urlscan.io logo urlscan.io
SecurityTrails logo

www.xgcartoon.com Open in urlscan Pro
84.17.37.43  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Submission: On February 09 via manual from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 13 domains to perform 109 HTTP transactions. The main IP is 84.17.37.43, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com. The Cisco Umbrella rank of the primary domain is 719045.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 84.17.37.43 60068 (CDN77 ^_^)
11 142.250.180.193 15169 (GOOGLE)
5 104.22.47.147 13335 (CLOUDFLAR...)
3 172.217.18.2 15169 (GOOGLE)
11 142.250.201.194 15169 (GOOGLE)
6 142.251.39.1 15169 (GOOGLE)
1 104.26.10.132 13335 (CLOUDFLAR...)
1 142.250.186.174 15169 (GOOGLE)
5 37.157.6.233 198622 (ADFORM)
1 23 142.250.186.161 15169 (GOOGLE)
5 142.251.208.98 15169 (GOOGLE)
1 216.58.212.138 15169 (GOOGLE)
1 142.250.180.195 15169 (GOOGLE)
15 142.250.185.194 15169 (GOOGLE)
4 142.250.186.70 15169 (GOOGLE)
3 37.157.2.247 198622 (ADFORM)
1 142.250.184.195 15169 (GOOGLE)
2 216.58.212.130 15169 (GOOGLE)
4 142.250.186.162 15169 (GOOGLE)
1 35.156.154.231 16509 (AMAZON-02)
1 2 172.217.23.102 15169 (GOOGLE)
1 3 172.217.18.100 15169 (GOOGLE)
109 23
4    84.17.37.43 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-43.cdn77.com
www.xgcartoon.com
11    142.250.180.193 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f1.1e100.net
cdn.ampproject.org
5    104.22.47.147 (None, )

ASN13335 (CLOUDFLARENET, US)
static-a.xgcartoon.com
3    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
adservice.google.com
11    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
securepubads.g.doubleclick.net
6    142.251.39.1 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f1.1e100.net
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
1    104.26.10.132 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
1    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.google-analytics.com
5    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
23    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
tpc.googlesyndication.com
5    142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net
www.googletagservices.com
1    216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f10.1e100.net
fonts.googleapis.com
1    142.250.180.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f3.1e100.net
www.gstatic.com
15    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
4    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
static.doubleclick.net
3    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
2    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
adservice.google.pl
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads.g.doubleclick.net
1    35.156.154.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-154-231.eu-central-1.compute.amazonaws.com
system360.inistrack.net
2    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net
ad.doubleclick.net
3    172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
44 googlesyndication.com
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
1 MB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
static.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
ad.doubleclick.net — Cisco Umbrella Rank: 177
198 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 354
245 KB
9 xgcartoon.com
www.xgcartoon.com — Cisco Umbrella Rank: 719045
static-a.xgcartoon.com — Cisco Umbrella Rank: 600866
420 KB
8 adform.net
track.adform.net — Cisco Umbrella Rank: 3884
s1.adform.net — Cisco Umbrella Rank: 8432
86 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 67
www.google.com — Cisco Umbrella Rank: 2
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
240 KB
2 google.pl
adservice.google.pl — Cisco Umbrella Rank: 30466
696 B
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
35 KB
1 inistrack.net
system360.inistrack.net — Cisco Umbrella Rank: 590780
691 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
944 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 23
256 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 47560
2 KB
109 13
Domain Requested by
23 tpc.googlesyndication.com 1 redirects f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
15 pagead2.googlesyndication.com f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.xgcartoon.com
tpc.googlesyndication.com
www.googletagservices.com
11 securepubads.g.doubleclick.net cdn.ampproject.org
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
www.googletagservices.com
11 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
6 f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com cdn.ampproject.org
5 www.googletagservices.com f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
5 track.adform.net f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
s1.adform.net
5 static-a.xgcartoon.com www.xgcartoon.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
4 static.doubleclick.net f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
4 www.xgcartoon.com www.xgcartoon.com
3 www.google.com 1 redirects tpc.googlesyndication.com
3 s1.adform.net track.adform.net
s1.adform.net
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
3 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
2 ad.doubleclick.net 1 redirects f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
2 adservice.google.pl pagead2.googlesyndication.com
1 system360.inistrack.net f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
1 fonts.googleapis.com f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
1 www.google-analytics.com cdn.ampproject.org
1 amp.analytics-debugger.com cdn.ampproject.org
109 22

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G2		 2022-09-14 -
2023-10-16		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.analytics-debugger.com
GTS CA 1P5		 2023-01-22 -
2023-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google.pl
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
system360.inistrack.net
Amazon RSA 2048 M02		 2023-01-30 -
2024-02-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Frame ID: BB767C6E10AEF417F99F623172C9C9DE
Requests: 29 HTTP requests in this frame

Frame: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 1D35C3F77A28AD3BCAE81F2495929AE1
Requests: 18 HTTP requests in this frame

Frame: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 39D5531E5658676A4F49619DCAB78EA8
Requests: 16 HTTP requests in this frame

Frame: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: A54627894BE5F3C81C5B88B62EFE64FD
Requests: 12 HTTP requests in this frame

Frame: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 71A444341EC291D09E7F07759400942E
Requests: 11 HTTP requests in this frame

Frame: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 4515C192991D26289ADF5097BCD0C29D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=2480770705&adf=816031639&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675917964309&bpp=15&bdt=249&idt=201&shv=r20230207&mjsv=m202302020101&ptt=5&saldr=sa&is_amp=1&correlator=3342&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1183685319&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C31072296%2C44779794&oid=2&pvsid=3745064758400385&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vebj8sv6k717&fsb=1&dtd=215
Frame ID: A94C51619089B8199B3B7236E856E6D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CDB821F537AAD35E4CD4970A4025C469
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=1831158112&adf=816031632&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675917964367&bpp=11&bdt=301&idt=209&shv=r20230207&mjsv=m202301310101&ptt=5&saldr=sa&is_amp=1&correlator=3342&frm=24&ife=2&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1183685319&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31072294%2C44779793&oid=2&pvsid=1303408280324135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.u5p9idgr4c9b&fsb=1&dtd=226
Frame ID: 2D77CB6AE13DC45F13DA52500B66A5FB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 59FD8CB67A1D8E74D9975C111C6D9B3B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 53D998D095D4871BDB9FBE61EFCBBB93
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36498E4D3C8A984EB8BDA212BA56B768
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8BEEC44D438091A6940C9B4179D7FA45
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FAC2F8BD7CEEE5B658A16E547D67BB2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3AE61B96A5B4C27C72C83D3178DA5431
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🍛龍珠(七龍珠、元祖龍珠)【劇場版】魔神城內的睡美人【日語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

109
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

22
Subdomains

23
IPs

5
Countries

2455 kB
Transfer

4877 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDvo8efShCwCRiwCTIIQXBm2uX5Tvs HTTP 301
  • https://tpc.googlesyndication.com/simgad/2229373788544933868
Request Chain 82
  • https://ad.doubleclick.net/ddm/trackimp/N718661.3942254JEEP-APEXCPCPAKIE/B29164593.356334039;dc_trk_aid=547152273;dc_trk_cid=184409116;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=70843 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N718661.3942254JEEP-APEXCPCPAKIE/B29164593.356334039;dc_pre=CNj51_fQh_0CFYe73godmHEIVw;dc_trk_aid=547152273;dc_trk_cid=184409116;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=70843
Request Chain 86
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

109 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
www.xgcartoon.com/detail/ 		73 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8c50f320c9239a4c05a718ea2f6fcc2187c21cc2a429fb7564e5b59ecd85c254

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Feb 2023 04:46:01 GMT
ETag
"1226a-mzBWyJc5zronEXQZY7jll0KMUfw"
Expires
Thu, 09 Feb 2023 04:47:01 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
e0532c6db336a57f0d5a5a6491e42db6a36984517c277779f04554ec632d3627
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 09 Feb 2023 04:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72745
x-xss-protection
0
server
sffe
etag
"29f292357b70b21f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 04:46:02 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
7c5a07836e98c932b6f71aa43a65ab4a86c8f45d2aac4af6ed5791c61d58bbcf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 09 Feb 2023 04:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23100
x-xss-protection
0
server
sffe
etag
"06bc8ce7deeed7b9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 04:46:02 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
909bde560561490f40908a6b9318a4193d149606eb131433ff8c8fd4b45f1837
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 09 Feb 2023 04:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9470
x-xss-protection
0
server
sffe
etag
"039145a47de04fd0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 04:46:02 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
c497494f1b384dde710f79dcbcca88055138ee97e2217bcf9ebc41025f045b0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 09 Feb 2023 04:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14980
x-xss-protection
0
server
sffe
etag
"38e7787abc86b628"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 04:46:02 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
6628b42c3afbea8411daba5faf8fcbd730d1a18e1fc4f7b3f4a9f89502d003b0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 09 Feb 2023 04:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14290
x-xss-protection
0
server
sffe
etag
"2f86f2c09192195e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 04:46:02 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
1daa8236785cb21eef85513e86238df3a69180e0a74bf5ac078e50df548a123d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 09 Feb 2023 04:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10276
x-xss-protection
0
server
sffe
etag
"92fc96960178fda9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 04:46:02 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
cb7dadfee42703d011a9e651d5a3c15b415a1662aa3ed43f3358fb05d2c72b9e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 09 Feb 2023 04:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32013
x-xss-protection
0
server
sffe
etag
"642d09b21bbca62c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Feb 2023 04:46:02 GMT
logo.png
www.xgcartoon.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 09 Feb 2023 04:46:02 GMT
Last-Modified
Sun, 28 Aug 2022 14:10:33 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"3473-182e4ca3706"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13427
Expires
Thu, 09 Feb 2023 04:49:02 GMT
qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming.jpg
static-a.xgcartoon.com/cover/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12531a740f3b5626197a949687d39aedb6bc4ab56aa21f8e75f275d98a7e116

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 15:27:41 GMT
server
cloudflare
etag
"F8C550A135E26EF5DF7F105A23F9EE9D"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7969f581ab433527-WAW
content-length
144117
expires
Thu, 09 Feb 2023 13:09:04 GMT
play.png
www.xgcartoon.com/img/ 		470 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 09 Feb 2023 04:46:02 GMT
Last-Modified
Wed, 17 Aug 2022 11:09:20 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1d6-182ab7e5700"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
470
Expires
Thu, 09 Feb 2023 04:49:02 GMT
star.png
www.xgcartoon.com/img/ 		424 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 09 Feb 2023 04:46:02 GMT
Last-Modified
Wed, 17 Aug 2022 11:09:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1a8-182ab7e37c0"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
424
Expires
Thu, 09 Feb 2023 04:49:02 GMT
huanjiewanghuanshouwangguoyu-xuxiankun.jpg
static-a.xgcartoon.com/cover/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/huanjiewanghuanshouwangguoyu-xuxiankun.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c4ac959df358f403ab3e6d183c1981c95c23e517fc9c47c83629f66a7403a30

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 11:35:50 GMT
server
cloudflare
etag
"59F3A8B542ACB9D323C4BC62B34F16B4"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7969f581ab443527-WAW
content-length
76915
expires
Thu, 09 Feb 2023 15:47:58 GMT
feixiangdemonvriyu-shizhongqianxun.jpg
static-a.xgcartoon.com/cover/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/feixiangdemonvriyu-shizhongqianxun.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af64833b2c441895c7428f1ce4ff43d312738e035ba033b8c3d2a86c809dabfa

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 25 Oct 2022 00:39:34 GMT
server
cloudflare
etag
"EA02B98CA2F20DBE09165790BEC6858D"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7969f581ab453527-WAW
content-length
10201
expires
Thu, 09 Feb 2023 14:48:28 GMT
haizeiwangjuchangban2019kuangrexingdonghanghaiwangjuchangban_duobaozhengbazhan-weitianrongyilang.jpg
static-a.xgcartoon.com/cover/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/haizeiwangjuchangban2019kuangrexingdonghanghaiwangjuchangban_duobaozhengbazhan-weitianrongyilang.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e198e16f751d47214c7539905c91a4778bdf18eedb5f627dbfecbad7bec84484

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
cf-cache-status
HIT
last-modified
Sun, 27 Nov 2022 00:33:08 GMT
server
cloudflare
etag
"00906D7FF429F3EB96B2DBC1C03988E6"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7969f581ab463527-WAW
content-length
93838
expires
Thu, 09 Feb 2023 06:37:24 GMT
doupocangqiong_di4jiguoyu-tiancantudou.jpg
static-a.xgcartoon.com/cover/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/doupocangqiong_di4jiguoyu-tiancantudou.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef5025699ba558b21d636f77848f14fd0220be4e56fd8dd3a0f85116361ec5e9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
cf-cache-status
HIT
last-modified
Mon, 21 Nov 2022 02:06:59 GMT
server
cloudflare
etag
"081B024D38C34A3A92FDE971531BB899"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7969f581ab473527-WAW
content-length
70815
expires
Thu, 09 Feb 2023 10:10:53 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012301261900000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301261900000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
7015aff8f0d3dde45148f275bd83a56b3ddb8e92ce6b4453118bdc7fcdd138c5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 07 Feb 2023 20:33:42 GMT
age
115940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2981
x-xss-protection
0
server
sffe
etag
"dada9d5e9eb394d9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 07 Feb 2024 20:33:42 GMT
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012301261900000/v0/ 		240 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301261900000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
989c81040609961b2a0713099bcc44eb2660ddb961f2d124fa2cf9a5d431ac54
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 07 Feb 2023 20:33:45 GMT
age
115937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64359
x-xss-protection
0
server
sffe
etag
"bdf08d387dc1a962"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 07 Feb 2024 20:33:45 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012301261900000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301261900000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
58ca050e0f2ced65cc3d31efa3b348ca01056d70b3555ff1c80467a7c0b27ee7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 08 Feb 2023 21:22:43 GMT
age
26599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3925
x-xss-protection
0
server
sffe
etag
"a6f955c6412a1e27"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 08 Feb 2024 21:22:43 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301261900000&d_imp=1&c=46003342&ga_cid=amp-SROok4XxTaZ6WRwtdCjlWg&ga_hid=3342&dt=1675917962636&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fqilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming&bdt=616&dtd=156&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
c4fac800c85e9045af56738b4a1143ab3517c6b4ff9f9e5aa3655bf9a57d8bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11039
x-xss-protection
0
google-lineitem-id
-1
x-qqid
CLu6-PbQh_0CFQLhuwgdBuIOqA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Thu, 09 Feb 2023 04:46:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		112 KB
36 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301261900000&d_imp=1&c=46003342&ga_cid=amp-SROok4XxTaZ6WRwtdCjlWg&ga_hid=3342&dt=1675917962636&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fqilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming&bdt=616&dtd=158&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
257ce95f0802c3994bfaeb34313de4bb07265279e82ed741af49cd69a75e7598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
232x600
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35483
x-xss-protection
0
google-lineitem-id
-1
x-qqid
CMfn7PbQh_0CFVST_Qcdw1IPrA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Thu, 09 Feb 2023 04:46:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301261900000&d_imp=1&c=46003342&ga_cid=amp-SROok4XxTaZ6WRwtdCjlWg&ga_hid=3342&dt=1675917962636&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fqilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming&bdt=616&dtd=159&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
575c2de817d96ba7735c5901720dbac28fb06c7f52b5c82cd7f1c260608bf6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
320x50
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10614
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CJWY7PbQh_0CFZHquwgdkRMM3g
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324663406
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Thu, 09 Feb 2023 04:46:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=1608544924&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=673088382&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301261900000&d_imp=1&c=46003342&ga_cid=amp-SROok4XxTaZ6WRwtdCjlWg&ga_hid=3342&dt=1675917962637&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fqilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming&bdt=617&dtd=159&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
6b28dd41cc319a44229cbad7f39ac5bc0475d25616ac41f32cce405461bf0295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
120x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10622
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CIa07PbQh_0CFYyW_Qcdm5YILg
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138351399065
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Thu, 09 Feb 2023 04:46:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		123 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=2565837172&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1627611741&nhd=0&adx=954&ady=976&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301261900000&d_imp=1&c=46003342&ga_cid=amp-SROok4XxTaZ6WRwtdCjlWg&ga_hid=3342&dt=1675917962637&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fqilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming&bdt=617&dtd=159&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
153f08edeed1b76937c1e45dcc2573e4facce51fab2a84a9ecd02c7c0fbcf616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43752
x-ampimps
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkBDHi3rkY9OrI-eJ9u8P3POtqAy-nurvbLClupmpEdnZHhABINPLzjBg6eTJhdgaoAHNhZPzAsgBBuACAKgDAcgD2wSqBK8CT9CW7OSzI_7qSchZGmCS0OuCME700orFFABrOPSWdJuuiH-rRRTYeasWMm7FHlgMlDpSmfejMDL_5dGVSntKmE9-rW5bZYFohSGj2HIts3L5R0WwJvyA44QtjuPMQCJWTfD-N8OO4OZvi2Y2Vl-6HBXKk10lgjLrnRifGF18wSnkJOTbw7CsJIerrB79UO4K5lg1zU1YbQshQbWbe1LxdftOR3paKVSbN33PbMJBk74HEq3u0gw5LSfOkmPtJU3DlZ41Hx_RpWV3bWM8-2tA1aIUK-MP5cCn55MyQj2Vff_S5la5CoxXxzf4VBENZfRASrffXuNDplOe6pexIYJzwO9wqsaMePBJujL-dX9eQjeX8tyqpXjAGZPZibZ-MyKPNp18pqqHDxQh3h9fumw5wATPvPLmlQTgBAGSBQQIBBgBkgUECAUYBKAGN4AHxaKsmQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCDmwLSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=E3xlMWoVx0M&uach_m=[UACH]&cid=CAQSGwDUE5ymtg7x4ncValgHBwdJsbYsqOHkJR2axRgB&template_id=492
x-xss-protection
0
google-lineitem-id
-1
x-qqid
CJOdkffQh_0CFeeE_Qcd3HkLxQ
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
X-AmpImps,Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Thu, 09 Feb 2023 04:46:03 GMT
container.html
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
googleanalytics.json
cdn.ampproject.org/rtv/012301261900000/v0/analytics-vendors/ 		2 KB
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301261900000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f1.1e100.net
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 08 Feb 2023 21:10:48 GMT
age
27315
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
etag
"78a7cdb354fccd1b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 08 Feb 2024 21:10:48 GMT
ga4.json
amp.analytics-debugger.com/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:03 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only, master-only
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, same-origin
last-modified
Tue, 07 Feb 2023 10:25:14 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.xgcartoon.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQJWCOnhtWBo%2B%2BRsxG%2FVCe7L3xLAj%2FZok8YxSMkU8SD3IKSZMT2se19yszmO%2FwDOC6PYMg%2BN10AC8okaDCKyy92zh09Av%2FfJ8LBktpF%2F%2FFkUHUWJVp0pxHAoleJg4THeOXRO%2BFdmUR4h4Or8"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
7969f587d930bf26-WAW
collect
www.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=3342&cid=amp-SROok4XxTaZ6WRwtdCjlWg&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fqilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming&dr=&dt=%F0%9F%8D%9B%E9%BE%8D%E7%8F%A0%EF%BC%88%E4%B8%83%E9%BE%8D%E7%8F%A0%E3%80%81%E5%85%83%E7%A5%96%E9%BE%8D%E7%8F%A0%EF%BC%89%E3%80%90%E5%8A%87%E5%A0%B4%E7%89%88%E3%80%91%E9%AD%94%E7%A5%9E%E5%9F%8E%E5%85%A7%E7%9A%84%E7%9D%A1%E7%BE%8E%E4%BA%BA%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1675917964&sct=1&seg=1&_et=1000&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 04:46:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1D35 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:03 GMT
expires
Fri, 09 Feb 2024 04:46:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39D5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:03 GMT
expires
Fri, 09 Feb 2024 04:46:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A546 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:03 GMT
expires
Fri, 09 Feb 2024 04:46:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 71A4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:03 GMT
expires
Fri, 09 Feb 2024 04:46:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4515 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:03 GMT
expires
Fri, 09 Feb 2024 04:46:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfscript/ Frame 1D35 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=61375460;rtbwp=Y-R6iwACpHsIu-ECAA7iBnisHhxiyubR19J9EQ;rtbdata=j7Bu39wC6xQ4hEkNFEvgv0qWBIYbbbfmVKGq76cF4ikONPbLAzmXeNTzFzHbwm51B0Zv1VhWI66jQjkEcAarnv1dh9ljS_AglV8FnNq9xq8Y7Tjn1SVLSCbf_bXwKH6ALgjlM5frnJLT8KGVOwczOHhhMAtITgNK9ztL2QpV5QOSCC7y2J4ooiVF-9erYXurxvLSrpd_saIuGjjMtUifFAozofJCr6DDu7-jwbgTYGOYQ0iOvXZI_lwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oyTJ1tzPQelwA2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C-WUvi3rkY_vICoLC7_UPhsS7wArEs6CUXL7QuIXlAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLHk3XHXVWDPuACAKgDAaoExQJP0LY2JlbLWySZ84VoY__z_kwzfRnoezOxd_RRuCbG6D43zysRk7aqKrumowrtlHJu0fdojOTwd26rKl3TabpIslSAZc0NFV4juEM_AKkoabaJMRfA0M4-epz9gEVVZ8cs_-URtOkh_0Ig9wP6OGd2i9Y8i0Fiv9wrO-Q7ySPoFxhM0J0pwKMj4vu0nEA1UqS5XTDF2IwBH-pbUsSx99IRfwgMflwZKfUVBprhn5Zejj3u0ICV_ltLLbcnyR72M-MPULGLgAuYAKjL79nmIAb4gELcn_4xVLlAIb7ViwF0vNjJkryD-9WXpSI1lhefWgvXh390QY707zd4-bAr-dNWzi7KPsCX7zKPIaomIAHwaBGSqGqfKdjDiLf8uptkLRRRY9m7yS9PIn0oFQCwO9iTYLG7UaQa_v7Qt4UeFSoSe1Bqe3fx4AQBgAaR-Kun37fiyoUBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_2w7MF1oEOfqpzsAzSyrkNIwlyKsA&client=ca-pub-5884294479391638&adurl=
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b200cd7c26cfec895ca6c36c118cc0b5e617864364f5e2ace9a2e5b7a005ba64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1921
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 1D35 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:26:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
37195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:26:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 1D35 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:26:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
37195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7626
x-xss-protection
0
server
cafe
etag
5262822293969176042
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:26:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1D35 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:15:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
192612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Feb 2024 23:15:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D35 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 04:46:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1D35 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CP1dZi3rkY_vICoLC7_UPhsS7wArEs6CUXL7QuIXlAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLHk3XHXVWDPuACAKgDAaoEwgJP0LY2JlbLWySZ84VoY__z_kwzfRnoezOxd_RRuCbG6D43zysRk7aqKrumowrtlHJu0fdojOTwd26rKl3TabpIslSAZc0NFV4juEM_AKkoabaJMRfA0M4-epz9gEVVZ8cs_-URtOkh_0Ig9wP6OGd2i9Y8i0Fiv9wrO-Q7ySPoFxhM0J0pwKMj4vu0nEA1UqS5XTDF2IwBH-pbUsSx99IRfwgMflwZKfUVBprhn5Zejj3u0ICV_ltLLbcnyR72M-MPULGLgAuYAKjL79nmIAb4gELcn_4xVLlAIb7ViwF0vNjJkryD-9WXpSI1lhefWgvXh390QY707zd4-bAr-dNWzi7KPsCX7zKPIaomIAHwaBGSqGqfKdjDiLf8utlmDIbknQLzBfQZ8K4vwPu9L9Iwap-j-GPR-SshGZsyDZ3JuBim4AQBgAaR-Kun37fiyoUBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=GgkY5TS4Z3A&uach_m=[UACH]&cid=CAQSGwDUE5ymRcUjkdDIDaxCVhvUs9hJcivkdv1x2BgB&vis=1
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame 39D5 		2 KB
944 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f10.1e100.net
Software
ESF /
Resource Hash
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 04:40:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Feb 2023 04:46:04 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 39D5 		2 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:26:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
37152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:26:52 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 39D5 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:26:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
37152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9030
x-xss-protection
0
server
cafe
etag
14849286796705262889
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:26:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 39D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:26:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
37195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:26:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 39D5 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:26:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
37195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7626
x-xss-protection
0
server
cafe
etag
5262822293969176042
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:26:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39D5 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 04:46:04 GMT
8aec859a266e19fb42fee7f82edeac28.js
www.gstatic.com/mysidia/ Frame 39D5 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f3.1e100.net
Software
sffe /
Resource Hash
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14079
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 22:14:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 09 May 2023 04:54:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 39D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChBoKinrkY8f6O9Sm9u8Pw6W94AqU_9Ohbuez0cTxD4DCi9n2LxABINPLzjBg6eTJhdgaoAHQp-maAcgBCakC7G3TocfCgz7gAgCoAwHIA9sEqgS5Ak_Qj1tekPyJkgk43prZh6SW5uvxPP83ymejUIZx8ZJj9jdsHs-7yRLVKX6tffqLdVdP8-iJuA_GDm_7t7QhyuZAwmF2KdYi3zNxG-dyBrJaBephITuuRxPKG9gF5Sf6hiI3PqF6GxEcN-d2TJ7Ayk6MmNr_STEC2flr5iPKhkPT_KOiEPbv8vLtyTdUvA_2oQftdNuV76g5POLDLY2BmOFMDIbpRyXjbGboksDlDW0ZszFwxv-msVXH58-HatqjQ_5JXb9U8Dv1Om0Vuy2aqRvXvLG7-1d73En9RLbVlDfPx-CGgBCo4wAwR8KBGkO_TdF9L0oTo6zk7Vd80dIm9nOrayaDBQAccLxuboEe2O8I7bFqrQfr6tHBSKUjZfV3kt5Bbp2thNaR2EtHImIJHwP8wlrVtKI98-rABOKt4I39A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeY2JblAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHAxDwLtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMMiBQB0BUBgBcBshceChwIABIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=BlAKnHws7eQ&uach_m=[UACH]&cid=CAQSGwDUE5ymYLcqox-kcgZl_JOk3ypdR0_m8eQeiBgB&template_id=494&vis=1
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A546 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:15:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
192612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Feb 2024 23:15:52 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A546 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d8733f7ad48d72ab49a57853cb1213dfb0971ff42c59c6a540690d2fc8ae3d4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34362
x-xss-protection
0
server
cafe
etag
17833817373400415884
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 09 Feb 2023 04:46:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A546 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 04:46:04 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 71A4 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
7a841684de11948902e78cef2ac48bbe31b7e33691d6987a52568ea0dd19edf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34360
x-xss-protection
0
server
cafe
etag
5737369975625294833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 09 Feb 2023 04:46:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 71A4 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 04:46:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 71A4 		0
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBW-VD9tm_W_g_9aK1HM7WycsV-eykFdrNDr1CpBq_H7naPAbCnI-vUrVEa_cCkQMEKNXAz3xUKKTMTWEB0dW-99rmSzvebenP4FHahrgWXc5pML9qfcfjmnDJ2dcNK5JqejPDhSmtMpANuR0q5b6gAqNmJ8jVConiyugpuze9jwp2HwXPyNk3ywE5y2cHc0citNo6ZWb08DmoHiamQx-5G0_Pl2wEX3H6vIqBES9RpAZtf2GM_6zLzYox0f7YZohSXBiT-WOebZVW5UKTpyxOylHc6-bezxfqnDPRPisdKPBGgJerQMG42sZ781OlGSh9b3U4Sx6ziThHLLfhKFieNn1m-z0ucCN4&sai=AMfl-YS-81j0JY6UTJaWROtGWLXe5hYZ9DNe2aaH_joolOYG3Cms2ARbrA4C2HD_4mkYEz2g4eGutc0lR5-C-9Q&sig=Cg0ArKJSzBWQfxHGgXK_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 09 Feb 2023 04:46:04 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 4515 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
143b045d4842c7abf6ff289c0f8ee9724c918d90a6f8724bb2db569af300132e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:28:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14315
x-xss-protection
0
server
cafe
etag
16047493385422538413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:28:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4515 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:15:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
192612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Feb 2024 23:15:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4515 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 04:46:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 4515 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:26:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
37152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9030
x-xss-protection
0
server
cafe
etag
14849286796705262889
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:26:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 4515 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:26:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
37195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:26:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 4515 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:26:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
37195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7626
x-xss-protection
0
server
cafe
etag
5262822293969176042
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:26:09 GMT
975111760799707724_8986430263940886069.jpeg
static.doubleclick.net/dynamic/5/399948023/ Frame 39D5 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/399948023/975111760799707724_8986430263940886069.jpeg
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
83a63c18e2ab2dbe965fb1448d84c5f0f81419edf9d91542259b02e8f3eb4c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:21:51 GMT
x-content-type-options
nosniff
age
570253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30125
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 12:59:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 14:21:51 GMT
14149313894484115914_15151851868293686669.jpeg
static.doubleclick.net/dynamic/5/399948023/ Frame 39D5 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/399948023/14149313894484115914_15151851868293686669.jpeg
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
29752f55d6581b3d4b0a8b103083de71b97565e773c52e346c244d95b17fc52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:05:15 GMT
x-content-type-options
nosniff
age
556849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24573
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 12:59:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 18:05:15 GMT
9274686703220852110_2418673930005095518.jpeg
static.doubleclick.net/dynamic/5/399948023/ Frame 39D5 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/399948023/9274686703220852110_2418673930005095518.jpeg
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1663be684f56f2cddccd78d421d39d5426652f6c8e5bc36803ce87b9dc7c89a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:48:00 GMT
x-content-type-options
nosniff
age
147484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13669
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 12:59:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 11:48:00 GMT
2072727386934733624_8918964587267491608.jpeg
static.doubleclick.net/dynamic/5/399948023/ Frame 39D5 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/399948023/2072727386934733624_8918964587267491608.jpeg
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
b91a1e5ec6d3b67493c5d96e8e10b2b5269b4a679662a6626037dfa7c2b69d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:05:15 GMT
x-content-type-options
nosniff
age
556849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17628
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 12:59:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 18:05:15 GMT
2229373788544933868
tpc.googlesyndication.com/simgad/ Frame 39D5
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDvo8efShCwCRiwCTIIQXBm2uX5Tvs
  • https://tpc.googlesyndication.com/simgad/2229373788544933868
614 KB
615 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2229373788544933868
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
77b9e5fb4b39f77b95f21d1c119e5ff8016a14737012ee17f4d12102cf02ae2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 12:23:57 GMT
x-content-type-options
nosniff
age
58927
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
629227
x-xss-protection
0
last-modified
Fri, 05 Nov 2021 03:01:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 08 Feb 2024 12:23:57 GMT

Redirect headers

date
Wed, 08 Feb 2023 17:59:09 GMT
x-content-type-options
nosniff
server
cafe
age
38815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/2229373788544933868
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Mar 2023 17:59:09 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 1D35 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=61375460;rtbwp=Y-R6iwACpHsIu-ECAA7iBnisHhxiyubR19J9EQ;rtbdata=j7Bu39wC6xQ4hEkNFEvgv0qWBIYbbbfmVKGq76cF4ikONPbLAzmXeNTzFzHbwm51B0Zv1VhWI66jQjkEcAarnv1dh9ljS_AglV8FnNq9xq8Y7Tjn1SVLSCbf_bXwKH6ALgjlM5frnJLT8KGVOwczOHhhMAtITgNK9ztL2QpV5QOSCC7y2J4ooiVF-9erYXurxvLSrpd_saIuGjjMtUifFAozofJCr6DDu7-jwbgTYGOYQ0iOvXZI_lwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oyTJ1tzPQelwA2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C-WUvi3rkY_vICoLC7_UPhsS7wArEs6CUXL7QuIXlAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLHk3XHXVWDPuACAKgDAaoExQJP0LY2JlbLWySZ84VoY__z_kwzfRnoezOxd_RRuCbG6D43zysRk7aqKrumowrtlHJu0fdojOTwd26rKl3TabpIslSAZc0NFV4juEM_AKkoabaJMRfA0M4-epz9gEVVZ8cs_-URtOkh_0Ig9wP6OGd2i9Y8i0Fiv9wrO-Q7ySPoFxhM0J0pwKMj4vu0nEA1UqS5XTDF2IwBH-pbUsSx99IRfwgMflwZKfUVBprhn5Zejj3u0ICV_ltLLbcnyR72M-MPULGLgAuYAKjL79nmIAb4gELcn_4xVLlAIb7ViwF0vNjJkryD-9WXpSI1lhefWgvXh390QY707zd4-bAr-dNWzi7KPsCX7zKPIaomIAHwaBGSqGqfKdjDiLf8uptkLRRRY9m7yS9PIn0oFQCwO9iTYLG7UaQa_v7Qt4UeFSoSe1Bqe3fx4AQBgAaR-Kun37fiyoUBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_2w7MF1oEOfqpzsAzSyrkNIwlyKsA&client=ca-pub-5884294479391638&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:46:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A546 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbd30LjRlwQrFYegpRMsZfm-E27Zw_DgZDTrmgz10brsWde0r743mtDINL2q8oMUleIyo7BmsC7WV2S-SMxNy4kIOkfE002hiY7LEi7k5gK-qs1qux_VgHLe1W1o3A2HLCZ0XBV3l8vi1eXQPAssyQf5_n8iBMzPZyMhCQztvfg4flgOv46-jos0ZwKg9VrJiMwZ8kStVx7mB5xYBDsRR_UfrCZ8eUDpSWHRIbJkE2eSS5nJBn85u7YrM1MnN0g3dzYa4e3IrdklHvF5PSzT_u8QIMQlNEeF_J6jbEDIvF9qgIMq6fKndHKKfJgENsCLG1u6qWHDwDNIQeeUhWhjzP5hmFaGMGap53&sai=AMfl-YSu-PAXOSjTK9RUdssc7jOjdQNo2nEOonQqsDIwSR6UHuTxMzY2kjQ-eF9LtUS8aUhzPDY3ldSpxxyijIA&sig=Cg0ArKJSzEP2E2UlePpvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302020101/ Frame A546 		362 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072296
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e0c7f6be0f7487537769e1ac835b73e863c75372df2a21ca3ea0eda7664b7a0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121684
x-xss-protection
0
server
cafe
etag
8513498038946296165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 09 Feb 2023 04:46:04 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/14106653512073202865/ Frame 4515 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14106653512073202865/14763004658117789537?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qlrxBTQPHOHV2OHjvmHo6dDmE5FHA
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
70f6c4d69e7ef9498e8946a2d08ead24680c790a8b20cde20debfa8a84487513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:53:24 GMT
x-content-type-options
nosniff
age
571960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113188
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 09:58:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Feb 2024 13:53:24 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 4515 		1 KB
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 10:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151886
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 07 Feb 2024 10:34:38 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/ Frame 71A4 		362 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072294
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1ffdb75078cc19344d03475e07f25c75c1871fdb2872f6c68b7d37ca87653183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121512
x-xss-protection
0
server
cafe
etag
8193685049301444048
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 09 Feb 2023 04:46:04 GMT
truncated
/ Frame 39D5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cf9fefe55de29123278a4172b522587b63d14bacaaf043498173046a87e4bcf

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 39D5 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 22:12:48 GMT
x-content-type-options
nosniff
age
109996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Feb 2024 22:12:48 GMT
integrator.js
adservice.google.pl/adsid/ Frame A546 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A546 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A94C 		603 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=2480770705&adf=816031639&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675917964309&bpp=15&bdt=249&idt=201&shv=r20230207&mjsv=m202302020101&ptt=5&saldr=sa&is_amp=1&correlator=3342&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1183685319&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C31072296%2C44779794&oid=2&pvsid=3745064758400385&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vebj8sv6k717&fsb=1&dtd=215
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame CDB8 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
2586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:02:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4515 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
062fa1ad443d0a2da598b47e257beea07a5090760c1e6313fdfd30667b1e4696

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/adfserve/ Frame 1D35 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=61375460;rtbwp=Y-R6iwACpHsIu-ECAA7iBnisHhxiyubR19J9EQ;rtbdata=j7Bu39wC6xQ4hEkNFEvgv0qWBIYbbbfmVKGq76cF4ikONPbLAzmXeNTzFzHbwm51B0Zv1VhWI66jQjkEcAarnv1dh9ljS_AglV8FnNq9xq8Y7Tjn1SVLSCbf_bXwKH6ALgjlM5frnJLT8KGVOwczOHhhMAtITgNK9ztL2QpV5QOSCC7y2J4ooiVF-9erYXurxvLSrpd_saIuGjjMtUifFAozofJCr6DDu7-jwbgTYGOYQ0iOvXZI_lwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oyTJ1tzPQelwA2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C-WUvi3rkY_vICoLC7_UPhsS7wArEs6CUXL7QuIXlAsCNtwEQASAAYOnkyYXYGoIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLHk3XHXVWDPuACAKgDAaoExQJP0LY2JlbLWySZ84VoY__z_kwzfRnoezOxd_RRuCbG6D43zysRk7aqKrumowrtlHJu0fdojOTwd26rKl3TabpIslSAZc0NFV4juEM_AKkoabaJMRfA0M4-epz9gEVVZ8cs_-URtOkh_0Ig9wP6OGd2i9Y8i0Fiv9wrO-Q7ySPoFxhM0J0pwKMj4vu0nEA1UqS5XTDF2IwBH-pbUsSx99IRfwgMflwZKfUVBprhn5Zejj3u0ICV_ltLLbcnyR72M-MPULGLgAuYAKjL79nmIAb4gELcn_4xVLlAIb7ViwF0vNjJkryD-9WXpSI1lhefWgvXh390QY707zd4-bAr-dNWzi7KPsCX7zKPIaomIAHwaBGSqGqfKdjDiLf8uptkLRRRY9m7yS9PIn0oFQCwO9iTYLG7UaQa_v7Qt4UeFSoSe1Bqe3fx4AQBgAaR-Kun37fiyoUBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_2w7MF1oEOfqpzsAzSyrkNIwlyKsA&client=ca-pub-5884294479391638&adurl=;js=1;adfxid=1x;9652;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b21b3adbc2306b47608414f7994b10ad5b9eec253c0e2253acc6f4d728ad1cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3669
expires
-1
integrator.js
adservice.google.pl/adsid/ Frame 71A4 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 71A4 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2D77 		603 B
109 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=1831158112&adf=816031632&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675917964367&bpp=11&bdt=301&idt=209&shv=r20230207&mjsv=m202301310101&ptt=5&saldr=sa&is_amp=1&correlator=3342&frm=24&ife=2&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1183685319&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31072294%2C44779793&oid=2&pvsid=1303408280324135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.u5p9idgr4c9b&fsb=1&dtd=226
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
inlgis.php
system360.inistrack.net/d/ Frame 1D35 		43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://system360.inistrack.net/d/inlgis.php?inisTrack=df-9-rWP-&bannerid=150366&OXLIA=1&zoneid=404697&rnd=66294
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.154.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-154-231.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 04:46:04 GMT
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
B29164593.356334039;dc_pre=CNj51_fQh_0CFYe73godmHEIVw;dc_trk_aid=547152273;dc_trk_cid=184409116;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N718661.3942254JEEP-APEXCPCPAKIE/ Frame 1D35
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N718661.3942254JEEP-APEXCPCPAKIE/B29164593.356334039;dc_trk_aid=547152273;dc_trk_cid=184409116;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
  • https://ad.doubleclick.net/ddm/trackimp/N718661.3942254JEEP-APEXCPCPAKIE/B29164593.356334039;dc_pre=CNj51_fQh_0CFYe73godmHEIVw;dc_trk_aid=547152273;dc_trk_cid=184409116;ord=[timestamp];dc_lat=;dc_r...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N718661.3942254JEEP-APEXCPCPAKIE/B29164593.356334039;dc_pre=CNj51_fQh_0CFYe73godmHEIVw;dc_trk_aid=547152273;dc_trk_cid=184409116;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=70843
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 04:46:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Feb 2023 04:46:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N718661.3942254JEEP-APEXCPCPAKIE/B29164593.356334039;dc_pre=CNj51_fQh_0CFYe73godmHEIVw;dc_trk_aid=547152273;dc_trk_cid=184409116;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&rnd=70843
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 1D35 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f07e9d5ae8825aada1dbb35e8096ad47982d3859b1e01e01e275fc8841e61e7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 59FD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 15:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
46604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 15:49:20 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 1D35 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
863ad739bb9402363d8f11aa86e044ddfa80fd927de18b09814259f152fdf01f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:43:11 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CDB8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:04 GMT
expires
Thu, 09 Feb 2023 04:46:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:04 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 53D9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 15:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
46604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 15:49:20 GMT
/
track.adform.net/csimpr/ Frame 1D35 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=61375460&csi=qPcBVgBHml6LKgObXtLfzF3c0IRsYpgo09MzPWrmzZzrygPkIxxfk8ITRjTIATyVxkcJLmN3XedRmH8HpvdlxmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 04:46:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
57270633.jpg
s1.adform.net/Banners/57270633/ Frame 1D35 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/57270633/57270633.jpg?bv=1
Requested by
Host: f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
URL: https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
62c2f821a872d71557a7c3cae509e784e283b0cbe451ccc8a8498368f5216bba

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
last-modified
Fri, 03 Feb 2023 10:03:06 GMT
server
nginx
x-amz-request-id
tx00000b9dabc1b277f3e47-0063e43a5d-3294fed7-default
etag
"54af33a564568494eb0bddbe3c670482"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
25938
view
securepubads.g.doubleclick.net/pcs/ Frame A546 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDxOpg407gwUl4sCze-1XSBdnhyOha0HB9-xf_ar2ghSTLsoNuAQwqmokVVgdNeVQmJYe4COJ-HowmNa7B-BynJWvb5l7Qw67RfHjMCQieJLTq-lgMCGB7dwjez_TrUq8MEnQ6ZZCEiHSHzc3rlR6ExISTIvtmPzX99WoWygl6FJSLnBBIzeLPWvjaHnHk557UtJEFQ9he0Z-Mc60PhF5T5Dl3GdR2Q7E4058yKhe_NKUc1QfujS8w1-63KCYu0EhoiZE2UmBdAsqW7798MJu0Zs7v3EwCCGinhPpx7INRyw5Z2ISuywdGVdQc74iKrXNATuvBINE16QM1MHvTwh24hYSUX1rZSR5KmzA&sai=AMfl-YRoGdP7ELYyazkqr2zOiFlhAUiMJnBGAHWIr3wDmkO6mhAd8upBBksk_DTklPBsfwz4OakTd_IBJRcR77M&sig=Cg0ArKJSzKnpQzw05sFHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 09 Feb 2023 04:46:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A546 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
7e54f444e2dc69f06c6a3ea352136f006a97c567a86740e66025a8fd5996a6a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11345
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 71A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvueVvjdCF8iDV_d-jrAUTTsoh0liuar-keqQ_QbnLgoRCjZy86Keey8lu619Qm5dYzv6ByxfMJVauxQ29ez2em0qdj2o1mwlEG4XoLW1XiOeEAVI1rri6RrqsYdxCDjEDncCuXWLHHWQN-ND2rt2T-16mnPfrY2YKl3FDO6f2lvksyJfsqpyzo8td0P0OLzEhFz7PGrbwdu-fNZ6sYJqNj4W6k6sKaLxrLPyGxpNbqxYL48cO8oHKsHyV81P1mW3zxnjJ4ZSymvlna_Wuplv0VIHrdwB__TZGwRfzj0117YohWrDyeC_a1KtA0kFjBi1XF-roVYV1yFzcRyJW2bHPN7eC2hlNIFWh6UEM&sai=AMfl-YTAFrD7kao-36kPgZowCdknU7R6mmqWyqf5bvvmnN3UsjIg0KRXGLhf8aVtsTXhrxxKunuG0gyYBcFrz54&sig=Cg0ArKJSzOPNKL63-LHAEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 09 Feb 2023 04:46:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 71A4 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d4a22157e72279b61e049a2d993357261cd6b4f5ce078f00e58061251c013558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11155
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A546 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 04:46:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 71A4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com&bust=31072294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 04:46:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3649 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
28027
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:58:58 GMT
expires
Thu, 08 Feb 2024 20:58:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8BEE 		783 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
5f9f4ed03b5d037d7538bb75ae13b5ad313c6e5eddaea2225a8f4a5fc4a06f6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--Znk2lgh5A5TN1huxiRyBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce--Znk2lgh5A5TN1huxiRyBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:05 GMT
expires
Thu, 09 Feb 2023 04:46:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FAC2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
28027
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:58:58 GMT
expires
Thu, 08 Feb 2024 20:58:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3AE6 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
cc17d68b5649c614c650d185249b9abc37081b56cd41656778b55798c940427b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J6brD1_aDn3QYPEvHWv5PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-J6brD1_aDn3QYPEvHWv5PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 04:46:05 GMT
expires
Thu, 09 Feb 2023 04:46:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 8BEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=3745064758400385&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3AE6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=1303408280324135&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 3649 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 15:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
46605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 15:49:20 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame FAC2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 15:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
46605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 15:49:20 GMT
generate_204
tpc.googlesyndication.com/ Frame 3649 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tsgNPw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame FAC2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jVNS4Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 04:46:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A546 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=3745064758400385&bg=!m5ilmMzNAAaq5O5FiuQ7ADkAdvg8WoSqqwVYAU2z-JA6vXvcKPqWRYtFVPI5_17K3loXRIMdmYkQdeIfoChRezOpmuQVx3qzNP0CAAAAg1IAAAADaAEHmQLjBva_uj0R8PgIUJJ58EGXWqNk31YcIyLkYeMrSWulvIbLlhbOxkNnYxfpnZne5LQt0idbVuKH3LHniGFlpMJk_AgK6DgZPCBeD17HeOSxUlSyDjbGR_ptMhl9jFgszorDvkSwiIUWavQZiHumGZPCt2_GKmXUtv87ybTd2FPCUhTOsZBskz1PX3E3Bk54P5cIPnxUfGAHaPBK6OhW7YIW15x1QnejSLt3JGGL2JRYuzAAZr3TS_I-wKZhJuSwNskk5L6LbCMP0-QrUaE5RBYYXHZxc99szGS_V-unQ-1N04s7VZQKa4SisvYxUATkQyFjUH3XYJY3yE3rLoKCYcmupios7j3zJYd7oNBKQpaYteu6IdJBDv5nQ4e-r48wVIrKF5sN0bArVpHFcabBwadrChnPuPu4xr-N4niK9D6z_JzdjyzBLKCrHzBQl4JwSp7mcogA3smrtb3DxRiz-7h0mfcAW6-yseN8FPEudg_y1Om0y7PElcb28TnANEmKG_RZXJYeXlp1SgMNb7u-lrMa04Vuy9CjIRuWXCs2yPP6ilAnsl4FDL8ItWYPwsZYJCZEudRuM4H3yu8ouRqtZjbnzSKLDigetkpZa9Sw7q9vG5gdzKG-q_5uJCETciHgm99NxaXYg91Gp-1O9s3WuTadQdP33QjU79jwl7h09tp95f5ey2IVXl7NbNBGeDK8Xw7LFmR4QHqHAEt7a867k-BZQ05cYoBMws2DH9fb1GXQR1rBBw8knXvzy1nwYNMh69zsc6hPLX0s1N_oT1MOYy7NCSFnoiJAGCd7R6W3UyUaxt1voXbVNRG_25VyhgtPwGZDA67rQ3oX8d5vkpPJpLT1-aEz9qCjGs7mz3DZABfcYcgE1DkrNfeaSKjSN92dN5M2c39A5sPZAtWH2Ig4JlBv1ML4NFTdzQuAyClEtoR5q5hWpiE1joufmBUvvGGXc4cBSjd7nj6HWA2As4S8BF0V81WmMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 71A4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=1303408280324135&bg=!Xl2lXQnNAAaq5O5FiuQ7ADkAdvg8WtXZk5Qlh_rBF3GPDuOMB7m1mZmu9Q3CW9jqkAgpQpCLGIaqI_f9TvfBavpUWIqnBNwSuu4CAAAAhlIAAAADaAEHmQLpisAxvhKnTfo2jWJK0jDD_BV2jVAsMAA96d4LzQw0JTkIfmgC8893C5lFT3X9_cGOkYDkU2chHHX0n5mrc05GHAGxpnGS2ekQTvGEF4tj7Q0q8agCLEq3GTZ1ECdRZjlXN3g60dzRm5lSSAUgmmH_nU8LlMNSy1belJ7WMxHbCH9wUu0tkpj2aAMZLZyDVkxhl1pjPHFT96J1jEuM5YZ3tHu5vJVVsOagH02H8nC4zTRi2gX-GZ4HDNevPeeqXzoFcHOZQA1cCUG4qQTEfqaQFcfHZxZl5h_73eCJXmf2TGXOrd9Cg6nSvGDoVIsnxmD4nDTgXZdlFZwR-r5TgQBnZd1G8AEFS6yuJV6d6BiAoysFrEv0ZcSYQcXYlKf75QNaw67M5PtOQiYmaR3DAHbxfozRnK5aMbf8W-F8Vq1e0QaxoKZGfq5VbicRNmayXHnpqjN9G-LKrTFTShVuDMAh8jvkOmWMqOLrB6l2p4MbC_fK1j2Cjvmx2MsAD6Z5eAudJM5QV_GGwmTJ0Y232XFycCoEkGy6h6TIaHMRpp8QJdjajI6UKbhT85aXzhKZ31m27iBrscI8RMHWVPoRmJLrtD7p_k2xhM8PzCstz-cMs8oqcEA6t4754BtpO-sLRqCcD63VZFhAJcvOXSriFMWEoicVAKkLFAxgFfIEz-FHRQ12cGNn3Wu2rQ1HAjp3-QY35zJ1a5E_GEKtp_fIhuuv6MJrSiK6CcWSUmg-waoM2MqzFUUIWGuI4hNR1rZdUrQ4k8r0WCXwvrRteiDvuv8NhNIkF-XvY_L8nuCS19Nc5EF24j8bEpdb1tf97VnzZlScqactuLrJ59IpFeZ4MVheFZh1lpPUEJmhg8FyX5ciIBrG0cMGSqBQbnnZCYujPXeyKOqV6up7v6_pmU990fCP4MHiQ6JrYZGejgjjtc3OFIkXAXhe3icVdLhWcx5jGcMXeJeXOOidbJws3IWGBoKM4jhBFlwWxgKSqg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 1D35 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunhKI4ShEAe-t7tcJeZBy0CUrAcRMmEpsEZePGp4eUdX52drzIACOOzKR7VHQEKkidr_G4pnOeEt4T3JiZcR6xOZiz&sig=Cg0ArKJSzHJXm1VjnfApEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675917963950&rpt=955&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 04:46:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/Serving/Event/ Frame 1D35 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=61375460&event=178&time=2&baid=57270633&name=Viewable%20impressions&imprid=5604916723741705788&icid=3448290174058620877&eData=qPcBVgBHml4ZlGuYtSeoPq3uuH_w-T4s4fn4X_ACi5gG_Br1RAwU-2qWu3L7_EA73INRUFGCp7kau94oJsHc8Q2&rtbdata=j7Bu39wC6xQ4hEkNFEvgv0qWBIYbbbfmVKGq76cF4ikONPbLAzmXeNTzFzHbwm51B0Zv1VhWI66jQjkEcAarnv1dh9ljS_AglV8FnNq9xq8Y7Tjn1SVLSCbf_bXwKH6ALgjlM5frnJLT8KGVOwczOHhhMAtITgNK9ztL2QpV5QOSCC7y2J4ooiVF-9erYXurxvLSrpd_saIuGjjMtUifFAozofJCr6DDu7-jwbgTYGOYQ0iOvXZI_lwpK8SGs0-wl3FY_RQqHeYrwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42oyTJ1tzPQelwA2&rtbwp=Y-R6iwACpHsIu-ECAA7iBnisHhxiyubR19J9EQ&rnd=990773316
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 04:46:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 1D35 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3448290174058620877@@61375460,5604916723741705788,100|1201|0|0|0|0|0|0|0||41|1|||||1|0|0|90AWt57IkjpX7EYoWZQhURQjX20DTLHBE7eE5D892eXOWIud3yPZsBhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 04:46:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| oncontentvisibilityautostatechange object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter function| FormProxy object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

9 Cookies

Domain/Path Name / Value
.xgcartoon.com/ Name: _ga
Value: amp-SROok4XxTaZ6WRwtdCjlWg
.doubleclick.net/ Name: IDE
Value: AHWqTUniyxfvwDBfv8UQ3NO7a9r8GCBqJYu2Nwiv4GYlfnrG7ChuSCjswCdeQ4ktQP0
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3448290174058620877
.adform.net/ Name: TPC
Value: 1675917964570
.doubleclick.net/ Name: DSID
Value: NO_DATA
system360.inistrack.net/ Name: inisTrack_o-404697-150366
Value: %7B%22actionId%22%3A%22DU3JTMdbw5cwq6dSxLJ3q6IZzKmHd9IF%22%2C%22inisTrack%22%3A%22df-9-rWP-%22%7D
.inistrack.net/ Name: OAID
Value: 01000111010001000101000001010010
.inistrack.net/ Name: _OXLIA[150366]
Value: rpsqks-404697

1 Console Messages

Source Level URL
Text
javascript warning URL: https://www.xgcartoon.com/detail/qilongzhujuchangbanmoshenchengneideshuimeirenriyu-niaoshanming
Message:
The resource https://f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.pl
amp.analytics-debugger.com
cdn.ampproject.org
f6d86ac395a5c3f66c1a5daa33d8f445.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s1.adform.net
securepubads.g.doubleclick.net
static-a.xgcartoon.com
static.doubleclick.net
system360.inistrack.net
tpc.googlesyndication.com
track.adform.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.xgcartoon.com
104.22.47.147
104.26.10.132
142.250.180.193
142.250.180.195
142.250.184.195
142.250.185.194
142.250.186.161
142.250.186.162
142.250.186.174
142.250.186.70
142.250.201.194
142.251.208.98
142.251.39.1
172.217.18.100
172.217.18.2
172.217.23.102
216.58.212.130
216.58.212.138
35.156.154.231
37.157.2.247
37.157.6.233
84.17.37.43
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
062fa1ad443d0a2da598b47e257beea07a5090760c1e6313fdfd30667b1e4696
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
143b045d4842c7abf6ff289c0f8ee9724c918d90a6f8724bb2db569af300132e
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
153f08edeed1b76937c1e45dcc2573e4facce51fab2a84a9ecd02c7c0fbcf616
1663be684f56f2cddccd78d421d39d5426652f6c8e5bc36803ce87b9dc7c89a6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c4ac959df358f403ab3e6d183c1981c95c23e517fc9c47c83629f66a7403a30
1daa8236785cb21eef85513e86238df3a69180e0a74bf5ac078e50df548a123d
1ffdb75078cc19344d03475e07f25c75c1871fdb2872f6c68b7d37ca87653183
257ce95f0802c3994bfaeb34313de4bb07265279e82ed741af49cd69a75e7598
29752f55d6581b3d4b0a8b103083de71b97565e773c52e346c244d95b17fc52c
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2f07e9d5ae8825aada1dbb35e8096ad47982d3859b1e01e01e275fc8841e61e7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c2de817d96ba7735c5901720dbac28fb06c7f52b5c82cd7f1c260608bf6c5
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
58ca050e0f2ced65cc3d31efa3b348ca01056d70b3555ff1c80467a7c0b27ee7
5f9f4ed03b5d037d7538bb75ae13b5ad313c6e5eddaea2225a8f4a5fc4a06f6f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c2f821a872d71557a7c3cae509e784e283b0cbe451ccc8a8498368f5216bba
6628b42c3afbea8411daba5faf8fcbd730d1a18e1fc4f7b3f4a9f89502d003b0
6b28dd41cc319a44229cbad7f39ac5bc0475d25616ac41f32cce405461bf0295
7015aff8f0d3dde45148f275bd83a56b3ddb8e92ce6b4453118bdc7fcdd138c5
70f6c4d69e7ef9498e8946a2d08ead24680c790a8b20cde20debfa8a84487513
77b9e5fb4b39f77b95f21d1c119e5ff8016a14737012ee17f4d12102cf02ae2f
7a841684de11948902e78cef2ac48bbe31b7e33691d6987a52568ea0dd19edf4
7c5a07836e98c932b6f71aa43a65ab4a86c8f45d2aac4af6ed5791c61d58bbcf
7e54f444e2dc69f06c6a3ea352136f006a97c567a86740e66025a8fd5996a6a7
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a63c18e2ab2dbe965fb1448d84c5f0f81419edf9d91542259b02e8f3eb4c80
863ad739bb9402363d8f11aa86e044ddfa80fd927de18b09814259f152fdf01f
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8c50f320c9239a4c05a718ea2f6fcc2187c21cc2a429fb7564e5b59ecd85c254
8cf9fefe55de29123278a4172b522587b63d14bacaaf043498173046a87e4bcf
909bde560561490f40908a6b9318a4193d149606eb131433ff8c8fd4b45f1837
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
989c81040609961b2a0713099bcc44eb2660ddb961f2d124fa2cf9a5d431ac54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af64833b2c441895c7428f1ce4ff43d312738e035ba033b8c3d2a86c809dabfa
b12531a740f3b5626197a949687d39aedb6bc4ab56aa21f8e75f275d98a7e116
b200cd7c26cfec895ca6c36c118cc0b5e617864364f5e2ace9a2e5b7a005ba64
b21b3adbc2306b47608414f7994b10ad5b9eec253c0e2253acc6f4d728ad1cb9
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
b91a1e5ec6d3b67493c5d96e8e10b2b5269b4a679662a6626037dfa7c2b69d45
c497494f1b384dde710f79dcbcca88055138ee97e2217bcf9ebc41025f045b0b
c4fac800c85e9045af56738b4a1143ab3517c6b4ff9f9e5aa3655bf9a57d8bc2
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
cb7dadfee42703d011a9e651d5a3c15b415a1662aa3ed43f3358fb05d2c72b9e
cc17d68b5649c614c650d185249b9abc37081b56cd41656778b55798c940427b
d4a22157e72279b61e049a2d993357261cd6b4f5ce078f00e58061251c013558
d8733f7ad48d72ab49a57853cb1213dfb0971ff42c59c6a540690d2fc8ae3d4d
e0532c6db336a57f0d5a5a6491e42db6a36984517c277779f04554ec632d3627
e0c7f6be0f7487537769e1ac835b73e863c75372df2a21ca3ea0eda7664b7a0a
e198e16f751d47214c7539905c91a4778bdf18eedb5f627dbfecbad7bec84484
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5025699ba558b21d636f77848f14fd0220be4e56fd8dd3a0f85116361ec5e9
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f