
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 13:06:22 GMT
age
81393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64492
x-xss-protection
0
server
sffe
etag
"0099ca0a2c56b704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 13:06:22 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=3008547&ga_cid=amp-KbNIfbTiroDJEj3LUmJxhA&ga_hid=8547&dt=1675597375271&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuajianghuzhixialanguoyu-guanxin&bdt=621&dtd=178&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
b17d1a40ddfabbf68637bff66a353ebd6dcc06f497f584f1ea56c71d0bbcbf11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:55 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampanalytics
{"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYFp4CAvsbF7cCZN0Wt8p5bIgYGM7W7jr4HWtnjaY9gnAWuR2v-VCqVjaiSnZ1iYnkmnSWuDqm3KjEsX5a6grGmRjNCXSulfz_M64LIgKufX8-zFm52GBQOkQ8AKrtZlnukiRW9w\u0026sai=AMfl-YSYANYsnjUBV3H4wmAv0X-HBQQ1We__25H53dgDqhXnG3eRSSHlprizCne4NtpBpi0U2FZueUUnDZk2\u0026sig=Cg0ArKJSzDiJa7iMdMG7EAE\u0026cid=CAQSGwDUE5ymVFNE7KtpxVHCwksKcQ7kqTUB1VpYjRgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=1412529771"],"btrUrl":[]}
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14049
x-xss-protection
0
amp-fast-fetch-signature
google:1:EzZ3TTUltHg3An2jqiz8AU2zhCwZRsqcs4WwN/Eb+gdhTC34hAFXIWu3iz258ou6VQVOHOllxbBymubBdcMvLLDatB5hmZi32NNTVE6PBoqMc36lKJdB85i/zsOO+bbvIFo1IPyttrmG29tjL4QGvL1QNAc9PIrrYt0othGi1zgOhftJsTYnaekfV24Z8qqBigGwaOvIjUXqd2KKRInd/srZi190g0Z9nezc85Ir7gTvXK2ZYtwEG47TuHaAQWOxRamUzrFpgw2aogduuKPFPskqIE18+df/4SjSavnIOeLCIbDPyk2tBgt+pOzxbZPdlqaAPvccQBUVy2fQfDohQg==
google-lineitem-id
-1
x-qqid
CIym8dKm_vwCFdmIgwcdRzYDxA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 05 Feb 2023 11:42:55 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=3008547&ga_cid=amp-KbNIfbTiroDJEj3LUmJxhA&ga_hid=8547&dt=1675597375272&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuajianghuzhixialanguoyu-guanxin&bdt=622&dtd=179&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e48202285d1c54d617a1810667d014d9d4c25b34a2423734f64d8abc2d13c9b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
160x600
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
x-ampanalytics
{"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumIPSlhzbksLdeafYlSnoFyF9NhThcfNt20UoBGiYiavUNK_gsSyWk_aRF45xDwRDni_iNKrwUzeVVzGcqY7-imsi5e5LKwKS-CHeUb51tr8V7rkfRcgkQ1LPDSzCGVjOqv3-jyw\u0026sai=AMfl-YQalhQnJtumpi0t9acCpYWtHDXXUuyqZQJAf-dgdm1TtMnNUAHd-ARmhoomAbCO21uIyaqkINdWxJRc\u0026sig=Cg0ArKJSzMg6nC4TnMqnEAE\u0026cid=CAQSGwDUE5ymyvrLzS8LDgP9L_fhIFT_42HhZh1xXxgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=3018598273"],"btrUrl":[]}
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14060
x-xss-protection
0
amp-fast-fetch-signature
google:1:m+v+A6DPwA3I318n4ab1/rfGxP4sXJayeGm8agmQKZlEYE5JNibq7kjPO3h/zY163LcFNNSWzZ/bHWwFMQ/cQ8i3fBA5qWJIMzAjZA3Y6h5yvPPih8H/2B4mNZXTPk05UC3pzr100dlDiHfITYKsBrY7MO7/102AwQksoPa31f3fHzlVdxHhTGZiT/evJwfEhqtwXX1wp3ii5Yb64zyj62Xw5s+443gm7omA1VVLTEAiqxdO+1HpOR1iNUGH8uE7mv8tN9CbnvzN7ixyEUOlmO/hNFFUA1mUdt1m254JAvFMblyPO0CtpzGC2lNWXVIB8FrKt5912MO9AyRbARPGzg==
google-lineitem-id
-1
x-qqid
COKviNOm_vwCFXUUiwodpZIC5w
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 05 Feb 2023 11:42:56 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=3008547&ga_cid=amp-KbNIfbTiroDJEj3LUmJxhA&ga_hid=8547&dt=1675597375272&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuajianghuzhixialanguoyu-guanxin&bdt=622&dtd=180&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
94abe986ef515ee51a85b846b2b73476ef3f868306be4e3b29c356d36972132e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
336x280
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10644
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CIDu8NKm_vwCFcQNiwodN8sKjg
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027453553
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 05 Feb 2023 11:42:56 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=1608544924&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=673088382&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=3008547&ga_cid=amp-KbNIfbTiroDJEj3LUmJxhA&ga_hid=8547&dt=1675597375272&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuajianghuzhixialanguoyu-guanxin&bdt=622&dtd=181&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
196284876c70ea6b7900b5487eca57ef5967c14bf848867f2bdfa11f7f454891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
120x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10620
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CKTu8NKm_vwCFdmKgwcdsFMGqg
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138351398969
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 05 Feb 2023 11:42:56 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=2565837172&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1627611741&nhd=0&adx=954&ady=931&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=3008547&ga_cid=amp-KbNIfbTiroDJEj3LUmJxhA&ga_hid=8547&dt=1675597375272&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuajianghuzhixialanguoyu-guanxin&bdt=622&dtd=181&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
80108f09a681feeeae76e2ed5acf67fb0236a338e1a62dce1d648c24a3fde49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
728x90
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10657
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
COHv8NKm_vwCFQ_-dwod-fUCTA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324260118
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 05 Feb 2023 11:42:56 GMT
container.html
b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
03e92208d6d8172e560d3cdaaad8ba850fbd17921939d158c652f9bec8df9ab7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 03 Feb 2023 22:10:31 GMT
age
135144
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6658
x-xss-protection
0
server
sffe
etag
"740864165de13201"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 03 Feb 2024 22:10:31 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
e20d44c1b4c43a629f47d6a0f7f393d4f7dbcea8b6c42593d8842641465ae2f9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 02:55:45 GMT
age
118030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2507
x-xss-protection
0
server
sffe
etag
"88d0f622ab0ac3d7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 02:55:45 GMT
truncated
/ Frame F1DC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
982db0fcbf3c641a24977ed82111b7c99c93f56dd6d2a4b6c7170e171b350038

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
googleanalytics.json
cdn.ampproject.org/rtv/012301181928000/v0/analytics-vendors/ 		2 KB
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 00:17:29 GMT
age
127527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
etag
"e1e63f57d8aea27a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 00:17:29 GMT
ga4.json
amp.analytics-debugger.com/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:56 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only, master-only
age
34041
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, same-origin
last-modified
Sun, 05 Feb 2023 02:15:35 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.xgcartoon.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBgxrGttuPCYx2IziUzn2hOgRDDLg8wRS0C6GJ5dMie1g1ZfooQ4%2F3bn%2BpA0he4m83nFEY6%2F2IIN1rPdAYsVIGxdb3PI%2FRvsOnUeqPjYY5DGtADUXsYfGHiSUzb9gtR1XWPZD90BD8h23p1T"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
794b62b0c952bfeb-WAW
collect
www.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=8547&cid=amp-KbNIfbTiroDJEj3LUmJxhA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fhuajianghuzhixialanguoyu-guanxin&dr=&dt=%F0%9F%8D%B9%E7%95%AB%E6%B1%9F%E6%B9%96%E4%B9%8B%E4%BF%A0%E5%B5%90%E3%80%90%E5%9C%8B%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1675597376&sct=1&seg=1&_et=1000&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 4B4D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d484816ee091588330653aa6150e0b429bb5a4d6703648d0ebc276247f86c28

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F00C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 11:42:57 GMT
expires
Mon, 05 Feb 2024 11:42:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF84 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 11:42:57 GMT
expires
Mon, 05 Feb 2024 11:42:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE41 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 11:42:57 GMT
expires
Mon, 05 Feb 2024 11:42:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F00C 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:44:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
133134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Feb 2024 22:44:03 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F00C 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
099ba38c3f94c0560f0916de268312064169eadef53bae2e2f519d8b3ceea9fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34632
x-xss-protection
0
server
cafe
etag
7522170447287544640
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 11:42:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F00C 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Feb 2023 11:42:57 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BF84 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
66eb3e43b4f95a54b5fce5ebe8cd69d85e52f69a83ab5f4ac5b37e458ad051ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34653
x-xss-protection
0
server
cafe
etag
4246498199626706601
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 11:42:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF84 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Feb 2023 11:42:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BF84 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdg6N15v_27bSab3-IgSKNx9kExN7WyP4qPyRMeQ-IutKMY5KWl2n_gdTK_TBvqLByi465CEuqUuBLAEMNnNqt6wKLyMv-dMXCbPWIuZNe5qdqNt_N8GgZp7O2pl0saRicgD712MIXe9uudQ_BykHP6OgvalEiK1314v1ZgexVbGL58VX18EdWD6tBZD_K1PuT36FBu7qH5KbrVjoaIVfAMj2y3x9iKIhq98DCf2PEcIFZPNE-ZbS-N76hCQP9wIJBoK0vZr85KYUU93S2rfPLgE_sPl3AYnkwLI_-UYlr-VTkl7xtPKookzCpkwixN9HXI1R6HWVb3-Jt4LdmUz9x3bwZJWi5WEXJ&sai=AMfl-YS1YYIJ4iBxWPmVdQ6dLCEEMu1RkYvmSVaYMjmpbrFVs7Gx7cDVVyg5RzK6Sb-y1Cf3Vy28OcBIzWCEdJw&sig=Cg0ArKJSzPhA-ddtOcKtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Feb 2023 11:42:57 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DE41 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:44:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
133134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Feb 2024 22:44:03 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame DE41 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
259cac21d767a184535b9f350a5101955fe2b71a535dfdbbedaca5064b5f7ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34502
x-xss-protection
0
server
cafe
etag
13049486700998559787
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 11:42:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE41 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Feb 2023 11:42:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F00C 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMuakq4_ArsvKt94zYvVzaPqyW7eny_P538TDuvuo_RFTxZD8gY74qzlww3Lntphoaan-1WfwbmCYliA-f0wTZFljKguTYoTsG31X9dwWcKJGy6unadAV1hypOYZLXtavbdEhO5fQl3RkDjaN5n6mxOnKuiwq8mfW0jUrXy_BvyGCrUjLTBBKqWD0TXab3iRukto0-QqP0atCioNNVMtrVPi_yeEBwjRxfQrbxbz3I3u4P_PF0ebQQpQsWKGYf-_ql-KkIZ1vAuwBkGlSzS8I5jvH76GkKJqZ0drA4tmKXJL7EfpU9iG-fIHDN-EwrayRBd6100UDJ67DFgKCzaQ5Ln7ZXRdZTdXnr&sai=AMfl-YRUhkFqegWSFck5_F_X5aIMEsa22zgB_xNDM6OZPQbLCiHHY0astTx_X_1sLvNTLVq3JFFVBYbO8G2rP3Q&sig=Cg0ArKJSzB2ani_BfK8UEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame DE41 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssREdPzUsATOY1sTBck6Cum0qSzqIDFO0kmkANeacyW_ETpsztmgeBYYUtkyCTT33_9n_goMrA2EvaQTj5A_SwL6xnTedT94Z_u2k-y27TjMITohv0KOiS1w6DynaGsfX1AW-AcLqeupl_9H4inYSdPcOFLiUiq0R5q9tNjnuP8n_wGGHxRrOTRH1nG6cp2FI-dX7tjTbuZOk0C8J_HHgnoSoq17BTtYqM9BkCnfqLr-OIx5c2OueJIn00lwNQS7CSME-NTBM4gdoBqAFd3eP6CICWILRoiKqRGRtevKSqft6mNUevOBYtjd8qKcf-_rENUKTL2MynPjtdFYrxcH_v8MSdJYLPBEemDuA&sai=AMfl-YS3v68CyZlTZqxmMqeRaIWjAfxyGKMS1FaZk5PAKhOOjJ9aS1n4CSRRuM9Q0YQaOPlEV7WAWi8Flfv24A4&sig=Cg0ArKJSzK__kJinp6RxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
URL: https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/ Frame F00C 		360 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071766
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
bc0e8deaf73cdf2850eee70fa9448212fee438c2cc4bf15f1d79b6617089850e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121046
x-xss-protection
0
server
cafe
etag
8814610079306169482
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 11:42:57 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/ Frame BF84 		361 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071765
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
45201a3f6def933482763e2030bcd73775669d56eb7290e29e2d18eeb55e2bd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121328
x-xss-protection
0
server
cafe
etag
4093380929182335916
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 11:42:57 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/ Frame DE41 		359 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071721
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
363e008d2fd6b11194b88645749477d325d7d57f7dacfb20da7d09377898ca26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120764
x-xss-protection
0
server
cafe
etag
9254920969847888899
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 11:42:57 GMT
truncated
/ Frame DE41 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
344b68b8461d58309c3cdade12a4255949b20b3ff16aab6b9263f5854711994b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.pl/adsid/ Frame F00C 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F00C 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 528E 		603 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031639&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377424&bpp=17&bdt=316&idt=220&shv=r20230201&mjsv=m202301190101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2838434248&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071766%2C31071948&oid=2&pvsid=4247938994644921&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rz48kzh1pubp&fsb=1&dtd=240
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 11:42:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.pl/adsid/ Frame BF84 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BF84 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5D85 		603 B
109 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=1831158112&adf=816031632&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377478&bpp=21&bdt=361&idt=221&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=2&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2838434248&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31071765%2C44779794&oid=2&pvsid=2847370730711133&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oh42fllj0crd&fsb=1&dtd=235
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 11:42:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.pl/adsid/ Frame DE41 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071721
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DE41 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071721
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BCA6 		17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071721
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
3cfb687b25031ffe25c1a1a0c1866c323290a343748ab726be1a610202762f22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
7871
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 11:42:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F00C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXctLCaDCi7hW8oir_lL0HmtY1kFazmoRFFTSNY20h2R4JPnXPMYojU51oPA0XUgMAQzGngyrqC9JlD7mAy-2Zey6ojeyy9ctUM6Yt1xFt_kGfYF9ZXPqVdtOB8keb1m9jrade7ugw4JB8hJaMRwvMTIiU7vPJdZR9ByLFtEmwbdHSMP8w9KuH4rFoURjp1sEFLSq0ZXJsarywimSXy9dYYlPSo7Eh9S4g__JW_2yrILRuvVwfcx4e_C4lgMVwkAFAy05eOlMFUDvy9WzYb3HsjUrIIKCCYAA6FuVFZ-feFrnUm6vbwwOBaEg4X0G6zaUq2GeZbzAcDAxavE2wkLkiQJyqGF54RDQinv4&sai=AMfl-YQyqVhLco0m-eVEsLshlVLghFHQ3mQdWh7W6Xk8n_EQJDQ7DL8EiSNaat7GlRBiD_1Pu5fNN_w4Fomwdgc&sig=Cg0ArKJSzJMIMzBENSj8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Feb 2023 11:42:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F00C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071766
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
7b2a6b53ebc9c800fb467e3198448fe17d9036ba84ea1a3c1d5aee7228e8e4ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12549
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame BF84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2Ln7D6v8UBtO44eOv69h90leo8JPOupfVECjmps9EZXEcdO2cZJ1BDMAzn3uP_J9caLBWRxsjCT7UYy3qH-RZHoMx46u86lamyyM5b0Rx90arqZqR21Up4HdZ36ltgnFmIVrlhcyid0m2vOs6Q5f7xUYr6dWk12y0AjKtu6w307m3xtcgObdo4wPgFSu7UmWB0_GgJjAZ1v1w1NBKUaYGGqLsOELPVqF36IFHaqhx0dn-3A212Rcp6jlfoDXqNRkTjJEIVyfSva-gFkfWMyPTrl6Z6Zr8FdLoJXqG-HnswS5L1EDL1_4vszygzLPa1IoXjOruSKNrlRNUpc4YoCYv4u6CeD6HhLBp2_E&sai=AMfl-YQo0VWdveCClrwQZr-USj42CuOMHYlJssSHZ1hLAR5o-lUkkv6BGMUWle1Czh0MTPxN-T0oHyItgI59dJM&sig=Cg0ArKJSzLtH_CLO7hDYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Feb 2023 11:42:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BF84 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071765
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
5559624c02c853c6d2c67dd1c0f532093fef5b7d09e94fc4e14e5a38feeb18ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12428
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASgURRgsYWuB_9R18Kpezx9LIFqbhaGm8SWYF5c17jRK8lkn-yPHBN7Q3CLWX-BN1hZqigRZ-4kYab4Ypuy7nRLMAwPswM-rXKwko8iSqY24YQuEI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14337859610918776993&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BCA6 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 11:42:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame BCA6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
58645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Feb 2023 19:25:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame BCA6 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
58645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Feb 2023 19:25:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BCA6 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Feb 2023 11:42:57 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2633 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY_9-vzQEwAQ&v=APEucNU6qhhxe0cDnnPvPAcBBTZmzHEBnySVxSo4FVkjy3hs2b5xqNBoMCG3Gpry76zKV3mevql3ANhrs36_LpuU2FOOfTaaGny02mS4uPctvbbziBRlyHFHL12_JQs7A0XPhs5WOVq8raA8xe51vF0a8npnO-FaFDYHpKHWNwUnAPhRWWt0XwU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 11:42:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 2633
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6phKvbNEjX7vygZULvRdI&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6phKvbNEjX7vygZULvRdI&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6phKvbNEjX7vygZULvRdI&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY_9-vzQEwAQ&v=APEucNU6qhhxe0cDnnPvPAcBBTZmzHEBnySVxSo4FVkjy3hs2b5xqNBoMCG3Gpry76zKV3mevql3ANhrs36_LpuU2FOOfTaaGny02mS4uPctvbbziBRlyHFHL12_JQs7A0XPhs5WOVq8raA8xe51vF0a8npnO-FaFDYHpKHWNwUnAPhRWWt0XwU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Feb 2023 11:42:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 05 Feb 2023 11:42:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEP6phKvbNEjX7vygZULvRdI&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 2633
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9.WQpwESDNnnZVRuJKBaQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6phKvbNEjX7vygZULvRdI&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6phKvbNEjX7vygZULvRdI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY_9-vzQEwAQ&v=APEucNU6qhhxe0cDnnPvPAcBBTZmzHEBnySVxSo4FVkjy3hs2b5xqNBoMCG3Gpry76zKV3mevql3ANhrs36_LpuU2FOOfTaaGny02mS4uPctvbbziBRlyHFHL12_JQs7A0XPhs5WOVq8raA8xe51vF0a8npnO-FaFDYHpKHWNwUnAPhRWWt0XwU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Feb 2023 11:42:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6phKvbNEjX7vygZULvRdI&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2633
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFFs2M1TRs4fRahN4_4eQO4&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFFs2M1TRs4fRahN4_4eQO4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY_9-vzQEwAQ&v=APEucNU6qhhxe0cDnnPvPAcBBTZmzHEBnySVxSo4FVkjy3hs2b5xqNBoMCG3Gpry76zKV3mevql3ANhrs36_LpuU2FOOfTaaGny02mS4uPctvbbziBRlyHFHL12_JQs7A0XPhs5WOVq8raA8xe51vF0a8npnO-FaFDYHpKHWNwUnAPhRWWt0XwU
Protocol
HTTP/1.1
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Feb 2023 11:42:58 GMT
AN-X-Request-Uuid
bd88337f-f9f2-4859-b68c-884df3fa8603
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
176.67.86.139; 176.67.86.139; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFFs2M1TRs4fRahN4_4eQO4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2633
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MjY2NzAxOTcxMjczNjkyNg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MjY2NzAxOTcxMjczNjkyNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY_9-vzQEwAQ&v=APEucNU6qhhxe0cDnnPvPAcBBTZmzHEBnySVxSo4FVkjy3hs2b5xqNBoMCG3Gpry76zKV3mevql3ANhrs36_LpuU2FOOfTaaGny02mS4uPctvbbziBRlyHFHL12_JQs7A0XPhs5WOVq8raA8xe51vF0a8npnO-FaFDYHpKHWNwUnAPhRWWt0XwU
Protocol
H2
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 05 Feb 2023 11:42:58 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
176.67.86.139; 176.67.86.139; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
055e3a06-d0f9-4937-a866-9e157b88e86a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MjY2NzAxOTcxMjczNjkyNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BF84 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071765
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Feb 2023 11:42:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4621590963550&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4621590963550&version=m202301230201&ct=76&x=1&cor=14337859610918777000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BCA6 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APUUEqZkjdHWftQMmUP4SrGVuZ5Vrwr2SwximqA7NKbmE1jqTKzTw6p9pqp04xJrQjxaUQoA1slc2YWbcMrfb4UzEKAg&cry=1&dbm_d=AKAmf-BkptXyizOdWERkFbqy52kz9J8qnnJYK1-viqjs0vYdO_7qMteWETnxtidHUGD6uxSX3JUE5aolMrksX8Yb0kkL__fRzHWWMOK_8Cawzj6NKdZuQgjuMnNqXh2PI2DFQTKYVPITSPXg5rBVrKSrpy08vpNSzuAZWOXPysvOefY6duCr7GCxUeWgk7q1Se1z_rthQO1lUVRpQnVKePpt_DIHNKbtIOR-kJtnzHBajzhG1sKXwE6Rkmt8YuuatYbuDN0FP4PePVe1NY5jGj279aQLeos7xTZeAh8C9X6GiG-3X0my70FAy7zeRA_gPZ6_2WZhWk5aDFSvpkPDEOekrMj4ux8abfkaOeWBfI3T_Enc9cb8bExhfS-C274Xk42bHWdyCAEvMlwVLK8jd3OUwm3WWmi2q3G7Erx8mmrnTlFFRRcPHGfS_XKplOVxMgIlLrJGHr26ohBBbIWZh_sk3CJ_S2R_7h_EPNexAeGmAhPs8B-Vz85vCgZX5gtne4L14phBFSCtOTyXV_vp2wo9cYPuznkf557lKeH1H8CRGL9QxD-PHPVQRPZIiys0JLjUZBWVVBe5DfSwcOH3-SJT6GVxlv-iOg0Bnqq-Xgw0GHXW2SYN2iQkV9DfLKgixy8YMUU5V34eBs7Sw6jEmyGo5A4D2hof6HuX_y0MkxQGgDvUMiqGqYnkgfrTkPg0Hd04IBCL3u4fd2qXx8kgd-XbIDiARlMEaJJfwYR9zdurgSmAhljWkklWYD-zfbxjSTQs3dXauiwVd4LFHZhmwplA0GsqO5uSzsim5ystIkm7tg8_AHuWhYGRERBORjWt1QNiyXYjoqlJa3AXyRquOmlOogt5QdIvLw7j0jX8zcwTVV00iKlXINSGarPFGYI0M3239oSuybLlrjesnOXGDr6aeDUeuTNvmmoY1fT1VVriyaUu9KUeQu7_4GTtyeBB-oNeoiOTuBIv0Y9rnepRSu7Zzl4iBTMrToojSfjEvoV697YLSWRjYDZye2tEc5a2FDE2F5vo7k1Ya9UN89Pc9-Hi-tIHDGgr8wWCQwhHxJ9Y0SOp3XZvYgz3UQ6zaUcjXEVyCUMKa-VZ0IroUDtF5ALFVgoMtgGDt4-aNyhKpTB2NGtHJQjYPAQC3KN0aVH5Y_a9zVpkHBD7tfyABvmuQMGXYkHssfw49VjlhLELiyL5BTCt2BiyVQC7b6K5EjX4t1pHSClxWYnby-i8uSw8pWbwlGGWK6Sv1PNRUtu5jtmV3BEQ2hfzGjb6ddB-WQngvSaAAJe7o-0uyQEUVaMoOUIGXSkKKe0l7TxLcqockxQd1YF8aeJ3AT1tNhinyEFrksw00F8qu-e5aAYeu6i0Xny7phZM9AJBoMdiKUI4Lt5eO1FupNAD7Uvgc0Fui50egIx5uZo4WneerjCpawKoNPcNaChk6EYcXeiVW5wKzrDimYjIjs3OXdm-xDv0Ju7F0QzlY4UhRxPUWxMcN-wxPjRAdKi67nOt_dfQfdD1eNGjamLxVWU55D0_oNZT23JUKWRY1sHqiMD3dByH6IlIpdT6gYDin9Lq7kKPGjEEp0efViyA-ssafJTeOdaHlbo_LlzGyiE3jwXWNdFI39M4tkCX9RWqU4DrhIYQRti7GHuQ53pAsQ_OPLA22P8PAMNloyuBCPmyQJ5yKH8uvMB17vzMluDujNc2CrV_diyPN9kMTeTAcjMY3Aaqfv9ewKjA-idxCiZRMnSmbSO8h9eJJDSxRmjkOUhg5XNNyQHL6WGs0JOwPAwTOFgxYk12PK4W3W4x1FewqLa3Zf9D6SDwQqiM01KuOmIFCmyvvfzS_qYrOa4B7-I5d-_zr3_XzoaIS44lKUVI5Ad6GvO2crLF7QXlVf-FsmKFnpohc5_l4gAnEyd1D-qE-S8xHNi-hhx2t7ZUziDF3oT-K3sPSU0G8QMl115aCxmhCO7Ke79_pCk40IAXFyYS_eIeMyurgBWRn5lPIUzyMoYi0LSYPi6SsWvQuWkTnyXc8gQalS-eJnEcKfoKUiW7IqYVYmdnqxwhIK-_K4bRVU92NlabBVKRyh0pHONnOwVsRlCKt_3PIkjhTv6Iuqy-9yvK2jhLTheTYi5CzB498pBKpHetTgL5K3Br5EQOYANaIsodinfpe6y6KJ-6oy7Dhs7yZOupkwNhSpApDuvsK8R0yBrJpQyrLnWHccY35bQquAZRF-G2sP2rBpj0sypoyOz-iLh0Yy6ZcUHVY3MbcvDN7RZbo-tmLNI3_7tFfZYr1Og4h6jcYqAoEjn9-mUCRfR1KXxqprcMe73i5itrRguUUjZPdTfKjTHziiBzV9CPDeeHbO6tahaHHhh9fofZShLq87lpAWy16AeskqMLLMX8gLTbJBGNsFHSDZ_AH3r56JdlcePZAB8_huaWfmw2lnR24t9KfvuKOIlnXiuQ7ZdTR3QK4GVVNkHGQfOC4JLyL51trYsUIgsowFJREjMhhi6gtpRdNvNG67nTA5W-GkduHpOnTeD9aY8EiuaLZf6QO5SIX6kayoNQnifr1PVEZaMFqjy73SxrVedE7xhyjGB1DsIAmWZFYpzoipEardkueCjYbbI0o4xV-vv-jQBz9GTCMVP3T7ytSC2lO4joVyIa3Qor3x1Wy6uRpRYAJl-1NbiI0p7yo_GEYGSYAD2VL0mtcVLMERw3JcYZOOzxzDkT6v3lUGkeTKsTXBgeIVUxfJ9CSfVwtzRodCVkvvJxSEQEflvNQfpClOBGEHvPDf4RgQvOxu7BRovftydqKn4kLm-6Q4IFxRtfFTE7AmAYwEiSksxNKeJAuk_SmZMkuGeNqxPSp9MMbPb61lI7b-e8gG3HGOIm_2pKNdhkko5k4TjeabV3Xxjj6ApIQ3VHGXt5S_ZpdQuBYwxZuBDN8gC3rMgfgXq6l-zOioe6DH_vNfH7FgClnNyoQAol5Ef1Qun7M3ZbLfHkLBfsy9qrr97GLhNFDrRsFr02GBxieJStw9IuPcd-mkNohdBgoxYjtDCFIycyJF1oG5uM5FV_SXWypAtdWLbu5kk6wOZ64orOU1tQR6auu3DTQ22qnsvrbSflgqAYWX5lf3sMugO_xjfO15Z2IgcQs7r8mz4zA-i7kCb8QLDlEHjOA1kbYOYj-t4H&cid=CAQSKQDUE5ymVh_nTIcGfbL6c-FZYnkWNsyXvCWIK5q0zZ-VQ8N_7CAFxTQLGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14337859610918777000&adk=1761367587&idt=138&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
ec9e952378e28a098b92f6e7ccd633f92f00a59e4ec20d596292a7971e3cba45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34532
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F00C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071766
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Feb 2023 11:42:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C33 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
90263
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 10:38:35 GMT
expires
Sun, 04 Feb 2024 10:38:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DE8A 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f4.1e100.net
Software
GSE /
Resource Hash
68a7b1b3b16f5d6a1ae85722fa19f2be01daf33f565f8cf36736a03e1bcad68b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ouWUrxG5SIKPBmVLhijgVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ouWUrxG5SIKPBmVLhijgVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 11:42:58 GMT
expires
Sun, 05 Feb 2023 11:42:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A8B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
90263
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 10:38:35 GMT
expires
Sun, 04 Feb 2024 10:38:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 52B7 		783 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f4.1e100.net
Software
GSE /
Resource Hash
509fbb07cc57a3c68c0a0b0ce51a0b5f38184448882687c2354a1d0d2a936567
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0FLlAtKWjWQ7hcIw6_tsiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-0FLlAtKWjWQ7hcIw6_tsiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 11:42:58 GMT
expires
Sun, 05 Feb 2023 11:42:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame BCA6 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f6.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 22:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 Feb 2023 22:35:08 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame BCA6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APUUEqZkjdHWftQMmUP4SrGVuZ5Vrwr2SwximqA7NKbmE1jqTKzTw6p9pqp04xJrQjxaUQoA1slc2YWbcMrfb4UzEKAg&cry=1&dbm_d=AKAmf-BkptXyizOdWERkFbqy52kz9J8qnnJYK1-viqjs0vYdO_7qMteWETnxtidHUGD6uxSX3JUE5aolMrksX8Yb0kkL__fRzHWWMOK_8Cawzj6NKdZuQgjuMnNqXh2PI2DFQTKYVPITSPXg5rBVrKSrpy08vpNSzuAZWOXPysvOefY6duCr7GCxUeWgk7q1Se1z_rthQO1lUVRpQnVKePpt_DIHNKbtIOR-kJtnzHBajzhG1sKXwE6Rkmt8YuuatYbuDN0FP4PePVe1NY5jGj279aQLeos7xTZeAh8C9X6GiG-3X0my70FAy7zeRA_gPZ6_2WZhWk5aDFSvpkPDEOekrMj4ux8abfkaOeWBfI3T_Enc9cb8bExhfS-C274Xk42bHWdyCAEvMlwVLK8jd3OUwm3WWmi2q3G7Erx8mmrnTlFFRRcPHGfS_XKplOVxMgIlLrJGHr26ohBBbIWZh_sk3CJ_S2R_7h_EPNexAeGmAhPs8B-Vz85vCgZX5gtne4L14phBFSCtOTyXV_vp2wo9cYPuznkf557lKeH1H8CRGL9QxD-PHPVQRPZIiys0JLjUZBWVVBe5DfSwcOH3-SJT6GVxlv-iOg0Bnqq-Xgw0GHXW2SYN2iQkV9DfLKgixy8YMUU5V34eBs7Sw6jEmyGo5A4D2hof6HuX_y0MkxQGgDvUMiqGqYnkgfrTkPg0Hd04IBCL3u4fd2qXx8kgd-XbIDiARlMEaJJfwYR9zdurgSmAhljWkklWYD-zfbxjSTQs3dXauiwVd4LFHZhmwplA0GsqO5uSzsim5ystIkm7tg8_AHuWhYGRERBORjWt1QNiyXYjoqlJa3AXyRquOmlOogt5QdIvLw7j0jX8zcwTVV00iKlXINSGarPFGYI0M3239oSuybLlrjesnOXGDr6aeDUeuTNvmmoY1fT1VVriyaUu9KUeQu7_4GTtyeBB-oNeoiOTuBIv0Y9rnepRSu7Zzl4iBTMrToojSfjEvoV697YLSWRjYDZye2tEc5a2FDE2F5vo7k1Ya9UN89Pc9-Hi-tIHDGgr8wWCQwhHxJ9Y0SOp3XZvYgz3UQ6zaUcjXEVyCUMKa-VZ0IroUDtF5ALFVgoMtgGDt4-aNyhKpTB2NGtHJQjYPAQC3KN0aVH5Y_a9zVpkHBD7tfyABvmuQMGXYkHssfw49VjlhLELiyL5BTCt2BiyVQC7b6K5EjX4t1pHSClxWYnby-i8uSw8pWbwlGGWK6Sv1PNRUtu5jtmV3BEQ2hfzGjb6ddB-WQngvSaAAJe7o-0uyQEUVaMoOUIGXSkKKe0l7TxLcqockxQd1YF8aeJ3AT1tNhinyEFrksw00F8qu-e5aAYeu6i0Xny7phZM9AJBoMdiKUI4Lt5eO1FupNAD7Uvgc0Fui50egIx5uZo4WneerjCpawKoNPcNaChk6EYcXeiVW5wKzrDimYjIjs3OXdm-xDv0Ju7F0QzlY4UhRxPUWxMcN-wxPjRAdKi67nOt_dfQfdD1eNGjamLxVWU55D0_oNZT23JUKWRY1sHqiMD3dByH6IlIpdT6gYDin9Lq7kKPGjEEp0efViyA-ssafJTeOdaHlbo_LlzGyiE3jwXWNdFI39M4tkCX9RWqU4DrhIYQRti7GHuQ53pAsQ_OPLA22P8PAMNloyuBCPmyQJ5yKH8uvMB17vzMluDujNc2CrV_diyPN9kMTeTAcjMY3Aaqfv9ewKjA-idxCiZRMnSmbSO8h9eJJDSxRmjkOUhg5XNNyQHL6WGs0JOwPAwTOFgxYk12PK4W3W4x1FewqLa3Zf9D6SDwQqiM01KuOmIFCmyvvfzS_qYrOa4B7-I5d-_zr3_XzoaIS44lKUVI5Ad6GvO2crLF7QXlVf-FsmKFnpohc5_l4gAnEyd1D-qE-S8xHNi-hhx2t7ZUziDF3oT-K3sPSU0G8QMl115aCxmhCO7Ke79_pCk40IAXFyYS_eIeMyurgBWRn5lPIUzyMoYi0LSYPi6SsWvQuWkTnyXc8gQalS-eJnEcKfoKUiW7IqYVYmdnqxwhIK-_K4bRVU92NlabBVKRyh0pHONnOwVsRlCKt_3PIkjhTv6Iuqy-9yvK2jhLTheTYi5CzB498pBKpHetTgL5K3Br5EQOYANaIsodinfpe6y6KJ-6oy7Dhs7yZOupkwNhSpApDuvsK8R0yBrJpQyrLnWHccY35bQquAZRF-G2sP2rBpj0sypoyOz-iLh0Yy6ZcUHVY3MbcvDN7RZbo-tmLNI3_7tFfZYr1Og4h6jcYqAoEjn9-mUCRfR1KXxqprcMe73i5itrRguUUjZPdTfKjTHziiBzV9CPDeeHbO6tahaHHhh9fofZShLq87lpAWy16AeskqMLLMX8gLTbJBGNsFHSDZ_AH3r56JdlcePZAB8_huaWfmw2lnR24t9KfvuKOIlnXiuQ7ZdTR3QK4GVVNkHGQfOC4JLyL51trYsUIgsowFJREjMhhi6gtpRdNvNG67nTA5W-GkduHpOnTeD9aY8EiuaLZf6QO5SIX6kayoNQnifr1PVEZaMFqjy73SxrVedE7xhyjGB1DsIAmWZFYpzoipEardkueCjYbbI0o4xV-vv-jQBz9GTCMVP3T7ytSC2lO4joVyIa3Qor3x1Wy6uRpRYAJl-1NbiI0p7yo_GEYGSYAD2VL0mtcVLMERw3JcYZOOzxzDkT6v3lUGkeTKsTXBgeIVUxfJ9CSfVwtzRodCVkvvJxSEQEflvNQfpClOBGEHvPDf4RgQvOxu7BRovftydqKn4kLm-6Q4IFxRtfFTE7AmAYwEiSksxNKeJAuk_SmZMkuGeNqxPSp9MMbPb61lI7b-e8gG3HGOIm_2pKNdhkko5k4TjeabV3Xxjj6ApIQ3VHGXt5S_ZpdQuBYwxZuBDN8gC3rMgfgXq6l-zOioe6DH_vNfH7FgClnNyoQAol5Ef1Qun7M3ZbLfHkLBfsy9qrr97GLhNFDrRsFr02GBxieJStw9IuPcd-mkNohdBgoxYjtDCFIycyJF1oG5uM5FV_SXWypAtdWLbu5kk6wOZ64orOU1tQR6auu3DTQ22qnsvrbSflgqAYWX5lf3sMugO_xjfO15Z2IgcQs7r8mz4zA-i7kCb8QLDlEHjOA1kbYOYj-t4H&cid=CAQSKQDUE5ymVh_nTIcGfbL6c-FZYnkWNsyXvCWIK5q0zZ-VQ8N_7CAFxTQLGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14337859610918777000&adk=1761367587&idt=138&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 19:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
56930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Feb 2023 19:54:08 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame BCA6 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APUUEqZkjdHWftQMmUP4SrGVuZ5Vrwr2SwximqA7NKbmE1jqTKzTw6p9pqp04xJrQjxaUQoA1slc2YWbcMrfb4UzEKAg&cry=1&dbm_d=AKAmf-BkptXyizOdWERkFbqy52kz9J8qnnJYK1-viqjs0vYdO_7qMteWETnxtidHUGD6uxSX3JUE5aolMrksX8Yb0kkL__fRzHWWMOK_8Cawzj6NKdZuQgjuMnNqXh2PI2DFQTKYVPITSPXg5rBVrKSrpy08vpNSzuAZWOXPysvOefY6duCr7GCxUeWgk7q1Se1z_rthQO1lUVRpQnVKePpt_DIHNKbtIOR-kJtnzHBajzhG1sKXwE6Rkmt8YuuatYbuDN0FP4PePVe1NY5jGj279aQLeos7xTZeAh8C9X6GiG-3X0my70FAy7zeRA_gPZ6_2WZhWk5aDFSvpkPDEOekrMj4ux8abfkaOeWBfI3T_Enc9cb8bExhfS-C274Xk42bHWdyCAEvMlwVLK8jd3OUwm3WWmi2q3G7Erx8mmrnTlFFRRcPHGfS_XKplOVxMgIlLrJGHr26ohBBbIWZh_sk3CJ_S2R_7h_EPNexAeGmAhPs8B-Vz85vCgZX5gtne4L14phBFSCtOTyXV_vp2wo9cYPuznkf557lKeH1H8CRGL9QxD-PHPVQRPZIiys0JLjUZBWVVBe5DfSwcOH3-SJT6GVxlv-iOg0Bnqq-Xgw0GHXW2SYN2iQkV9DfLKgixy8YMUU5V34eBs7Sw6jEmyGo5A4D2hof6HuX_y0MkxQGgDvUMiqGqYnkgfrTkPg0Hd04IBCL3u4fd2qXx8kgd-XbIDiARlMEaJJfwYR9zdurgSmAhljWkklWYD-zfbxjSTQs3dXauiwVd4LFHZhmwplA0GsqO5uSzsim5ystIkm7tg8_AHuWhYGRERBORjWt1QNiyXYjoqlJa3AXyRquOmlOogt5QdIvLw7j0jX8zcwTVV00iKlXINSGarPFGYI0M3239oSuybLlrjesnOXGDr6aeDUeuTNvmmoY1fT1VVriyaUu9KUeQu7_4GTtyeBB-oNeoiOTuBIv0Y9rnepRSu7Zzl4iBTMrToojSfjEvoV697YLSWRjYDZye2tEc5a2FDE2F5vo7k1Ya9UN89Pc9-Hi-tIHDGgr8wWCQwhHxJ9Y0SOp3XZvYgz3UQ6zaUcjXEVyCUMKa-VZ0IroUDtF5ALFVgoMtgGDt4-aNyhKpTB2NGtHJQjYPAQC3KN0aVH5Y_a9zVpkHBD7tfyABvmuQMGXYkHssfw49VjlhLELiyL5BTCt2BiyVQC7b6K5EjX4t1pHSClxWYnby-i8uSw8pWbwlGGWK6Sv1PNRUtu5jtmV3BEQ2hfzGjb6ddB-WQngvSaAAJe7o-0uyQEUVaMoOUIGXSkKKe0l7TxLcqockxQd1YF8aeJ3AT1tNhinyEFrksw00F8qu-e5aAYeu6i0Xny7phZM9AJBoMdiKUI4Lt5eO1FupNAD7Uvgc0Fui50egIx5uZo4WneerjCpawKoNPcNaChk6EYcXeiVW5wKzrDimYjIjs3OXdm-xDv0Ju7F0QzlY4UhRxPUWxMcN-wxPjRAdKi67nOt_dfQfdD1eNGjamLxVWU55D0_oNZT23JUKWRY1sHqiMD3dByH6IlIpdT6gYDin9Lq7kKPGjEEp0efViyA-ssafJTeOdaHlbo_LlzGyiE3jwXWNdFI39M4tkCX9RWqU4DrhIYQRti7GHuQ53pAsQ_OPLA22P8PAMNloyuBCPmyQJ5yKH8uvMB17vzMluDujNc2CrV_diyPN9kMTeTAcjMY3Aaqfv9ewKjA-idxCiZRMnSmbSO8h9eJJDSxRmjkOUhg5XNNyQHL6WGs0JOwPAwTOFgxYk12PK4W3W4x1FewqLa3Zf9D6SDwQqiM01KuOmIFCmyvvfzS_qYrOa4B7-I5d-_zr3_XzoaIS44lKUVI5Ad6GvO2crLF7QXlVf-FsmKFnpohc5_l4gAnEyd1D-qE-S8xHNi-hhx2t7ZUziDF3oT-K3sPSU0G8QMl115aCxmhCO7Ke79_pCk40IAXFyYS_eIeMyurgBWRn5lPIUzyMoYi0LSYPi6SsWvQuWkTnyXc8gQalS-eJnEcKfoKUiW7IqYVYmdnqxwhIK-_K4bRVU92NlabBVKRyh0pHONnOwVsRlCKt_3PIkjhTv6Iuqy-9yvK2jhLTheTYi5CzB498pBKpHetTgL5K3Br5EQOYANaIsodinfpe6y6KJ-6oy7Dhs7yZOupkwNhSpApDuvsK8R0yBrJpQyrLnWHccY35bQquAZRF-G2sP2rBpj0sypoyOz-iLh0Yy6ZcUHVY3MbcvDN7RZbo-tmLNI3_7tFfZYr1Og4h6jcYqAoEjn9-mUCRfR1KXxqprcMe73i5itrRguUUjZPdTfKjTHziiBzV9CPDeeHbO6tahaHHhh9fofZShLq87lpAWy16AeskqMLLMX8gLTbJBGNsFHSDZ_AH3r56JdlcePZAB8_huaWfmw2lnR24t9KfvuKOIlnXiuQ7ZdTR3QK4GVVNkHGQfOC4JLyL51trYsUIgsowFJREjMhhi6gtpRdNvNG67nTA5W-GkduHpOnTeD9aY8EiuaLZf6QO5SIX6kayoNQnifr1PVEZaMFqjy73SxrVedE7xhyjGB1DsIAmWZFYpzoipEardkueCjYbbI0o4xV-vv-jQBz9GTCMVP3T7ytSC2lO4joVyIa3Qor3x1Wy6uRpRYAJl-1NbiI0p7yo_GEYGSYAD2VL0mtcVLMERw3JcYZOOzxzDkT6v3lUGkeTKsTXBgeIVUxfJ9CSfVwtzRodCVkvvJxSEQEflvNQfpClOBGEHvPDf4RgQvOxu7BRovftydqKn4kLm-6Q4IFxRtfFTE7AmAYwEiSksxNKeJAuk_SmZMkuGeNqxPSp9MMbPb61lI7b-e8gG3HGOIm_2pKNdhkko5k4TjeabV3Xxjj6ApIQ3VHGXt5S_ZpdQuBYwxZuBDN8gC3rMgfgXq6l-zOioe6DH_vNfH7FgClnNyoQAol5Ef1Qun7M3ZbLfHkLBfsy9qrr97GLhNFDrRsFr02GBxieJStw9IuPcd-mkNohdBgoxYjtDCFIycyJF1oG5uM5FV_SXWypAtdWLbu5kk6wOZ64orOU1tQR6auu3DTQ22qnsvrbSflgqAYWX5lf3sMugO_xjfO15Z2IgcQs7r8mz4zA-i7kCb8QLDlEHjOA1kbYOYj-t4H&cid=CAQSKQDUE5ymVh_nTIcGfbL6c-FZYnkWNsyXvCWIK5q0zZ-VQ8N_7CAFxTQLGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14337859610918777000&adk=1761367587&idt=138&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 19:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
56930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10940
x-xss-protection
0
server
cafe
etag
260008737171085554
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Feb 2023 19:54:08 GMT
qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
pagead2.googlesyndication.com/bg/ Frame 5C33 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
sffe /
Resource Hash
a9de4a30455e3e94f51022183f5f2a05829f4238af7ea34eb40d1c4e316c4153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
133113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 22:44:25 GMT
qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
pagead2.googlesyndication.com/bg/ Frame 6A8B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
sffe /
Resource Hash
a9de4a30455e3e94f51022183f5f2a05829f4238af7ea34eb40d1c4e316c4153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
133113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 22:44:25 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BCA6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:54:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 490D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
19735
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 06:14:03 GMT
etag
48472445140208031
expires
Mon, 06 Feb 2023 06:14:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BCA6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c8c6f5b7a0933ae864a10e24b9bae7d42b9cd0ef2a8afdb8d4816a3661af9b7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3DD9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
132671
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 22:51:47 GMT
expires
Sat, 03 Feb 2024 22:51:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 490D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEF8MhJiodB7o9YEiQMY8aPc&google_cver=1&google_push=Aa02lx8sT7mCvhD2nvaLRNNhjEoMWjFlKZ8JlPJ-wF5ejtiVxvsXQZf0Ig76of_jTbepGUZz6Ia_Let3lhG1C0KG78LdWEQxVhjW
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc5OTMyNzgxMTE4MDY2MjI2NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF8MhJiodB7o9YEiQMY8aPc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF8MhJiodB7o9YEiQMY8aPc&google_cver=1
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 05 Feb 2023 11:42:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF8MhJiodB7o9YEiQMY8aPc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 490D 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEoZ6mwIGg8HyGb0PiT-jB8&google_cver=1&google_push=Aa02lx-BInAhSSABaBit6DDi__DExN4v-Oxhd87HT0xdCzP_OhSw-WMNXGL58g6muWYIZrKEA5jacuR8x3w3z6obwTXGZRA8z9ve_w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 490D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBvt6TQq-mWQ_VFLO02bR-4&google_cver=1&google_push=Aa02lx_vxfl-7neCLDUSmkL4i_YsTkfj5iaJFfc8lLpW7fpWwG42s8eZWC0p15RhngnJvxy7UDQirWRkMp5ZhN...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjYzNTkzOTgwMDc0MjAzNw%3D%3D&google_push=Aa02lx_vxfl-7neCLDUSmkL4i_YsTkfj5iaJFfc8lLpW7fpWwG42s8eZWC0p15RhngnJvxy7UDQirWRkMp5ZhNUtdh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjYzNTkzOTgwMDc0MjAzNw%3D%3D&google_push=Aa02lx_vxfl-7neCLDUSmkL4i_YsTkfj5iaJFfc8lLpW7fpWwG42s8eZWC0p15RhngnJvxy7UDQirWRkMp5ZhNUtdhfSDLF2dyrrqA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H3
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjYzNTkzOTgwMDc0MjAzNw%3D%3D&google_push=Aa02lx_vxfl-7neCLDUSmkL4i_YsTkfj5iaJFfc8lLpW7fpWwG42s8eZWC0p15RhngnJvxy7UDQirWRkMp5ZhNUtdhfSDLF2dyrrqA
Date
Sun, 05 Feb 2023 11:42:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 490D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJvki4414BuQ22QHEzFELJU&google_cver=1&google_push=Aa02lx8HzHSFt9wLp7oNQx098Qd7Ao-CyoG6q3SIPYbvbPqGOnqLgvUmjw1FmdPSHlIk_PnJ3azWqZ_KGqbB-vlZCzBl...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJvki4414BuQ22QHEzFELJU&google_cver=1&google_push=Aa02lx8HzHSFt9wLp7oNQx098Qd7Ao-CyoG6q3SIPYbvbPqGOnqLgvUmjw1FmdPSHlIk_PnJ3azWqZ_KGqbB-v...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6dbc7b05-0407-49b9-82e5-f1f7f587c16c&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8HzHSFt9wLp7oNQx098Qd7Ao-CyoG6q3SIPYbvbPqGOnqLgvUmjw1FmdPSHlIk_PnJ3azWqZ_KGqbB-vlZCzBlZaOrA4Sr&google_hm=C0GM_G9wQU6cI_NGD50HWA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8HzHSFt9wLp7oNQx098Qd7Ao-CyoG6q3SIPYbvbPqGOnqLgvUmjw1FmdPSHlIk_PnJ3azWqZ_KGqbB-vlZCzBlZaOrA4Sr&google_hm=C0GM_G9wQU6cI_NGD50HWA==
Protocol
H3
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8HzHSFt9wLp7oNQx098Qd7Ao-CyoG6q3SIPYbvbPqGOnqLgvUmjw1FmdPSHlIk_PnJ3azWqZ_KGqbB-vlZCzBlZaOrA4Sr&google_hm=C0GM_G9wQU6cI_NGD50HWA==
date
Sun, 05 Feb 2023 11:42:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 490D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBEr0yS1koeLZmvFSqbqPjQ&google_cver=1&google_push=Aa02lx_4XFmqvzlZPTFTGim53HC2wJwPSYB_dQ-7lgBx0_ALhzfWQy8Sin7szEv5hFwiYokoukcGLyxkThxl...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_4XFmqvzlZPTFTGim53HC2wJwPSYB_dQ-7lgBx0_ALhzfWQy8Sin7szEv5hFwiYokoukcGLyxkThxlEGU_H1OowdXUNJ0I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_4XFmqvzlZPTFTGim53HC2wJwPSYB_dQ-7lgBx0_ALhzfWQy8Sin7szEv5hFwiYokoukcGLyxkThxlEGU_H1OowdXUNJ0I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H3
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_4XFmqvzlZPTFTGim53HC2wJwPSYB_dQ-7lgBx0_ALhzfWQy8Sin7szEv5hFwiYokoukcGLyxkThxlEGU_H1OowdXUNJ0I
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 490D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx-_2Fh7Zd12n1rMPWd9-JnOf-_noscJ6NgBN2MI8UExgbddS9G0Z_7qPmXShSOFxY2Yr6ClwF5yRpe5Mt7Qfq9mjCW2iZqriQ&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-580f5327-3a17-481f-aa6c-db6b671f8571-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-_2Fh7Zd12n1rMPWd9-...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-_2Fh7Zd12n1rMPWd9-JnOf-_noscJ6NgBN2MI8UExgbddS9G0Z_7qPmXShSOFxY2Yr6ClwF5yRpe5Mt7Qfq9mjCW2iZqriQ&google_hm=A1gPUyc6F0gfqmzba2cfhXE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-_2Fh7Zd12n1rMPWd9-JnOf-_noscJ6NgBN2MI8UExgbddS9G0Z_7qPmXShSOFxY2Yr6ClwF5yRpe5Mt7Qfq9mjCW2iZqriQ&google_hm=A1gPUyc6F0gfqmzba2cfhXE
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H3
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-_2Fh7Zd12n1rMPWd9-JnOf-_noscJ6NgBN2MI8UExgbddS9G0Z_7qPmXShSOFxY2Yr6ClwF5yRpe5Mt7Qfq9mjCW2iZqriQ&google_hm=A1gPUyc6F0gfqmzba2cfhXE
date
Sun, 05 Feb 2023 11:42:58 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX580f53273a17481faa6cdb6b671f8571003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 490D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKcf9xiZpQ-4Nth5tWV1uWI&google_cver=1&google_push=Aa02lx_kRotQAS26Za9kXbyyZrx5lCs6mMEGGjN4XIjEhFwb0V6FCOdMVLErpzfor94RRRaMLm8hBjrCO9PR3r-hL7KwwxVh-4...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_kRotQAS26Za9kXbyyZrx5lCs6mMEGGjN4XIjEhFwb0V6FCOdMVLErpzfor94RRRaMLm8hBjrCO9PR3r-hL7KwwxVh-4o...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxNDM1ODU1Mjc2MzEyMzkyNTUwNw%3D%3D&google_push=Aa02lx_kRotQAS26Za9kXbyyZrx5lCs6mMEGGjN4XIjEhFwb0V6FCOdM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxNDM1ODU1Mjc2MzEyMzkyNTUwNw%3D%3D&google_push=Aa02lx_kRotQAS26Za9kXbyyZrx5lCs6mMEGGjN4XIjEhFwb0V6FCOdMVLErpzfor94RRRaMLm8hBjrCO9PR3r-hL7KwwxVh-4oKbg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H3
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxNDM1ODU1Mjc2MzEyMzkyNTUwNw%3D%3D&google_push=Aa02lx_kRotQAS26Za9kXbyyZrx5lCs6mMEGGjN4XIjEhFwb0V6FCOdMVLErpzfor94RRRaMLm8hBjrCO9PR3r-hL7KwwxVh-4oKbg
date
Sun, 05 Feb 2023 11:42:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 490D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IVRkV7WdPGiKdVcYVHCg7MRs3ujXcqa7iOnSaFsWKJEnxRed1fCcFW0TUWsHZApIK6UXRA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031633&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675597377503&bpp=10&bdt=379&idt=220&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=8547&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=3080639266&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773810%2C31071545%2C31071580%2C31071721%2C31071755%2C44782817&oid=2&pvsid=1781809132558008&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzism6btqztz&fsb=1&dtd=236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame DE8A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=2847370730711133&rc=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 52B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=4247938994644921&rc=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
p-aj-pl-prog_display-prospecting-great_service-office-2022-w26-Polish-728x90-637910740613807534-5740437d-f9eb-416d-a5cd-c0730cfe3521.html
s0.2mdn.net/sadbundle/12049936552671838208/ Frame 2B18 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12049936552671838208/p-aj-pl-prog_display-prospecting-great_service-office-2022-w26-Polish-728x90-637910740613807534-5740437d-f9eb-416d-a5cd-c0730cfe3521.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f6.1e100.net
Software
sffe /
Resource Hash
199be7fcbb7098da20f6d09b44cf06eed24912a05aa54d7e8c0dafdff873b93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
145557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1428
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 19:17:01 GMT
expires
Sat, 03 Feb 2024 19:17:01 GMT
last-modified
Fri, 17 Jun 2022 14:48:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BCA6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv81s43Wvokr2gNEQoHNdHLVmD5MkomIsDcha1wi4dfsviss-RJzr-lss5VhHv-ldgfm5RFVfMYie32mM6ZJMwPRD7RTZheit3N_27_DT7HvTD0jq0SITQqF8ANKcdG_dcjI3ITpYFhvpu3ccZnpbuEV-BDs9NMcHZpjC-wHdhlgVHDmLWi4-KgJP3DxC6lSG-3_JsSlSjABd3DtrZD8vxKQgwJ2maQmro8e0grg8r1n3Bw3e03hLVxEE9qk_OdKVa7ydrBPFiLciQmFAOGwiET-IK73hiiM4NUZC5SwtitXvuu6AEvXuuBqLaMqqQbi3opCfuvhbapKm7KaPgQhCa2Th9nTJIwDxOjzPu-u5aadPLGUPPnaoj0tBGSJA4WWH0fdAOnIMlxnweyAF1yrespX-o5fbl7jv7f2HCGfM-r7OlVtz1iuP6B2yO5AoIgQvIer8Ax1VxZmhZUGFbnCq4IRPnd-Hmxqx2IUrv_jIYGEAgUtw9QTGmgsItYqd1wezeEsGf2ftSwDysN3CosKgG9JOsZUs3RNrlDreE95AiN2RvRM4ghRyII7hdDj4c5HIBylvzphQHU1cedFv7mqEk-mVT9efO4NP_5WdDu0AoFgZeRUFvE1JBMSm2aSWT0HCz8SFROsVaoXVDiYEt2t1H4VNX06dDtVK7Bui-VAurMhhNgmtriRfAFuFCwzLRXH8N3QTGI87HCRSYj-Q-P0j6BlF4OwZZUdkyDooK6YKD7LGuCmmml9Bw9gfOWt192gW9fEpPHkAqRuSGn6KSPXNko4bLN6gQnR6uwVWBg2R9zzFNdARSEQhFX70JlisPMoGuChhvD2SdfWrutl7oDBNyqKHroLld5M2R_J7YgAO1q9U6ZhX84VDrvd4Xlpm0eZ_aJQ3Jas4X4ybIGL1KPCKwltoYGzpMZAdayGE9QXSJdM0UUYOJBkaqN6C6sZxPoHTj9gTSO5AQxSxDW2MeVFRh0jYDKsqqRUWpTbVfFoYEwlV60SpawZ0kVYA2SlcSsVYRE6isVxReDQOJmhol54hGRiHD-80Ect_wPH_CVbKWFjxLq4qO5yWBTbD96x6Y5AJ75MrQLlbMB-uiSUx0SVfJNa_TOoF17giGvaZOnL5Hnwg0ae0fVUBvg2Wo6R9Q-FfmUsS8baLnM6ZD8kk0imh92k5xlWxxrNM_4eFsBPEVS25wmjrVkGfN6Z_qtMCjH0rPX5MSx6OvzjDhZlXUEA57_&sai=AMfl-YT_7253-WSZ9mTRHrtrs7oXiDff6JO9jVASSyUIyniNfFDeVdfc2XORa6nynLCiKNcVfTZASzDoTo6Knp_uZUmN8LcTRW7a6jKuuUsRIjEYIa0LLgsmW92211ZnWmV6a7CTwK16TCNV_kvFXnykNWZeawmTMurirxgnk1GGX6oHMJIT0WepHy3-xlhQfencxLz9ah0nONIh&sig=Cg0ArKJSzItMGbU3ByDEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=248&cbvp=1&cstd=243&cisv=r20230201.87325&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 05 Feb 2023 11:42:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Feb 2023 11:42:58 GMT
generate_204
tpc.googlesyndication.com/ Frame 5C33 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?rDsblw
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
pagead2.googlesyndication.com/bg/ Frame 3DD9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
sffe /
Resource Hash
a9de4a30455e3e94f51022183f5f2a05829f4238af7ea34eb40d1c4e316c4153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
133113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 22:44:25 GMT
generate_204
tpc.googlesyndication.com/ Frame 6A8B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OwV7eQ
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame BCA6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv81s43Wvokr2gNEQoHNdHLVmD5MkomIsDcha1wi4dfsviss-RJzr-lss5VhHv-ldgfm5RFVfMYie32mM6ZJMwPRD7RTZheit3N_27_DT7HvTD0jq0SITQqF8ANKcdG_dcjI3ITpYFhvpu3ccZnpbuEV-BDs9NMcHZpjC-wHdhlgVHDmLWi4-KgJP3DxC6lSG-3_JsSlSjABd3DtrZD8vxKQgwJ2maQmro8e0grg8r1n3Bw3e03hLVxEE9qk_OdKVa7ydrBPFiLciQmFAOGwiET-IK73hiiM4NUZC5SwtitXvuu6AEvXuuBqLaMqqQbi3opCfuvhbapKm7KaPgQhCa2Th9nTJIwDxOjzPu-u5aadPLGUPPnaoj0tBGSJA4WWH0fdAOnIMlxnweyAF1yrespX-o5fbl7jv7f2HCGfM-r7OlVtz1iuP6B2yO5AoIgQvIer8Ax1VxZmhZUGFbnCq4IRPnd-Hmxqx2IUrv_jIYGEAgUtw9QTGmgsItYqd1wezeEsGf2ftSwDysN3CosKgG9JOsZUs3RNrlDreE95AiN2RvRM4ghRyII7hdDj4c5HIBylvzphQHU1cedFv7mqEk-mVT9efO4NP_5WdDu0AoFgZeRUFvE1JBMSm2aSWT0HCz8SFROsVaoXVDiYEt2t1H4VNX06dDtVK7Bui-VAurMhhNgmtriRfAFuFCwzLRXH8N3QTGI87HCRSYj-Q-P0j6BlF4OwZZUdkyDooK6YKD7LGuCmmml9Bw9gfOWt192gW9fEpPHkAqRuSGn6KSPXNko4bLN6gQnR6uwVWBg2R9zzFNdARSEQhFX70JlisPMoGuChhvD2SdfWrutl7oDBNyqKHroLld5M2R_J7YgAO1q9U6ZhX84VDrvd4Xlpm0eZ_aJQ3Jas4X4ybIGL1KPCKwltoYGzpMZAdayGE9QXSJdM0UUYOJBkaqN6C6sZxPoHTj9gTSO5AQxSxDW2MeVFRh0jYDKsqqRUWpTbVfFoYEwlV60SpawZ0kVYA2SlcSsVYRE6isVxReDQOJmhol54hGRiHD-80Ect_wPH_CVbKWFjxLq4qO5yWBTbD96x6Y5AJ75MrQLlbMB-uiSUx0SVfJNa_TOoF17giGvaZOnL5Hnwg0ae0fVUBvg2Wo6R9Q-FfmUsS8baLnM6ZD8kk0imh92k5xlWxxrNM_4eFsBPEVS25wmjrVkGfN6Z_qtMCjH0rPX5MSx6OvzjDhZlXUEA57_&sai=AMfl-YT_7253-WSZ9mTRHrtrs7oXiDff6JO9jVASSyUIyniNfFDeVdfc2XORa6nynLCiKNcVfTZASzDoTo6Knp_uZUmN8LcTRW7a6jKuuUsRIjEYIa0LLgsmW92211ZnWmV6a7CTwK16TCNV_kvFXnykNWZeawmTMurirxgnk1GGX6oHMJIT0WepHy3-xlhQfencxLz9ah0nONIh&sig=Cg0ArKJSzItMGbU3ByDEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=417&vt=11&dtpt=169&dett=3&cstd=243&cisv=r20230201.87325&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Feb 2023 11:42:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE41 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssv-AvN9YV6ejhmlmcZMVCXckMohB5MBhtiIEvFzUjcaAQSbVxBuQFkOJb8X0QdExFWJTQ1O9TY7UXraX1s7tsgNv5D_yzXczmLt_vXjYdjfK3VA0u70rWRxBpSt9mGWOrHLNhlbiYA6c6iFFGQ60LoRFhfIzFkGgMWtUVFz2M4CMrJ1aXnb7xyjW0WfojGRAFyzTZ5r954WaYTG-lCUq_jSmYPihUWZmCVZiJgOwao7d9gCbaH-Pifpr1JohQAcEcLBlxRfHZPTj_qEw-B1_fGSSyItg1FMGAUttOgsk_9mB2648CC0TnYD-llDS4qh5DEMjlsYRqGGLY5qFHF3sVp_GDgkW5x1ockB4H&sai=AMfl-YSr0etIogXZ70r_kNEntfuVQ_W5aJjkm3op4SrFxrnu7CB1NyCvwLnvPjBTvb-Z4MnzoSfSjM3oReCOa0M&sig=Cg0ArKJSzIu6ZKU2Q_htEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Feb 2023 11:42:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DE41 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071721
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
eea3d35872c5452bc5d7eb9c1cd155cafac7a95bc1391d290e6a886b9590760b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12366
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DD9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDCcfQpbfY7T6CMmH9u8PjJOBiAYAAAAAOAHgBAI&bg=!LC-lL2vNAAaq5O5FiuQ7ACkAdvg8Wk63uyTsjwoqN0UxtyIbKRIK7m6r6fme16Qu1f54FCQoKnumHAIAAAB0UgAAAAJoAQeZAyzv-EdAG73xPYBsJrLsaFkKs_WKwLZx9DcCl-O1Pyadpm9rxn9tkAtAVx4OoiMZOI48z_Bltl3fLnG4wcbWNXYntABdRvGvt6s9ZZCnvgov7vsOReo43Ie5IyIkoXz3YlDpoSsAVn5v9fOidXhKWaFf3ALzhEWdYDUlsdGELes7o7aVYth1nyBksANh9iNsIuI5hUWnl-erQOeZ_vQ_feEyO6wrVdK6ibVVlcflMsCsu3puhV0CK-WfCwBMQgvxK_fWRFjtr6i90WsLxrq7lUpYPbrsRKxHwwgp3tQ8PbAaR8LbTkJ0a3P3OOpaNA98-pmvWqVCAnsYT2U66PnmakZodBw0n1K0hfcIsUYq-6kkPhYD58bfCWsqMsWh7qTye6XOHmWrhqMqo-_thqjwwz9u3TnLi4O52aIdEdFkW90QbYETlpxh0jjrAkTYZREuZSdnnb2STZvN3KtWEEfcDOhuShwUzTJzWdNC1TX_xKI_smVwHlT1tcZK_nqQuwuy6mVs6YkO7CrjKidVUXI1VzVsLk79dYUNnZxrtsEnwKS8k-DjAQR3uyLNi3pDk3pYXhEFqV35em3r4CVrvmxsupswZjVup0fPhF3zmAXjeD2b9le030ZVzWTnWdDx-4NaOkXxqjo1gvXbBrRXZ0La-j0KDsN_Nw-PQf2vEBYMFOcDbACzLWstPItlsLkK3zS9qebOpmSxPbvpMJ6ve7VXikMYQK7FfxavcX4YDwiIMJlOgAunZP8dC0Iw1YabLpiUL8FAiZmwSbcF7ftRsLY0lAhRhakC4c67_VZJs-V-GnRpwa1wkZ-hMsh-oeLWiMMH03RZQv8-WMRb-bJ1bW_QhFqZ05WwLbfpfT9u31lNaboIZXqN2gJjTgW0keWmSqoSTVTcXlPvfMPM2-U7VBDYnhk0nGGWCdAAXgxio8CkiNPyQwstysI46L5seEgQZY3E9eCarbsO3I93Qc6H7Oc01ksgFiTDd42YNF6rXt2NDGp2UBNDuCHHQF7W1cT8dLnplm4VJABW2EcOc8Ir3Z_5UA9YhXqLGMYfKTZRh7WYCIJLdUiVlizeYZtewLD15w
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/huajianghuzhixialanguoyu-guanxin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62ac93728d9f94d62e78f830
c.bannerflow.net/a/ Frame 2B18 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/62ac93728d9f94d62e78f830?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufkHFyE5xbnATRsipPvhvSGemPvXHdvK24KpCx8fCWHZSiLqMmuBthUHW2Gba4oYEwImSBPavluUjddkFO2iu_sSOLtcaWEbO8ly7afdipziQUPTIh8X68Mpf3NDuGCWOW5q4PHVI6VOA9h-b-_kgL-yfgnmNiebnk8UqEhR4micVqeTA2Hd-kraXI8bJS5sDGKv7zrQ_iYe7c8PnFBMprQ5PcHrsEO6oKOuSJVVS9kxYSxC4DMpIPNqaQRiUowae6qRMazvIQ9BvEs4xk94MhBLjB4dO7HXnsFYSkgLoDUoNaIriMXqTiwSVMvIWviWv0SYMjdpZQ7qCFaxaqVhqKYzI_nCEuBNHNWK-RL5jcKJtTycCn7Zyk5abu2RlZ3oneC4s1lQ1Gw84a86PNRYA1ZviwUnpbCCm2UW5UZn9QSZCAh1Zx6RRwutg-Sj53gjG6T-zv881YWMfqhxU4U9vhRt9trsopAY4ZZbtlkpbvKt34EpF8WfHxVi_oOaI81VhNn7r2-xJLCNSxHBEjnBVW6px8Z8mB-cnZcc8qrPaRlPkJzvJONEAmWE1ncjNiJ60eoFnVnZHWVM_ns-WFR8M48cnT4UWKmR_21lHyTmzi27fhwjDGjgSiysZwdk6XXjoNAkuRWU_Nw4wqFaJo2_qcs6uAB4plYdFBRM_hNh-gDv8yc5cWs--lqhk4xDo87dtO_dibA8OD-hxMcI3LxW5E-regtwMOrh2BJsZhPojxx4yxMFzc881TeBU8392SNMOnCQIdsN55tUeHS4fFAsCPEhmer8qkOf8DLx_NLPTS-Sr6KNi685frpGrcOO5qbYgeZv_RiF6lIgcAPro9kgGlLa0K98x0wCb9hU0H1Vx2vf4VbtID4lx_EqNdVWMy3UjHbGWst-aN4t5EC2S5ZqikVprHhXMt5LP3pyfIanrhVc5T2NNiMNoHtz4csnLPA404iNePQbsm9BB3KxYC9EdUIjo8Aa6hLtrcu6Z7S3OAad5jP_HDnXV3ewqxkigeBKRx3SfzW-_Tkq3hNvYdvanvMmCw9uAZ9BxlAXy-HzPjQBzKpLApLY04-SACuUGKWjaaxf6W-W0MDT2YSJiSyKWtEqJsJ4jfMOmsr7BexJ6NmKK_L8L9xy3UTd1YLrnI7yPs52-VodAH8QrY0a5Zhi9b3d2OjC-kmQxDcorzpqud0aDCQfJLpGWdNbDEmEdG6kTc-bz3kNI%26sai%3DAMfl-YQVBDncAVx8PKnXyiNGYdDWT13moczByplX_ebBDoOFjh1lQZy8WwKXCJT7v1CZ3kxLn-oW_uJCAUSwVxh-qgHOvsIf0c0VLBnA0s7rslt-vNmFAZWVzbse8MH16tt_g4HbTCwF0lIH0GottK7X7BgiDRLpcYGedrjHhtHLUIHsBs5bP8mZ55YVbB44Er0JwEaj_4BJgddjTWKAHGrhTWc%26sig%3DCg0ArKJSzG-CvOs60qc-EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-biurowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-office-2022-w26%2526utm_content%253Dgreat_service-prospecting-office-html5-00-728x90%2526dclid%253D%2525edclid!
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12049936552671838208/p-aj-pl-prog_display-prospecting-great_service-office-2022-w26-Polish-728x90-637910740613807534-5740437d-f9eb-416d-a5cd-c0730cfe3521.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4caa6074f89e97297d2372477f9be8792aa0c6f183e1c81bada0e2b87893ac4

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
794b62c16a4134f2-WAW
content-type
application/javascript
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DE41 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=b9468406213763d78a193010488809c9.safeframe.googlesyndication.com&bust=31071721
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Feb 2023 11:42:58 GMT
document.5e09d54f7f.js
c.bannerflow.net/accounts/aj-produkter/55f6c9c5163b58e2a8681ac3/published/2434157/2774410/ Frame 2B18 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/aj-produkter/55f6c9c5163b58e2a8681ac3/published/2434157/2774410/document.5e09d54f7f.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62ac93728d9f94d62e78f830?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufkHFyE5xbnATRsipPvhvSGemPvXHdvK24KpCx8fCWHZSiLqMmuBthUHW2Gba4oYEwImSBPavluUjddkFO2iu_sSOLtcaWEbO8ly7afdipziQUPTIh8X68Mpf3NDuGCWOW5q4PHVI6VOA9h-b-_kgL-yfgnmNiebnk8UqEhR4micVqeTA2Hd-kraXI8bJS5sDGKv7zrQ_iYe7c8PnFBMprQ5PcHrsEO6oKOuSJVVS9kxYSxC4DMpIPNqaQRiUowae6qRMazvIQ9BvEs4xk94MhBLjB4dO7HXnsFYSkgLoDUoNaIriMXqTiwSVMvIWviWv0SYMjdpZQ7qCFaxaqVhqKYzI_nCEuBNHNWK-RL5jcKJtTycCn7Zyk5abu2RlZ3oneC4s1lQ1Gw84a86PNRYA1ZviwUnpbCCm2UW5UZn9QSZCAh1Zx6RRwutg-Sj53gjG6T-zv881YWMfqhxU4U9vhRt9trsopAY4ZZbtlkpbvKt34EpF8WfHxVi_oOaI81VhNn7r2-xJLCNSxHBEjnBVW6px8Z8mB-cnZcc8qrPaRlPkJzvJONEAmWE1ncjNiJ60eoFnVnZHWVM_ns-WFR8M48cnT4UWKmR_21lHyTmzi27fhwjDGjgSiysZwdk6XXjoNAkuRWU_Nw4wqFaJo2_qcs6uAB4plYdFBRM_hNh-gDv8yc5cWs--lqhk4xDo87dtO_dibA8OD-hxMcI3LxW5E-regtwMOrh2BJsZhPojxx4yxMFzc881TeBU8392SNMOnCQIdsN55tUeHS4fFAsCPEhmer8qkOf8DLx_NLPTS-Sr6KNi685frpGrcOO5qbYgeZv_RiF6lIgcAPro9kgGlLa0K98x0wCb9hU0H1Vx2vf4VbtID4lx_EqNdVWMy3UjHbGWst-aN4t5EC2S5ZqikVprHhXMt5LP3pyfIanrhVc5T2NNiMNoHtz4csnLPA404iNePQbsm9BB3KxYC9EdUIjo8Aa6hLtrcu6Z7S3OAad5jP_HDnXV3ewqxkigeBKRx3SfzW-_Tkq3hNvYdvanvMmCw9uAZ9BxlAXy-HzPjQBzKpLApLY04-SACuUGKWjaaxf6W-W0MDT2YSJiSyKWtEqJsJ4jfMOmsr7BexJ6NmKK_L8L9xy3UTd1YLrnI7yPs52-VodAH8QrY0a5Zhi9b3d2OjC-kmQxDcorzpqud0aDCQfJLpGWdNbDEmEdG6kTc-bz3kNI%26sai%3DAMfl-YQVBDncAVx8PKnXyiNGYdDWT13moczByplX_ebBDoOFjh1lQZy8WwKXCJT7v1CZ3kxLn-oW_uJCAUSwVxh-qgHOvsIf0c0VLBnA0s7rslt-vNmFAZWVzbse8MH16tt_g4HbTCwF0lIH0GottK7X7BgiDRLpcYGedrjHhtHLUIHsBs5bP8mZ55YVbB44Er0JwEaj_4BJgddjTWKAHGrhTWc%26sig%3DCg0ArKJSzG-CvOs60qc-EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-biurowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-office-2022-w26%2526utm_content%253Dgreat_service-prospecting-office-html5-00-728x90%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5caed5e94e9bc6bbeaeabb0e4e91f9a570a70ffacb98c04bf4e932cdd6f10ee4

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
XgnVT3/24g3UKPm6GwsxVQ==
age
9965295
cf-polished
origSize=10199
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 17 Jun 2022 14:45:58 GMT
server
cloudflare
etag
W/"0x8DA5070175EC080"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
385f7296-f01e-002b-32b4-de6dea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
794b62c1eaf234f2-WAW
animated-creative.8f91e75a375dc4814474.js
c.bannerflow.net/scripts/ Frame 2B18 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.8f91e75a375dc4814474.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62ac93728d9f94d62e78f830?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufkHFyE5xbnATRsipPvhvSGemPvXHdvK24KpCx8fCWHZSiLqMmuBthUHW2Gba4oYEwImSBPavluUjddkFO2iu_sSOLtcaWEbO8ly7afdipziQUPTIh8X68Mpf3NDuGCWOW5q4PHVI6VOA9h-b-_kgL-yfgnmNiebnk8UqEhR4micVqeTA2Hd-kraXI8bJS5sDGKv7zrQ_iYe7c8PnFBMprQ5PcHrsEO6oKOuSJVVS9kxYSxC4DMpIPNqaQRiUowae6qRMazvIQ9BvEs4xk94MhBLjB4dO7HXnsFYSkgLoDUoNaIriMXqTiwSVMvIWviWv0SYMjdpZQ7qCFaxaqVhqKYzI_nCEuBNHNWK-RL5jcKJtTycCn7Zyk5abu2RlZ3oneC4s1lQ1Gw84a86PNRYA1ZviwUnpbCCm2UW5UZn9QSZCAh1Zx6RRwutg-Sj53gjG6T-zv881YWMfqhxU4U9vhRt9trsopAY4ZZbtlkpbvKt34EpF8WfHxVi_oOaI81VhNn7r2-xJLCNSxHBEjnBVW6px8Z8mB-cnZcc8qrPaRlPkJzvJONEAmWE1ncjNiJ60eoFnVnZHWVM_ns-WFR8M48cnT4UWKmR_21lHyTmzi27fhwjDGjgSiysZwdk6XXjoNAkuRWU_Nw4wqFaJo2_qcs6uAB4plYdFBRM_hNh-gDv8yc5cWs--lqhk4xDo87dtO_dibA8OD-hxMcI3LxW5E-regtwMOrh2BJsZhPojxx4yxMFzc881TeBU8392SNMOnCQIdsN55tUeHS4fFAsCPEhmer8qkOf8DLx_NLPTS-Sr6KNi685frpGrcOO5qbYgeZv_RiF6lIgcAPro9kgGlLa0K98x0wCb9hU0H1Vx2vf4VbtID4lx_EqNdVWMy3UjHbGWst-aN4t5EC2S5ZqikVprHhXMt5LP3pyfIanrhVc5T2NNiMNoHtz4csnLPA404iNePQbsm9BB3KxYC9EdUIjo8Aa6hLtrcu6Z7S3OAad5jP_HDnXV3ewqxkigeBKRx3SfzW-_Tkq3hNvYdvanvMmCw9uAZ9BxlAXy-HzPjQBzKpLApLY04-SACuUGKWjaaxf6W-W0MDT2YSJiSyKWtEqJsJ4jfMOmsr7BexJ6NmKK_L8L9xy3UTd1YLrnI7yPs52-VodAH8QrY0a5Zhi9b3d2OjC-kmQxDcorzpqud0aDCQfJLpGWdNbDEmEdG6kTc-bz3kNI%26sai%3DAMfl-YQVBDncAVx8PKnXyiNGYdDWT13moczByplX_ebBDoOFjh1lQZy8WwKXCJT7v1CZ3kxLn-oW_uJCAUSwVxh-qgHOvsIf0c0VLBnA0s7rslt-vNmFAZWVzbse8MH16tt_g4HbTCwF0lIH0GottK7X7BgiDRLpcYGedrjHhtHLUIHsBs5bP8mZ55YVbB44Er0JwEaj_4BJgddjTWKAHGrhTWc%26sig%3DCg0ArKJSzG-CvOs60qc-EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-biurowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-office-2022-w26%2526utm_content%253Dgreat_service-prospecting-office-html5-00-728x90%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fbea945f50eada4896cd18055e943e2c584f262f37bccb8353a657dc725ddc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 05 Feb 2023 11:42:58 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
aXsit+2VM5eiWeIPCiyhJw==
age
20291587
cf-polished
origSize=147393
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 15 Jun 2022 12:42:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
00d67b01-f01e-002b-40c9-806dea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
794b62c1eaf534f2-WAW
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DEB5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
90264
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 10:38:35 GMT
expires
Sun, 04 Feb 2024 10:38:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DAE4 		783 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f4.1e100.net
Software
GSE /
Resource Hash
9d4a10e662f02867c3874871975a54bdd717a10f2bec15ea23c4b5014eccb5d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sJXwZOk0WSPWI0vcqHOX3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-sJXwZOk0WSPWI0vcqHOX3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 11:42:59 GMT
expires
Sun, 05 Feb 2023 11:42:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
pagead2.googlesyndication.com/bg/ Frame DEB5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
sffe /
Resource Hash
a9de4a30455e3e94f51022183f5f2a05829f4238af7ea34eb40d1c4e316c4153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
133114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 22:44:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DAE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=1781809132558008&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4621590963550&version=m202301230201&ct=76&x=1&cor=14337859610918777000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 11:42:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2B18 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
e8202294-07af-4b2d-a8ef-f7b9d52c9fc9
https://s0.2mdn.net/ Frame 02D7 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/e8202294-07af-4b2d-a8ef-f7b9d52c9fc9
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8f91e75a375dc4814474.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame 2B18 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55f6c79ad5dac3f364722874%2F55f6c9c5163b58e2a8681ac3%2Fe49043ba-c6b1-4677-bae9-8db04394ceaf.woff&t=%20LZabcdeijklnoprstwyz%C4%99%C5%9B%E2%80%93
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12049936552671838208/p-aj-pl-prog_display-prospecting-great_service-office-2022-w26-Polish-728x90-637910740613807534-5740437d-f9eb-416d-a5cd-c0730cfe3521.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ba400512d9a0fc2b56931b0b60b667feb896a014273390842bb5508ec1ddb4

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:59 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 09:09:26 GMT
server
cloudflare
age
15042813
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=e49043ba-c6b1-4677-bae9-8db04394ceaf-subset.woff
cf-ray
794b62c79c6d351b-WAW
expires
Tue, 15 Aug 2023 09:09:26 GMT
generate_204
tpc.googlesyndication.com/ Frame DEB5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KKgTTQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
optimize
c.bannerflow.net/io/api/image/ Frame 9EA4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Faj-produkter%2F55f6c9c5163b58e2a8681ac3%2Fimages%2Ff21bfe9f-5ff3-4005-a50b-1dcde8514ec2.jpg&w=3000&h=927&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e3b7ca372b0394586644acae897a55082c5b82ba141f30fe0b590196aa08726

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:59 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Feb 2023 23:11:47 GMT
api-supported-versions
2.0
server
cloudflare
age
45072
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
794b62c7e92734f2-WAW
content-length
7912
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 9EA4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Faj-produkter%2F55f6c9c5163b58e2a8681ac3%2Fimages%2F5bb68903-1b6c-4018-b860-16caf529a660.png&w=123&h=57&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f576987dd7bb780161e8fa5b820c02f798fe29f1f88f1729c89aa04a1bd3d105

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 11:42:59 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Feb 2023 16:31:29 GMT
api-supported-versions
2.0
server
cloudflare
age
69090
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
794b62c7e92f34f2-WAW
content-length
2776
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
/
c.bannerflow.net/tr/v2/pixel/ Frame 2B18 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62ac93728d9f94d62e78f830?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufkHFyE5xbnATRsipPvhvSGemPvXHdvK24KpCx8fCWHZSiLqMmuBthUHW2Gba4oYEwImSBPavluUjddkFO2iu_sSOLtcaWEbO8ly7afdipziQUPTIh8X68Mpf3NDuGCWOW5q4PHVI6VOA9h-b-_kgL-yfgnmNiebnk8UqEhR4micVqeTA2Hd-kraXI8bJS5sDGKv7zrQ_iYe7c8PnFBMprQ5PcHrsEO6oKOuSJVVS9kxYSxC4DMpIPNqaQRiUowae6qRMazvIQ9BvEs4xk94MhBLjB4dO7HXnsFYSkgLoDUoNaIriMXqTiwSVMvIWviWv0SYMjdpZQ7qCFaxaqVhqKYzI_nCEuBNHNWK-RL5jcKJtTycCn7Zyk5abu2RlZ3oneC4s1lQ1Gw84a86PNRYA1ZviwUnpbCCm2UW5UZn9QSZCAh1Zx6RRwutg-Sj53gjG6T-zv881YWMfqhxU4U9vhRt9trsopAY4ZZbtlkpbvKt34EpF8WfHxVi_oOaI81VhNn7r2-xJLCNSxHBEjnBVW6px8Z8mB-cnZcc8qrPaRlPkJzvJONEAmWE1ncjNiJ60eoFnVnZHWVM_ns-WFR8M48cnT4UWKmR_21lHyTmzi27fhwjDGjgSiysZwdk6XXjoNAkuRWU_Nw4wqFaJo2_qcs6uAB4plYdFBRM_hNh-gDv8yc5cWs--lqhk4xDo87dtO_dibA8OD-hxMcI3LxW5E-regtwMOrh2BJsZhPojxx4yxMFzc881TeBU8392SNMOnCQIdsN55tUeHS4fFAsCPEhmer8qkOf8DLx_NLPTS-Sr6KNi685frpGrcOO5qbYgeZv_RiF6lIgcAPro9kgGlLa0K98x0wCb9hU0H1Vx2vf4VbtID4lx_EqNdVWMy3UjHbGWst-aN4t5EC2S5ZqikVprHhXMt5LP3pyfIanrhVc5T2NNiMNoHtz4csnLPA404iNePQbsm9BB3KxYC9EdUIjo8Aa6hLtrcu6Z7S3OAad5jP_HDnXV3ewqxkigeBKRx3SfzW-_Tkq3hNvYdvanvMmCw9uAZ9BxlAXy-HzPjQBzKpLApLY04-SACuUGKWjaaxf6W-W0MDT2YSJiSyKWtEqJsJ4jfMOmsr7BexJ6NmKK_L8L9xy3UTd1YLrnI7yPs52-VodAH8QrY0a5Zhi9b3d2OjC-kmQxDcorzpqud0aDCQfJLpGWdNbDEmEdG6kTc-bz3kNI%26sai%3DAMfl-YQVBDncAVx8PKnXyiNGYdDWT13moczByplX_ebBDoOFjh1lQZy8WwKXCJT7v1CZ3kxLn-oW_uJCAUSwVxh-qgHOvsIf0c0VLBnA0s7rslt-vNmFAZWVzbse8MH16tt_g4HbTCwF0lIH0GottK7X7BgiDRLpcYGedrjHhtHLUIHsBs5bP8mZ55YVbB44Er0JwEaj_4BJgddjTWKAHGrhTWc%26sig%3DCg0ArKJSzG-CvOs60qc-EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-biurowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-office-2022-w26%2526utm_content%253Dgreat_service-prospecting-office-html5-00-728x90%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 05 Feb 2023 11:42:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
794b62c8296d34f2-WAW
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
sodar
pagead2.googlesyndication.com/pagead/ Frame BF84 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=2847370730711133&bg=!JCelJ2PNAAaq5O5FiuQ7ACkAdvg8WpALGygAvLE9k6wOVExEta5yLgpSVhe0WS857WNs1WJyE5-ZnQIAAADYUgAAAARoAQcKAGsTkW1FhdL749zK8TCkYICZZVOpmPmkOCmm_Xa_EvTWHLNu7RGeDS7UhLpOQdfY_XJlb1m2HKdQTWkeoGFqHfw7R45DKnEGgZYfDEk7Q-7g1S9EPg7MEqOITMFnOuhs4DZ8oe3kyKdb-xdI-JkC85N8uIpvAtvFhBvku9ZXVsIuQTKU12XQ98sioD7qA1Wg2XBTk2htWhfkebkS_0ePfq8-DkinnZkpkrPpSvU77VTHme2o5-8AWAVeTuLnHbpTQePdWY5kUYdNh8zRgnCqOiepiV5TZksOwOCdRqft3gOVjHl5V6rTWeUvG-RZ5KkVd9Bc8XqWpAElnj3DB1NUUebwRH33a8LMPYW5QkxpAeNdd5LiN4ep_kA-y-C-5O5WmTBFZpG15NilEo63jnZbZIefD5nzMwsAS6ZEs0C-wKmNRHoqh4CznlfU5-QmwMbacoPh02t7rpWGprMXu6WWzgpk6hnj0XJ-TJmU-J9ufLkWtZ0fqdPmHJP1aEbpfc2GB4FfeTjraJ1vb6ZXukHJ9U4r9ASDqgFOojVbRRuQ2kFtRdNBMEDVQua1Kds-gpFSmnNLtnLrm3PReoWU1Hag7F1aq4sGZbZCEn5fIsi1UpyIUEDc5m9IasiDTk9qBE5-xfHJhTjgPMA3qON-eHcka4QDaYBG-Gr4TNbYiDfsr74rkh6VbWl6ak8CGEvuqj8QZLg3ccLunCNOxAtA4LHPj6QS3N-isf9BVBQlsz0bsFqFxzxkWfca5M3zkXvOW9idLcLFrrB5fNoGXLMOGN2_z9o_hGHe0fM0UxKDsLrEYHa893ZRuDtyBk6CaJ8MjQPmR0ykOS2viGaR-3SmG2wBlTDHiS0p2S5sA7BgG1t8pNTzo6puPvGHc4mdlAWSyFrPM8ZtenCeo31YBEWYfrW6XSCuXphRhacR_p2bMIhvJKPNydDzuHLt505uH-pxZePE4phd0Yi0wFJiHgcxzkIH2NAF03KpQkhlF6whtCs2VgnUvFhUAAT6vvzJZbG4cJUrkRkgXKecrf7tWww-8xsKGZFVW8U6OpR6jJK6lkc0wZYdxj9cGg64JzxkMBWVlsfdzhebSI46A2vPrA0YfbV9V-W0LoolXAYv-U59kA4A5f1eqdX8dO_rI5f1T0h-QFRyOlHs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F00C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=4247938994644921&bg=!7u2l7anNAAaq5O5FiuQ7ACkAdvg8Wi4FVslWNgoeJi_Cj3xdfwHvHzEjMOa3W-B8Co9AeGWB6-aUeQIAAADHUgAAAANoAQcKAJpr62HrlYrJzrIGSbtRFn_7pTgfD06iN2O-WB3bzRyeBS0MCgsTh3I1Y5tpWLCOVqdpkEW4P2eA5mZEvMuqRrBQY13jUt-68-szOQzFzRyJ0yYTb6PMvbL9SyIwpYJsY2fWCYNbmV_9q4pF3VjNKp8kea6iZ373ywQShdaVkH53JekUjNvGTzKYujUC7ILCviu4kKNvZdybt4s4mQLvl9tNp7kX2cedf0St68KRsNB4yq4TBTPbGeTBCYYPoNOQnTfAiQ0nU2-wevOc8P2nuxtT3J2AfzMbGCHifJrkgQtRYNKscj5IxwbylKfkvrKmr8g3B_nOJpT8rQg6KLTXfosMIzx7zHIiZCyEGPtVfdXn4QPyhHRBwhsfsGlAd4gzOrjNv2-XvuEtJO3_qtWO4FJ0aRX4YTUYC3iw6GrIt0UzPu2-I8iQvTLzZHq-cQtoL7GmpetQAzOfCi2ounQ_eKyMq_-rPJdEYoXJgP3U1f4ZyePxiqrerdjSonFvE783InOTbPJfRqgeSUQfr5hhebMqaePCszR1FM48mmugrITt_a2H37pbD4RJortBgxfkQz-KkcFSATYzENHyrJCTs8ljyptSgEvM22W1M5JcIYqkMCkgpS8ejUo0gS9XJ4Ynj0yf1_MWGAy8_hz4_sU24_y9GzBamM5tU4vgu3Eq3_yFAGmMssEExYpZvb_unFylBK5_oaOJN31eixWunmBpkSl2o-z2I6Zz9ennInsOZinAhR62QUS9rgKRcAGAOme_BZseCVNg_AOkKJki9BW8ZTCCLI8t7H0Vla3HyPs4bauDXPzTCxgVND5L-TmAfM7Rdrgjx0b_mWxmXG_zoJVhTleribF5p893dARrM7xBbNNGNisZtCx8QIMcuKl2z8mWtM6QNEQOLaIrC5BD-fPFAJAz_jWGsdGpCMO_nSLFg4QfEJfDByxq93to1vCq4VVY9_P6xhStOLMjZWZylaxYiTfeBUVNkoQREMgOE74WAG9Vp3jE7M-I1rPLr6ms07ooCy3xvf28_k5_RMA7-TjXAUSu89LhNcYWiniVyYf3fLcRvxc2C-Lgjb_AuOe591DCDshykogw7OW8wZz21mYHrwvNd8gF3y3ysdRl1KIEOMulfb8btJ7vkKDOWvMajtXOOj3mP8XRmKh_fITEcT8xYJ1VrCxTFxqPqeuHfAzY1OMrRNjeVOq3n3CefZFg6w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://b9468406213763d78a193010488809c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame DE41 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=1781809132558008&bg=!9vWl9bHNAAaq5O5FiuQ7ACkAdvg8WhaR7EAVUal1xYF2OTA9en9Uq7prCkeGAFmydAwsZkXzyA508QIAAAB7UgAAAAJoAQeZAw4LyY76_UjgwHKSIjEVzjNMHt6Pb4PpLePAtZ5n35QFcXnZa41rusIXTK-YgdNQQoljXGKmN1Hknk-P63XA-ZHcPs_NgNjMMaWrsHC79vV9t_fkt-uidTWjfjiQLR7GasM7GtvPI8G2r6EBQxT70sMtKtGQ-3OYrnp-4SpoHLAuLCk1gHEgKyFTbBynl2lS3APt462whrO9SXF4HN1C_j7O4WfZHEkzNeOnNmhYkaanJdrRGZ-GnxG95UYkYgTQzOqAlAcl6wLDyAW4c42rcce-AeIlYpHdlMy3_3K8a7nZjJzXA9qAZQ6t_pLSCN37kYvMXa2Li5uLLJ-wJSx14z1cDnlyflvFqV8dnjXKRZkZMgWYY9T_7oPCWf2IHxzDkOhtSdRTQP8w91K6Gc3JXfXoC4DsmK2y2Vtzdu3uRVeclrtN8R82cIpbRapua_-Or2bitMmD0O5tx1-QjQLYDZ14XotR1gBoz-vwl9Kk__LDa6aZEml4i0ccpUPdvH9lW60K9eMRcZfL6baD3RCK8HPkPJJCYgP3aC9Lwezms3f7zwjBUfpEPRp40oGXbiqag3qRQ5g49Sf4CDF3aSutVQ8DOvL9C0CuXORlaWUzM3zx0Q3UIr8SejLKgxY7B6hgwTUCpDjFdCsN5_o7DlZbfagrsboa4SEuw3siVJrWvDk_yTCihxEFoQv1hPTRXmLvYbVM9hrQA9P3P57gHsG5zON9Hmws6f2Wzj6S-v0b5ujP594k3V7uzFCreUy3zmZlc526EjDDlBiSxg-5hjy2NocRA4bzlgEK_25TY90lR4izPJSkZ-99AR9k0H_pmQ7n7GB9n09McVdT0isLpcbDB77E_ERlbvSlLeP-IDga2oOmfGRv8Pr82m5fKGrIYxDjuXPAPfjZtMKu6zJBqnCsCKMj05PjGqFinlsuyIRcYRyQ4m5LKfZJACsbmF_pXOOT9bdPFpke5Xr-lTPmb8edFpNabUH9k4HsX2f8pRd2vBGL-uy6gpGzEPIh86i4ppkUr3seksEE7lLDqK7xmiT1VQ

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| FormProxy number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

22 Cookies

Domain/Path Name / Value
.xgcartoon.com/ Name: _ga
Value: amp-KbNIfbTiroDJEj3LUmJxhA
.doubleclick.net/ Name: IDE
Value: AHWqTUnpad5gVrNWAt-Yxd-2WTdgZJeB9ek7P63zJdFhp03y6cbfhJASWT7TSOxmrhs
.adnxs.com/ Name: uuid2
Value: 5552667019712736926
.casalemedia.com/ Name: CMPS
Value: 3253
.casalemedia.com/ Name: CMPRO
Value: 3253
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaNtCYdf!@wnfH8K6pQK`!5=E<*L5?%M*]p>dL3M6YP/Z>I!du=Yg/[6x.:/_JaN.Q?@*bpRz*qF1`*b_r<*-@QZ
.casalemedia.com/ Name: CMID
Value: Y9.WQpwESDNnnZVRuJKBaQAA
.3lift.com/ Name: tluid
Value: 2214358552763123925507
.bidswitch.net/ Name: tuuid
Value: 0b418cfc-6f70-414e-9c23-f3460f9d0758
.bidswitch.net/ Name: c
Value: 1675597378
.bidswitch.net/ Name: tuuid_lu
Value: 1675597378
.adfarm1.adition.com/ Name: UserID1
Value: 7196635939800742037
.turn.com/ Name: uid
Value: 2799327811180662265
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-580f5327-3a17-481f-aa6c-db6b671f8571-003%22%7D
.quantserve.com/ Name: d
Value: ECwBCQGcKIEA
.quantserve.com/ Name: mc
Value: 63df9642-95c6c-fe77f-8c3e1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-580f5327-3a17-481f-aa6c-db6b671f8571-003%22%7D
.sportradarserving.com/ Name: zuuid
Value: 6dbc7b05-0407-49b9-82e5-f1f7f587c16c
.sportradarserving.com/ Name: c
Value: 1675597379
.sportradarserving.com/ Name: zuuid_lu
Value: 1675597379
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1675597379

2 Console Messages

Source Level URL
Text
security warning URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ad.turn.com
adservice.google.com
adservice.google.pl
amp.analytics-debugger.com
b9468406213763d78a193010488809c9.safeframe.googlesyndication.com
c.bannerflow.net
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
onetag-sys.com
pagead2.googlesyndication.com
r.turn.com
s0.2mdn.net
securepubads.g.doubleclick.net
static-a.xgcartoon.com
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.xgcartoon.com
x.bidswitch.net
pagead2.googlesyndication.com
104.16.12.64
104.22.46.147
13.248.245.213
142.250.180.193
142.250.180.226
142.250.180.228
142.250.201.193
142.250.201.194
142.251.208.129
142.251.208.162
142.251.208.166
142.251.208.98
142.251.39.14
142.251.39.2
142.251.39.34
142.251.39.66
172.67.73.112
18.192.29.165
185.80.39.216
185.83.142.19
213.19.147.45
3.121.253.189
46.228.164.11
51.89.9.251
84.17.37.43
85.114.159.93
91.228.74.166
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03e92208d6d8172e560d3cdaaad8ba850fbd17921939d158c652f9bec8df9ab7
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
099ba38c3f94c0560f0916de268312064169eadef53bae2e2f519d8b3ceea9fb
0aab3d6b4165ca27cf899946ebfdf34ac07c682c31e354d2e81076d7e0cdbe5a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
157eed6c4ead2e25dae7f93b28d805b05a0f22704cf6cb2788fbb5e6d51b08ff
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
196284876c70ea6b7900b5487eca57ef5967c14bf848867f2bdfa11f7f454891
199be7fcbb7098da20f6d09b44cf06eed24912a05aa54d7e8c0dafdff873b93c
1a161b3bc6eeb3e85b56da701793e9191de031d8b6d3019279e9252f5185e5be
1c8c6f5b7a0933ae864a10e24b9bae7d42b9cd0ef2a8afdb8d4816a3661af9b7
1ce14301b2157149ea815c904d0c3725c883dcc908a41ac00007f2578702b631
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
259cac21d767a184535b9f350a5101955fe2b71a535dfdbbedaca5064b5f7ea0
25bf5a07c544e52b2a6ea1e716d15b8ff097bfad88dbd2c100a558ca6591d340
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
344b68b8461d58309c3cdade12a4255949b20b3ff16aab6b9263f5854711994b
363e008d2fd6b11194b88645749477d325d7d57f7dacfb20da7d09377898ca26
3cfb687b25031ffe25c1a1a0c1866c323290a343748ab726be1a610202762f22
45201a3f6def933482763e2030bcd73775669d56eb7290e29e2d18eeb55e2bd8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d484816ee091588330653aa6150e0b429bb5a4d6703648d0ebc276247f86c28
4e3b7ca372b0394586644acae897a55082c5b82ba141f30fe0b590196aa08726
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509fbb07cc57a3c68c0a0b0ce51a0b5f38184448882687c2354a1d0d2a936567
5559624c02c853c6d2c67dd1c0f532093fef5b7d09e94fc4e14e5a38feeb18ac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5caed5e94e9bc6bbeaeabb0e4e91f9a570a70ffacb98c04bf4e932cdd6f10ee4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66eb3e43b4f95a54b5fce5ebe8cd69d85e52f69a83ab5f4ac5b37e458ad051ff
68a7b1b3b16f5d6a1ae85722fa19f2be01daf33f565f8cf36736a03e1bcad68b
6cc3828792d72ef93e6860cac0807c46c6e1f2a4d9ae47d984ccfb21c6daed63
7ab7c9af43dd94efa0cf5362d9ab7902728051251a3875b39d7abab35258a16e
7b2a6b53ebc9c800fb467e3198448fe17d9036ba84ea1a3c1d5aee7228e8e4ba
80108f09a681feeeae76e2ed5acf67fb0236a338e1a62dce1d648c24a3fde49d
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8c4782746496d13d1a037741305f1d07a00ac457b2cbd431fc01a6a14e94802c
94abe986ef515ee51a85b846b2b73476ef3f868306be4e3b29c356d36972132e
982db0fcbf3c641a24977ed82111b7c99c93f56dd6d2a4b6c7170e171b350038
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d4a10e662f02867c3874871975a54bdd717a10f2bec15ea23c4b5014eccb5d1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9de4a30455e3e94f51022183f5f2a05829f4238af7ea34eb40d1c4e316c4153
b0ba400512d9a0fc2b56931b0b60b667feb896a014273390842bb5508ec1ddb4
b0e0a2a6b0da4532308b86d9989da4ad3a1c6f00d81a6f3e62d9add193a09122
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17d1a40ddfabbf68637bff66a353ebd6dcc06f497f584f1ea56c71d0bbcbf11
b4caa6074f89e97297d2372477f9be8792aa0c6f183e1c81bada0e2b87893ac4
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
ba535611e5fff2e27a2068ed844d262e3a83447b2a79372bf9db69a60d90995d
bc0e8deaf73cdf2850eee70fa9448212fee438c2cc4bf15f1d79b6617089850e
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cb6731124d8b36e7fe0cd3a1bb09a3980ebc59fb4bbde274f1ad7e1b6acc22ef
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
de355ba9a74c5e74b8de3d0aa6c09148fea7d6b8684c4f3a72a82edd6fc614f1
e20d44c1b4c43a629f47d6a0f7f393d4f7dbcea8b6c42593d8842641465ae2f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e48202285d1c54d617a1810667d014d9d4c25b34a2423734f64d8abc2d13c9b8
e5167edefebe6b9d9810dc00b6953e85bea711bd96d55e1cdfdf1b718299028a
eb1bdcb1c8460c8059269ceb223b709105c98f919a641419db7d703aa642827d
ec9e952378e28a098b92f6e7ccd633f92f00a59e4ec20d596292a7971e3cba45
ed0293e1640f7af7551ec7175f78ffda8da9e8b834189732fbcc3aa0fa41450d
eea3d35872c5452bc5d7eb9c1cd155cafac7a95bc1391d290e6a886b9590760b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f576987dd7bb780161e8fa5b820c02f798fe29f1f88f1729c89aa04a1bd3d105
f9fbea945f50eada4896cd18055e943e2c584f262f37bccb8353a657dc725ddc
fdb5e0585b3f270c1c7acc5f708c7871e79ea339d4cc30af4503d1f107ad6404