URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Submission: On February 04 via manual from US — Scanned from PL

Summary

This website contacted 26 IPs in 7 countries across 21 domains to perform 115 HTTP transactions. The main IP is 84.17.37.43, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com. The Cisco Umbrella rank of the primary domain is 797467.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 84.17.37.43 60068 (CDN77 ^_^)
1 29 142.250.201.193 15169 (GOOGLE)
5 104.22.47.147 13335 (CLOUDFLAR...)
3 172.217.16.194 15169 (GOOGLE)
10 142.251.208.98 15169 (GOOGLE)
4 142.250.185.193 15169 (GOOGLE)
1 104.26.11.132 13335 (CLOUDFLAR...)
1 216.239.32.178 15169 (GOOGLE)
21 142.251.208.162 15169 (GOOGLE)
4 142.250.201.194 15169 (GOOGLE)
1 142.251.39.10 15169 (GOOGLE)
3 142.250.186.131 15169 (GOOGLE)
2 142.250.186.130 15169 (GOOGLE)
3 172.217.18.98 15169 (GOOGLE)
3 37.157.6.233 198622 (ADFORM)
3 142.250.186.68 15169 (GOOGLE)
2 37.157.6.236 198622 (ADFORM)
1 2 54.154.232.93 16509 (AMAZON-02)
1 2 195.177.217.225 50599 (Autonomou...)
2 3 185.11.128.202 50599 (Autonomou...)
1 2 172.217.16.134 15169 (GOOGLE)
3 13.225.239.101 16509 (AMAZON-02)
2 6 185.11.128.197 50599 (Autonomou...)
2 2 98.98.134.242 21859 (ZEN-ECN)
1 1 34.247.103.109 16509 (AMAZON-02)
1 1 37.157.2.238 198622 (ADFORM)
1 35.186.253.211 15169 (GOOGLE)
2 2 63.34.67.64 16509 (AMAZON-02)
2 2 13.248.245.213 16509 (AMAZON-02)
2 2 37.252.171.149 29990 (ASN-APPNEX)
5 54.203.94.91 16509 (AMAZON-02)
115 26
Apex Domain
Subdomains
Transfer
34 googlesyndication.com
57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
449 KB
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
ad.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
99 KB
13 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 358
254 KB
10 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 716
static.adsafeprotected.com — Cisco Umbrella Rank: 616
dt.adsafeprotected.com — Cisco Umbrella Rank: 557
168 KB
9 xgcartoon.com
www.xgcartoon.com — Cisco Umbrella Rank: 797467
static-a.xgcartoon.com — Cisco Umbrella Rank: 716919
343 KB
6 adocean.pl
myao.adocean.pl — Cisco Umbrella Rank: 122568
63 KB
6 adform.net
track.adform.net — Cisco Umbrella Rank: 3696
s1.adform.net — Cisco Umbrella Rank: 8046
c1.adform.net — Cisco Umbrella Rank: 568
39 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 gemius.pl
pro.hit.gemius.pl — Cisco Umbrella Rank: 52432
adocean-pl.hit.gemius.pl — Cisco Umbrella Rank: 299761
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
193 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
42 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 409
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 329
951 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2166
785 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 601
977 B
2 google.pl
adservice.google.pl — Cisco Umbrella Rank: 28681
696 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1634
350 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
713 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
256 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 47488
2 KB
115 21
Domain Requested by
16 tpc.googlesyndication.com 1 redirects 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 pagead2.googlesyndication.com 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.xgcartoon.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
13 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
10 securepubads.g.doubleclick.net cdn.ampproject.org
57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
www.googletagservices.com
7 cm.g.doubleclick.net googleads.g.doubleclick.net
6 myao.adocean.pl 2 redirects googleads.g.doubleclick.net
myao.adocean.pl
5 dt.adsafeprotected.com googleads.g.doubleclick.net
5 static-a.xgcartoon.com www.xgcartoon.com
4 www.googletagservices.com 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com cdn.ampproject.org
4 www.xgcartoon.com www.xgcartoon.com
3 static.adsafeprotected.com pixel.adsafeprotected.com
googleads.g.doubleclick.net
3 adocean-pl.hit.gemius.pl 2 redirects googleads.g.doubleclick.net
3 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
3 track.adform.net googleads.g.doubleclick.net
s1.adform.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
2 secure.adnxs.com 2 redirects
2 eb2.3lift.com 2 redirects
2 match.360yield.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 ad.doubleclick.net 1 redirects googleads.g.doubleclick.net
2 pro.hit.gemius.pl 1 redirects googleads.g.doubleclick.net
2 pixel.adsafeprotected.com 1 redirects s1.adform.net
2 s1.adform.net track.adform.net
s1.adform.net
2 adservice.google.pl pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 rtb.openx.net googleads.g.doubleclick.net
1 c1.adform.net 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 www.gstatic.com 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
1 fonts.googleapis.com 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
1 www.google-analytics.com cdn.ampproject.org
1 amp.analytics-debugger.com cdn.ampproject.org
115 34

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G2
2022-09-14 -
2023-10-16
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.analytics-debugger.com
GTS CA 1P5
2023-01-22 -
2023-04-22
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.google.pl
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
www.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
fw.adsafeprotected.com
Amazon
2022-04-28 -
2023-05-27
a year crt.sh
static.adsafeprotected.com
Amazon
2022-08-06 -
2023-09-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.adocean.pl
Sectigo ECC Domain Validation Secure Server CA
2023-01-30 -
2024-02-06
a year crt.sh
dt.adsafeprotected.com
Amazon
2022-11-04 -
2023-12-03
a year crt.sh

This page contains 15 frames:

Primary Page: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Frame ID: 3839318F65BA72D2EE0E7A05ABA70B73
Requests: 31 HTTP requests in this frame

Frame: data://truncated
Frame ID: FA2BB78921135E4CFFAC9F186AEC01BF
Requests: 1 HTTP requests in this frame

Frame: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 4881270437CF1E71822E7343F2724CEF
Requests: 12 HTTP requests in this frame

Frame: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: D4AEAE56B15319A6F137C8D140FD3748
Requests: 12 HTTP requests in this frame

Frame: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 49B5BF370915952B5463A0B7CA69C676
Requests: 14 HTTP requests in this frame

Frame: data://truncated
Frame ID: 39F43CFC4C261D35E3C64D1FF9ECFDA0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Frame ID: CE167375D56FCA261DFD4DCF257FBAA0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031638&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033085&bpp=15&bdt=267&idt=299&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44779793&oid=2&pvsid=2143437821200090&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.g6pvjxm5qh79&fsb=1&dtd=316
Frame ID: AB31257E917940882D221468F0A8A8F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Frame ID: E2C1CF2EE1B59C2E956B0759E6A806F1
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7F123E3B2387ABFDB7C7EF9077042D19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9930D8A4D4E391E2F74396C44A150130
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 97F188558579BF4D7F98BB4CCB98BAAC
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 173A3C7E9AAC9584AE3CFCA5FC548F95
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4302B171D1603716314ED69F3C745517
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9AFC2444B1D371EDCA510A13E26769B0
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

🍜勇者辭職不幹了(辭職不做勇者了~下個職場是魔王城~)【日語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 80%
Detected patterns
  • adocean\.pl

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 80%
Detected patterns
  • hit\.gemius\.pl

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

115
Requests

90 %
HTTPS

0 %
IPv6

21
Domains

34
Subdomains

26
IPs

7
Countries

1655 kB
Transfer

4090 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrla7TmQEQgAgYgAgyCMogKkuLg2PU HTTP 301
  • https://tpc.googlesyndication.com/simgad/12720611189492641873
Request Chain 82
  • https://pro.hit.gemius.pl/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_name=OH0004_Citroen|cam_id=2904892|advertiser_name=Citroen|placement_name=Citroen_AC_160x600|media_name=Real+Time+Bidding|cre_name=Citroen+-+Kody%2c+160x600_AC|cre_id=57048497|cre_w=160|cre_h=600|dev_advid=|app_name=|app_id=|geo_lat=52.37798|geo_lng=20.91693|user_opt=0|src_event=impression HTTP 301
  • https://pro.hit.gemius.pl/__/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_name=OH0004_Citroen|cam_id=2904892|advertiser_name=Citroen|placement_name=Citroen_AC_160x600|media_name=Real+Time+Bidding|cre_name=Citroen+-+Kody%2c+160x600_AC|cre_id=57048497|cre_w=160|cre_h=600|dev_advid=|app_name=|app_id=|geo_lat=52.37798|geo_lng=20.91693|user_opt=0|src_event=impression
Request Chain 83
  • https://adocean-pl.hit.gemius.pl/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=; HTTP 301
  • https://adocean-pl.hit.gemius.pl/__/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=;
Request Chain 84
  • https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_pre=CKj5ueyw-_wCFYfzEQgdJS4CcA;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=0
Request Chain 88
  • https://myao.adocean.pl/_1675497034600/ad.js?id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/ HTTP 301
  • https://myao.adocean.pl/__/_1675497034600/ad.js?id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/ HTTP 301
  • https://adocean-pl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fmyao.adocean.pl%2F__%2F_1675497034%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DQMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7%2Fcid%3D7359%2Fkid%3D2%2Faocodetype%3D1%2F HTTP 301
  • https://myao.adocean.pl/__/_1675497034/ad.js?hclsdata=&hcudata=yrV2Mx9a1EkEsmQlRwzKjZnCBuD32XQAtSBYMrdsPPL.U7&id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
Request Chain 90
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHSEvp08KhFSv2tfFKFWZVY&google_cver=1&google_push=Aa02lx8HBQNNa-qHJceKfvmN9VW6R3pd4v_MS-b-W9OmppkukR4tUAF48DeyTDhqiI30p9YZEEJmNCXJ0Oael94Q5lV-ChVSTBA HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHSEvp08KhFSv2tfFKFWZVY&google_cver=1&google_push=Aa02lx8HBQNNa-qHJceKfvmN9VW6R3pd4v_MS-b-W9OmppkukR4tUAF48DeyTDhqiI30p9YZEEJmNCXJ0Oael94Q5lV-ChVSTBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=5StD_Ol3QhSuapgoqf_R7mPeDko
Request Chain 91
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPaNdT0MZLltsu73sAyg80g&google_cver=1&google_push=Aa02lx9GFjp7VELgwV05U4zT0Crx8KSZmKGOMPrEFK0VJQSh4Xa578dfTH4afFbkUkRBZmL5mwj_f2vAEeaI3UDbvYZk_TSjtJE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9GFjp7VELgwV05U4zT0Crx8KSZmKGOMPrEFK0VJQSh4Xa578dfTH4afFbkUkRBZmL5mwj_f2vAEeaI3UDbvYZk_TSjtJE&google_hm=eS1fREUyMHBORTJwRkFJTHd3Q0hzc3dfbi5LSF9vaE9pTX5B
Request Chain 92
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL2EzGN5gjlDlHi8odSpHnM&google_cver=1&google_push=Aa02lx8tOJA-KM0YdK1F1ss9hqq5MlRgsD3qXGMmFHG36gnyEK3-TAYkSYwkftVrZwpFD8-sFQwF9YxbG48Yi7WlkaDhg_yVuEk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI1MjY0NDc3MzY0MzA2NDE5&google_push=Aa02lx8tOJA-KM0YdK1F1ss9hqq5MlRgsD3qXGMmFHG36gnyEK3-TAYkSYwkftVrZwpFD8-sFQwF9YxbG48Yi7WlkaDhg_yVuEk
Request Chain 94
  • https://match.360yield.com/match/ebda?google_gid=CAESEF-QaGq3nN3lav112Ab8g6I&google_cver=1&google_push=Aa02lx94sPzyf__xE4aaYVCmqlgyiCovkEUcofXQXy6TT-Gkpq6yUzZeLva_VAGWf3mw7HOr5u1kUrVdK6mqSNRCYms76i3Grw HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEF-QaGq3nN3lav112Ab8g6I&google_cver=1&google_push=Aa02lx94sPzyf__xE4aaYVCmqlgyiCovkEUcofXQXy6TT-Gkpq6yUzZeLva_VAGWf3mw7HOr5u1kUrVdK6mqSNRCYms76i3Grw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dNq6EiM3SDOT2CDNFJXZ2g&google_push=Aa02lx94sPzyf__xE4aaYVCmqlgyiCovkEUcofXQXy6TT-Gkpq6yUzZeLva_VAGWf3mw7HOr5u1kUrVdK6mqSNRCYms76i3Grw
Request Chain 95
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKpaSbEow9XvnAWvNcNj12o&google_cver=1&google_push=Aa02lx-Hby_EuxFPhvghdKtOnCGuYG7r7lR9Hp7y6XgBS2zexePInlPgbnbaOrtYkSC1OEib61zYb5-JFG3ko7HKcSiKig2p4GE HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-Hby_EuxFPhvghdKtOnCGuYG7r7lR9Hp7y6XgBS2zexePInlPgbnbaOrtYkSC1OEib61zYb5-JFG3ko7HKcSiKig2p4GE&google_gid=CAESEKpaSbEow9XvnAWvNcNj12o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU3MjM4NjQ2NDE4MzkxODI3MTIxMA%3D%3D&google_push=Aa02lx-Hby_EuxFPhvghdKtOnCGuYG7r7lR9Hp7y6XgBS2zexePInlPgbnbaOrtYkSC1OEib61zYb5-JFG3ko7HKcSiKig2p4GE
Request Chain 96
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBijM82scXVkqr7Sa5bAK8Y&google_cver=1&google_push=Aa02lx8N_9Yq6_Sx13yi3pwfqc3KtyYzgtQAbkCDhdrQ3v6ap0zF81fRut8jXHmtXvUHaRFDn-SiMznCNm-DxGqXM_BNEJZin4Ip HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEBijM82scXVkqr7Sa5bAK8Y%26google_cver%3D1%26google_push%3DAa02lx8N_9Yq6_Sx13yi3pwfqc3KtyYzgtQAbkCDhdrQ3v6ap0zF81fRut8jXHmtXvUHaRFDn-SiMznCNm-DxGqXM_BNEJZin4Ip HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM0ODQwMjY5NzQxMzIyMzI2Ng%3D%3D&google_gid=CAESEBijM82scXVkqr7Sa5bAK8Y&google_cver=1&google_push=Aa02lx8N_9Yq6_Sx13yi3pwfqc3KtyYzgtQAbkCDhdrQ3v6ap0zF81fRut8jXHmtXvUHaRFDn-SiMznCNm-DxGqXM_BNEJZin4Ip
Request Chain 100
  • https://pixel.adsafeprotected.com/rfw/st/1322739/68772677/skeleton.js?adsafe_url=https%3A%2F%2Fwww.xgcartoon.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D600%26slotname%3D3654094576%26adk%3D2859409421%26adf%3D816031639%26pi%3Dt.ma~as.3654094576%26w%3D160%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1675497033155%26bpp%3D13%26bdt%3D327%26idt%3D257%26shv%3Dr20230201%26mjsv%3Dm202301230101%26ptt%3D5%26saldr%3Dsa%26is_amp%3D1%26correlator%3D3793%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1172057326%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759875%252C44759926%252C44759842%252C31071812%26oid%3D2%26pvsid%3D2749981354211186%26uas%3D0%26nvt%3D1%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257C%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.ry6so7skrllb%26fsb%3D1%26dtd%3D268&adsafe_type=d&adsafe_jsinfo=,id:2d39ec36-5e80-ddb4-f0c0-0fc0e80780c7,c:3eIl8K,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-846cfdc89d-gjhgf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:286,mot:0,app:0,maw:0,fm:tuSyO3k+11%7C121%7C122%7C131*.1322739-68772677%7C1311%7C141%7C15,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,tt:rjss,et:300,oid:9b23bee1-a460-11ed-ae85-720063f3a9c2,v:19.8.390,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

115 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request yongzhecizhibuganleriyu-
www.xgcartoon.com/detail/
75 KB
17 KB
Document
General
Full URL
https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1a00bb00bf528d6e1282ee2b1ca863a9ba8c40184bf2e56e20a7e30c7dec6591

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 04 Feb 2023 07:50:30 GMT
ETag
"12ca5-8/+pA8SoZ6+HxPi4D8YXM9lnQDM"
Expires
Sat, 04 Feb 2023 07:51:30 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/
276 KB
71 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
ed0293e1640f7af7551ec7175f78ffda8da9e8b834189732fbcc3aa0fa41450d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 04 Feb 2023 07:50:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72688
x-xss-protection
0
server
sffe
etag
"674edbe596924c0a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Feb 2023 07:50:31 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/
82 KB
23 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
7ab7c9af43dd94efa0cf5362d9ab7902728051251a3875b39d7abab35258a16e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 04 Feb 2023 07:50:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23089
x-xss-protection
0
server
sffe
etag
"8d2b4bf31173f520"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Feb 2023 07:50:31 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/
29 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
8c4782746496d13d1a037741305f1d07a00ac457b2cbd431fc01a6a14e94802c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 04 Feb 2023 07:50:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9473
x-xss-protection
0
server
sffe
etag
"c6321f616f371dfa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Feb 2023 07:50:31 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/
49 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
cb6731124d8b36e7fe0cd3a1bb09a3980ebc59fb4bbde274f1ad7e1b6acc22ef
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 04 Feb 2023 07:50:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14977
x-xss-protection
0
server
sffe
etag
"1d120f1cc7733352"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Feb 2023 07:50:31 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/
41 KB
14 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
0aab3d6b4165ca27cf899946ebfdf34ac07c682c31e354d2e81076d7e0cdbe5a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 04 Feb 2023 07:50:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14307
x-xss-protection
0
server
sffe
etag
"10bd233c2c6ad157"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Feb 2023 07:50:31 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/
40 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
25bf5a07c544e52b2a6ea1e716d15b8ff097bfad88dbd2c100a558ca6591d340
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 04 Feb 2023 07:50:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10293
x-xss-protection
0
server
sffe
etag
"ffa4662108b82d3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Feb 2023 07:50:31 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/
109 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
b0e0a2a6b0da4532308b86d9989da4ad3a1c6f00d81a6f3e62d9add193a09122
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 04 Feb 2023 07:50:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31946
x-xss-protection
0
server
sffe
etag
"5023241975e48b39"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Feb 2023 07:50:31 GMT
logo.png
www.xgcartoon.com/img/
13 KB
13 KB
Image
General
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 07:50:31 GMT
Last-Modified
Sun, 28 Aug 2022 14:10:33 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"3473-182e4ca3706"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13427
Expires
Sat, 04 Feb 2023 07:53:31 GMT
yongzhecizhibuganleriyu-.jpg
static-a.xgcartoon.com/cover/
149 KB
150 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/yongzhecizhibuganleriyu-.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65880e2f6b6a055553e04068d64e2eaa5f1310f76e1b4f7a93ea0b08334e154f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
cf-cache-status
HIT
last-modified
Sat, 27 Aug 2022 14:55:07 GMT
server
cloudflare
etag
"5A6BE5D0D88994239524C58842321FE3"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7941d0dddbd834b0-WAW
content-length
152899
expires
Tue, 07 Feb 2023 03:26:08 GMT
play.png
www.xgcartoon.com/img/
470 B
790 B
Image
General
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 07:50:31 GMT
Last-Modified
Wed, 17 Aug 2022 11:09:20 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1d6-182ab7e5700"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
470
Expires
Sat, 04 Feb 2023 07:53:31 GMT
star.png
www.xgcartoon.com/img/
424 B
744 B
Image
General
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 07:50:31 GMT
Last-Modified
Wed, 17 Aug 2022 11:09:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1a8-182ab7e37c0"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
424
Expires
Sat, 04 Feb 2023 07:53:31 GMT
shumabaobeidamaoxiantri_juchangbandi1zhang__zaihuiriyu-benxiangzhaoyou.jpg
static-a.xgcartoon.com/cover/
11 KB
11 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/shumabaobeidamaoxiantri_juchangbandi1zhang__zaihuiriyu-benxiangzhaoyou.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef28194c3641ab305e2fb46642777b221398d4674832524c0dd4c42c7ad8caae

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 21 Sep 2022 04:38:10 GMT
server
cloudflare
etag
"132D0268C7A20234DD8B382EB3C7FB75"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7941d0dddbd434b0-WAW
content-length
11256
expires
Mon, 06 Feb 2023 20:08:27 GMT
qingjiaowoxiaoxiongmao_dongtaimanhua-amen.jpg
static-a.xgcartoon.com/cover/
61 KB
61 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/qingjiaowoxiaoxiongmao_dongtaimanhua-amen.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030d75355d868a3dc85d951a6e8a788a04a77ceccfdbead6e77a4156853aa762

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
cf-cache-status
HIT
last-modified
Sat, 14 Jan 2023 02:55:00 GMT
server
cloudflare
etag
"EBAC74B5C4D317224CF0D89C2627AE4E"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7941d0dddbd534b0-WAW
content-length
62474
expires
Sat, 04 Feb 2023 16:27:54 GMT
jintiankaishizuomingxingguoyu-yutian.jpg
static-a.xgcartoon.com/cover/
11 KB
11 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/jintiankaishizuomingxingguoyu-yutian.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0a1136991ce0c974c69a5d74915fd6a0d3c6cd0dfad41be9e4036825e01ccf

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 06 Nov 2022 02:21:46 GMT
server
cloudflare
etag
"13D30119565A6187CE672945F16C296E"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7941d0dddbd634b0-WAW
content-length
11109
expires
Mon, 06 Feb 2023 12:52:46 GMT
jianxianzaiciguoyu-wangjia.jpg
static-a.xgcartoon.com/cover/
77 KB
78 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/jianxianzaiciguoyu-wangjia.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0852ee5a053fd8d373b56dee188f1836172a1445014db8a2e7c84b5df69906

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 10:27:48 GMT
server
cloudflare
etag
"BA6291D5D57830AC43CC7C9995710229"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7941d0dddbd734b0-WAW
content-length
79249
expires
Sat, 04 Feb 2023 16:07:30 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
fdb5e0585b3f270c1c7acc5f708c7871e79ea339d4cc30af4503d1f107ad6404
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 01:56:52 GMT
age
21219
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2993
x-xss-protection
0
server
sffe
etag
"26c3a73b94839cdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 01:56:52 GMT
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
240 KB
63 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
1ce14301b2157149ea815c904d0c3725c883dcc908a41ac00007f2578702b631
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Jan 2023 21:02:52 GMT
age
298059
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64492
x-xss-protection
0
server
sffe
etag
"0099ca0a2c56b704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 31 Jan 2024 21:02:52 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
eb1bdcb1c8460c8059269ceb223b709105c98f919a641419db7d703aa642827d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Jan 2023 09:47:16 GMT
age
338595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3947
x-xss-protection
0
server
sffe
etag
"987306f4076d6158"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 31 Jan 2024 09:47:16 GMT
integrator.json
adservice.google.com/adsid/
86 B
484 B
Fetch
General
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
36 KB
15 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=6003793&ga_cid=amp-PFVN6giKWqovbwzZbSaPkQ&ga_hid=3793&dt=1675497031451&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyongzhecizhibuganleriyu-&bdt=593&dtd=173&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
03e6e5ef5fd9dcb7cfce528d42082f90a602e14c65c3e82a6c7a0150395708f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
x-ampanalytics
{"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZqGAUjHhjNzq8Mqua9HKXU_6GmJ_sezX_AdpLpCeYfX41zY1K5yGtlS_KitYX235bYCgjLYjofuT1pnNh8B17vDkxHrq6UqcxjFSwi4cDOVLGqJz3JnUbSu7sCdzBf5AJGsOdFQ\u0026sai=AMfl-YQ39z-SF6pswlyHkTrnBlonmgwgHrtlWjASTIeXg9qSKL8VwC2XZIaKLOiTkbYHVAqjZN2jE69au8Fz\u0026sig=Cg0ArKJSzLZc-S0h9ym_EAE\u0026cid=CAQSGwDUE5ymSlo1cRTN4JBVjwMM3Vd9i6iKB-Q1EhgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=1412529771"],"btrUrl":[]}
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14175
x-xss-protection
0
google-lineitem-id
-1
amp-fast-fetch-signature
google:1:yNm/p98/SaHlubW9TRdPqYXw/acmMukCON4oXJIvLy30S2umntaAFucw/RXMAjpUg8lTQXgccDsIVg9shF7bJ3G0T7NHGgu78QKxSGzaAsBSbldQ41bCfuBXr8GbBjKEzFAOWiQViorO6LzL9yOC2wnogTtH3LYCNT80bPNzv1Nk7IBQob7F42lmvh9QmGN6riC8wEWTiKRdWpdT2s6p7Wy7NUuxARFF4+FjQo6G6xdCxeSoKBIGKnXS2GertRyEIKh6jmU3HkuhkCvXocx9MT8aegERohc7LPTSmoSXZN9A/dIOXXZjqCj3skn8IRB0OLCnREDuIXAJw1/evlF5wQ==
x-qqid
CJuqr-uw-_wCFSeFgwcdrh4Jmw
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sat, 04 Feb 2023 07:50:32 GMT
ads
securepubads.g.doubleclick.net/gampad/
36 KB
16 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=6003793&ga_cid=amp-PFVN6giKWqovbwzZbSaPkQ&ga_hid=3793&dt=1675497031451&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyongzhecizhibuganleriyu-&bdt=593&dtd=175&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
fa7fd7587cab5b03eb59aed08fd27f61215fbb192b36fa0cec7f3ed7d3cfdea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
160x600
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampanalytics
{"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBhHnCTpMMBoTXtEh0bFxHRZtaciCgsTq9wxgEek8ZsetZ-hjmeY58DX5NGoTd_JxqxLkPFIunijK-uesqLbXc2dAZ7CsyN71NPgEVCmGGwCCX6TjWItumSUM08uiz6SHGaQhM9w\u0026sai=AMfl-YTykjAl2E8a8HdnH3iW4YIFpN3itMZYKC1eMWm3ODe4SczuVgmrcn9jHBKkZ4viLJREsk-pkptj03la\u0026sig=Cg0ArKJSzDmaENnY3Xr3EAE\u0026cid=CAQSGwDUE5ymrlojUQi9gsMogywyVUYa_APLbwS94BgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=3018598273"],"btrUrl":[]}
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14208
x-xss-protection
0
amp-fast-fetch-signature
google:1:R+BzNLL9PQPRAPTp+QF7HqP+GkBU0B7VvrOTDuVrog9hkI1RwcIkPsYjafCsbG+AFBSkzeKWAZMIoA0gzIpAFYiFQjRNz1b57jt2VYMGqB6oncvKXzsJHi19lM/74uQgQZt0txtNKISShfpqfxGd8L+wbrYDOZCGEmyie/z5PvOFs58PxeUE8nslAhnYMWbowIfIgVWKy7sWXQ5R6OVP4T56nTlggshhDqnTdwK79m32pSXw3BnHSfP9TSCb4DjyTWUKt2TgjZsSB4LQuCTFGycS87oCoAzbqf2lsN1CFyyZIJiCX1jWFBHW3a0oPWKQY/6CxKb+Kn+IAjNecIqnqg==
google-lineitem-id
-1
x-qqid
CNmU1-uw-_wCFUeFgwcdmdQFrA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sat, 04 Feb 2023 07:50:32 GMT
ads
securepubads.g.doubleclick.net/gampad/
23 KB
11 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=6003793&ga_cid=amp-PFVN6giKWqovbwzZbSaPkQ&ga_hid=3793&dt=1675497031452&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyongzhecizhibuganleriyu-&bdt=594&dtd=175&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
b5126c4cfa17ca8e4fc49121047cd3f3ea6faefac5e8c5790bf9c93a749a35ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
336x280
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10645
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
COqem-uw-_wCFZmMdwod9_cGng
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324663409
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sat, 04 Feb 2023 07:50:31 GMT
ads
securepubads.g.doubleclick.net/gampad/
23 KB
11 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=1608544924&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=673088382&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=6003793&ga_cid=amp-PFVN6giKWqovbwzZbSaPkQ&ga_hid=3793&dt=1675497031452&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyongzhecizhibuganleriyu-&bdt=594&dtd=175&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
af7b8f59a09dc3e2e276195a318e77fc4c7a6f475fa1976746b5a54459be65c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
160x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10639
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CLajm-uw-_wCFcQNiwodN8sKjg
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324663388
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sat, 04 Feb 2023 07:50:32 GMT
ads
securepubads.g.doubleclick.net/gampad/
101 KB
33 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=2565837172&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1627611741&nhd=0&adx=954&ady=976&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=6003793&ga_cid=amp-PFVN6giKWqovbwzZbSaPkQ&ga_hid=3793&dt=1675497031452&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyongzhecizhibuganleriyu-&bdt=594&dtd=176&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
354d1ca68fda9a2824ed887bc679a0bcc69d15cd7b952757a982109f9c878991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
892x90
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33460
x-xss-protection
0
google-lineitem-id
-1
x-qqid
CN3Xyeuw-_wCFY2SdwodlDcIeA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sat, 04 Feb 2023 07:50:32 GMT
container.html
57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/
0
0
Other
General
Full URL
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

googleanalytics.json
cdn.ampproject.org/rtv/012301181928000/v0/analytics-vendors/
2 KB
812 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 00:17:29 GMT
age
27183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
etag
"e1e63f57d8aea27a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 00:17:29 GMT
ga4.json
amp.analytics-debugger.com/
4 KB
2 KB
Fetch
General
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only, master-only
age
60368
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, same-origin
last-modified
Fri, 03 Feb 2023 15:04:24 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.xgcartoon.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8NkZh849%2Fz2DDnvDygCWK%2BvIGZx4kQ8XsfkG1JwuVlTmgT2%2BLojYJIHjslTb88Cuqt8F6ZKVu78zkE8t%2FIJhon4L%2F%2BaRTLci2r1n2ehiT%2FRjNJXnd1VWAu%2F5jBedb6AhuAdb%2FmgfcNHGIwq"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
7941d0e3ef4d3503-WAW
collect
www.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=3793&cid=amp-PFVN6giKWqovbwzZbSaPkQ&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyongzhecizhibuganleriyu-&dr=&dt=%F0%9F%8D%9C%E5%8B%87%E8%80%85%E8%BE%AD%E8%81%B7%E4%B8%8D%E5%B9%B9%E4%BA%86%EF%BC%88%E8%BE%AD%E8%81%B7%E4%B8%8D%E5%81%9A%E5%8B%87%E8%80%85%E4%BA%86%EF%BD%9E%E4%B8%8B%E5%80%8B%E8%81%B7%E5%A0%B4%E6%98%AF%E9%AD%94%E7%8E%8B%E5%9F%8E%EF%BD%9E%EF%BC%89%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1675497032&sct=1&seg=1&_et=1000&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
19 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
03e92208d6d8172e560d3cdaaad8ba850fbd17921939d158c652f9bec8df9ab7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 03 Feb 2023 22:10:31 GMT
age
34801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6658
x-xss-protection
0
server
sffe
etag
"740864165de13201"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 03 Feb 2024 22:10:31 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
7 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
e20d44c1b4c43a629f47d6a0f7f393d4f7dbcea8b6c42593d8842641465ae2f9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 02:55:45 GMT
age
17687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2507
x-xss-protection
0
server
sffe
etag
"88d0f622ab0ac3d7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 02:55:45 GMT
truncated
/ Frame FA2B
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28f2bc0b4cb94e01179a1602d6c7f846ddae17293bc9caee24a0cc2ff4db8adb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4881
6 KB
3 KB
Document
General
Full URL
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 07:50:32 GMT
expires
Sun, 04 Feb 2024 07:50:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D4AE
6 KB
3 KB
Document
General
Full URL
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 07:50:32 GMT
expires
Sun, 04 Feb 2024 07:50:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4881
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:44:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
32789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Feb 2024 22:44:03 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 4881
102 KB
34 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
9a45886bd83e8d6dd133e5cf9aa88bf28903c2cb87fbeee5e9a593f32aafee9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34485
x-xss-protection
0
server
cafe
etag
10147197188993394259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Feb 2023 07:50:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4881
157 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 07:50:33 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D4AE
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:44:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
32789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Feb 2024 22:44:03 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D4AE
102 KB
34 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
39371c55354ea195a5eceb89b35069b8314220b8f56ebb7b6bfa080df35edee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34583
x-xss-protection
0
server
cafe
etag
325936799177356880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Feb 2023 07:50:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D4AE
157 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 07:50:33 GMT
container.html
57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49B5
6 KB
3 KB
Document
General
Full URL
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 07:50:32 GMT
expires
Sun, 04 Feb 2024 07:50:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 49B5
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f10.1e100.net
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Feb 2023 06:27:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Feb 2023 07:50:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 49B5
2 KB
818 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 19:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
43256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 19:49:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 49B5
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
cafe /
Resource Hash
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 19:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
43256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8993
x-xss-protection
0
server
cafe
etag
12355142264901698679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 19:49:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 49B5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 19:25:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 49B5
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 19:25:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 49B5
157 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 07:50:33 GMT
8aec859a266e19fb42fee7f82edeac28.js
www.gstatic.com/mysidia/ Frame 49B5
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 21:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14079
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 00:31:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 02 May 2023 21:01:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 49B5
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtV8BSA7eY92TIY2l3gOU76DAB7Cw09Vu4tDgg-AK6K6w2PMdEAEg08vOMGDp5MmF2BqgAbC6odcDyAEJqQLecM3xcByyPuACAKgDAcgD2wSqBIsCT9ADrWge9w5ad49WMiSRnCAkMGQsFhCu1IS1cLFDFZsiKfAb3Kujs8mFGcUBj9Mdhz767VrkBHRBjNPcPEOUjkkQljp4yKgsRaVnPIahcxu5BdlmNIf4-kqTuLwWLYVBxmHPjFjRqOYkFE9KIEzy9cQrAUppXZoDvCQGDxMiWdYil93lLHccFMrgKsq37sWZYz9Zmq_UaUQMYumojrXaHTFOoU0a-MsTiAfuGkzjU9rp7yEo_7IznIzAJp_oH14Vmx9tbSBc3wQTdt7Je7ECz7tx03iI3WzYEKkxPjo8SpHIlMDSmBWgvhDeKp_fkcc4m-YohO6VTLBWFafwwtY7Z2SmRk1CpPu_N7c_wATA9py2ywLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzZy3d6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC4iwHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDIgUAdAVAYAXAbIXHgocCAASFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=3l9emXwZfwk&uach_m=[UACH]&cid=CAQSGwDUE5ymxE1DVorALdJ6pRE3I_fpI-DJ8S-SIBgB&template_id=494&vis=1
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

truncated
/ Frame 49B5
287 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
12720611189492641873
tpc.googlesyndication.com/simgad/ Frame 49B5
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrla7TmQEQgAgYgAgyCMogKkuLg2PU
  • https://tpc.googlesyndication.com/simgad/12720611189492641873
8 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12720611189492641873
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:22:13 GMT
x-content-type-options
nosniff
age
16100
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 15:30:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 04 Feb 2024 03:22:13 GMT

Redirect headers

date
Fri, 03 Feb 2023 21:42:04 GMT
x-content-type-options
nosniff
server
cafe
age
36508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/12720611189492641873
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Mar 2023 21:42:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4881
0
26 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWMUPwZmkVbyBeLEtT2ordXWZdfJA0ZtwRWXI9YAPmUX8K_j3HcZlfYpmHYQRU8CWAQXEY9egdNGlv0AWv6te_DVIOAuDVN_9meb-EcgROaU5DY1dQ1gTG63A1WKx1LD0qXj-vFk2nQym4FXVQA1Lglxo5MBzkKz5UDohThCTSl2F62ZiDoq17bjgcuRN5M5L82MEc-2ariGpuBSEl9ncj0B_ysbKJ54D1jL8qM3UIUNl6wqyQ8eLcyLdawVg1yn92-n-eN-gNcNwsVZSEFo5P6Eh9glmcHS5HTGQeI4zXHgdlbaVJ_1RHSxIt79tatzqnqDLitRACTT5kuxBlQ-pisbcKXMou87zW&sai=AMfl-YRkdqt1_kWjiTJs6ZsK8-C2oIh5xKMqzwptz5039iA4IHrfqiWEo2JZpV2KxlC8YDydXQLrN_aRMNoDDsM&sig=Cg0ArKJSzBc7YF4Cxhm1EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 39F4
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a6fd980a580d570c2a261e7bf6e446037ad1138622f70bb386944588953ff31

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D4AE
0
26 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcDoRxKHk6j6rJm63JURDWs94gR08MUXnh_1wpLQw99TZv6mVZ_aSm6SVFup7tj-zsL-uPu634ndy5hiUD02F1MjCNwexqo_V0vz3XidDC0lxuPOXlF8iiSooyotWyrD_Gi3WzrGMALajNR7UMw24X0yKsKAt7mDhPnBTxMKFCsz4uM6Vixp4Sa6wcGlfPoUsc6zPH7jp0jf45RWsLy9IVNRU29_VlgoR_7iTeDN4mo-T45e5RForB--fsZheZlDdTDkwuviHsju061AgsPlVyC5qzsDLn6fkecEYngJ6FV8N9_DIxdkTih1-qPrECqhb4sdo5orXOJh2uu-WEQ6H0iZBdC41extKV&sai=AMfl-YS72PCjiOEZ6nb1Du11g7glxAGppoLKf6WXWeH5JrwjVo4QICLlXXhaRLj6C6Y5wSiycYqBTNFl1yzzaEw&sig=Cg0ArKJSzBY0oYutB85bEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
URL: https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 49B5
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
323ef2a4f72fdf8680e616392d7ee93764fb6322a13f1d9271582f77229b734b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/ Frame 4881
359 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
dce8e966c886d9e0a1d62ef4e0ea80e307fef3d4a453be1f2776b63887a96f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120776
x-xss-protection
0
server
cafe
etag
12478044472890667963
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 04 Feb 2023 07:50:33 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/ Frame D4AE
361 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com&bust=31071812
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
bf25f73afeacfa712038a8492642d59c7d5b6be92543910b08ec6a2a583102a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121173
x-xss-protection
0
server
cafe
etag
11268403343428505561
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 04 Feb 2023 07:50:33 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 49B5
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:59:42 GMT
x-content-type-options
nosniff
age
150651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 13:59:42 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 49B5
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 22:04:53 GMT
x-content-type-options
nosniff
age
121540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 22:04:53 GMT
enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
pagead2.googlesyndication.com/bg/ Frame CE16
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yongzhecizhibuganleriyu-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
sffe /
Resource Hash
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 20:40:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
299428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14413
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 20:40:05 GMT
integrator.js
adservice.google.pl/adsid/ Frame 4881
107 B
531 B
Script
General
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4881
107 B
196 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AB31
603 B
401 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031638&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033085&bpp=15&bdt=267&idt=299&shv=r20230201&mjsv=m202301120101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44779793&oid=2&pvsid=2143437821200090&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.g6pvjxm5qh79&fsb=1&dtd=316
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 07:50:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.pl/adsid/ Frame D4AE
107 B
165 B
Script
General
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com&bust=31071812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D4AE
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com&bust=31071812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E2C1
25 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com&bust=31071812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
2d2435b6c36d637c82a7ab8379cb2aa21796e80714390a956003ffa7ad7a8b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11238
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 07:50:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfscript/ Frame E2C1
2 KB
2 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=61256853;rtbwp=Y94OSQAIsgkKm58IAAUSqBJ3K3hsFfWXKk7AGA;rtbdata=ncg-eru067uNm7BJYc4QhkOQGM0B_F8naCfnbn9Eyay6Q7LEyGOebQ6lzVbaIVSChljGbukj6VE4NCrWU5ISlNWAm0om8yyolKghTYuu6z13BpC6jn13UJUfbXDfrXpbDpIFbMWTcE67rbi0irfgzshFqCtlp0Of4CenImELwog3R6Yx3QD3bScB6QhY-qzv3CNAwpwVJhQIcbXYlDZ21F0b9EQ78LPyHcrY4FBizgAsunvRoNnnIHTTS-Tb_zwEoK4smKBqutyy0Zzhg4ZzqPxvH-zUlwcIPV5KQ2I6lyO8pi9qKoswj3D6JDiEPdY8um0FKVbllY_DeIjrSAcYFw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CnyDmSQ7eY4nkIoi-7gSopZSQCc_ZtZNczPrvubQJwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAtyV5IlqdoM-qAMBqgTLAU_QmlKJDzEX26WsDa82xvS2djVJNM2PYdOhALgiFlxmmASgzxU0PbbtS5lyf1kZInYHsqYSZN-yyDtV5RH74b_byfvlEuWyccqvXxQuLVV-kA-8RNa8Gf3yia2Jn_QC9p0z5RSqt-zBUk1FRL-Ab-HyruZ7Luo2vLJV5ymYEFb8LToUJaKCOKJugTTxjBBdk-Y8f4PdClc9f0isTyONMc4O0liQd3VxKX9lIIsJCpuBPDDrPSJBg8PyZMriGZ6ZloEa_-sYrVsJs1wrgAbrzfSUiZjjidoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0-52rnFyMmzpySrIIvrY_jdPd4ug&client=ca-pub-5884294479391638&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0b7e1006530c7dedc19b61d787b3d1bbca66004fff4ef630613e08395a278c43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1596
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E2C1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44701
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 19:25:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E2C1
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 19:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44701
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 19:25:32 GMT
l
www.google.com/ads/measurement/ Frame E2C1
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWypUI32HuQKrK-pqprdAZw2UOmazXfn_9rregi8wKfkY3KMP4l3KmaGaTB-6KomuYYFlagXOlaWj8XfW_Q3UZHIdnHg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2C1
157 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 07:50:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E2C1
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1gttSQ7eY4nkIoi-7gSopZSQCc_ZtZNczPrvubQJwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAtyV5IlqdoM-qAMBqgTIAU_QmlKJDzEX26WsDa82xvS2djVJNM2PYdOhALgiFlxmmASgzxU0PbbtS5lyf1kZInYHsqYSZN-yyDtV5RH74b_byfvlEuWyccqvXxQuLVV-kA-8RNa8Gf3yia2Jn_QC9p0z5RSqt-zBUk1FRL-Ab-HyruZ7Luo2vLJV5ymYEFb8LToUJaKCOKJugTTxjBBdk-Y8f4PdClc9f0isTyONMc4O0hqSVuf5xbQd_kACyXPV-PCPKSiIie3qnRwSTVpTO58252HRfiPXgAbrzfSUiZjjidoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=XA49IcceD-w&uach_m=[UACH]&cid=CAQSKQDUE5ymLerRk2gShJB0rzconobG17kuIM7gWZfq0myGVceEZdPBeQs4GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 04 Feb 2023 07:50:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4881
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRqy8lDzt_QA6Mv6Rg4VTpGOZil8_4fvfhSZgMFSn-K3t-RtUOHNmkJsStq6Zn7Hl0HqCUDmU8pkrG3QbSVCzf1AlAXbjeE_5KGa16Pfc00ef8WdpuUDiBgmdBqGQ83XfpSXuCMHMNeqltDm0APTZ2o__DFrEYlLGZ9tO5wyAJaxAj12fR9kE3fni_ObebOJijDrkZ98CcVpc-3DguP9ouL0cNaQwhWg6r17ftiD2Qsz4qrMj4FPY3PCIBJuTEM5gRHgsu-MqRvPQysk09VNKdkWFr-KT3ISFaxjmN73Q-3Op1TrtS_Ors1oqryGT4bd3SmvEXPULP9fC3GCa_Zit3bGjBrMmHqZgKflQ&sai=AMfl-YTijBRoJkbR7o7gn62O5-XB8aRIkJRt4zZTzHvxYK8FZn7cWS5DyDzB_eXclOq50khgolGLPY2Ms5mPfUs&sig=Cg0ArKJSzCgUZVs2x47CEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Feb 2023 07:50:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4881
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
490d1a19cf9493e7cca5239f9144df49c0414aac52dd126f60518ba5d6dc5202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11172
x-xss-protection
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame E2C1
34 KB
16 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=61256853;rtbwp=Y94OSQAIsgkKm58IAAUSqBJ3K3hsFfWXKk7AGA;rtbdata=ncg-eru067uNm7BJYc4QhkOQGM0B_F8naCfnbn9Eyay6Q7LEyGOebQ6lzVbaIVSChljGbukj6VE4NCrWU5ISlNWAm0om8yyolKghTYuu6z13BpC6jn13UJUfbXDfrXpbDpIFbMWTcE67rbi0irfgzshFqCtlp0Of4CenImELwog3R6Yx3QD3bScB6QhY-qzv3CNAwpwVJhQIcbXYlDZ21F0b9EQ78LPyHcrY4FBizgAsunvRoNnnIHTTS-Tb_zwEoK4smKBqutyy0Zzhg4ZzqPxvH-zUlwcIPV5KQ2I6lyO8pi9qKoswj3D6JDiEPdY8um0FKVbllY_DeIjrSAcYFw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CnyDmSQ7eY4nkIoi-7gSopZSQCc_ZtZNczPrvubQJwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAtyV5IlqdoM-qAMBqgTLAU_QmlKJDzEX26WsDa82xvS2djVJNM2PYdOhALgiFlxmmASgzxU0PbbtS5lyf1kZInYHsqYSZN-yyDtV5RH74b_byfvlEuWyccqvXxQuLVV-kA-8RNa8Gf3yia2Jn_QC9p0z5RSqt-zBUk1FRL-Ab-HyruZ7Luo2vLJV5ymYEFb8LToUJaKCOKJugTTxjBBdk-Y8f4PdClc9f0isTyONMc4O0liQd3VxKX9lIIsJCpuBPDDrPSJBg8PyZMriGZ6ZloEa_-sYrVsJs1wrgAbrzfSUiZjjidoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0-52rnFyMmzpySrIIvrY_jdPd4ug&client=ca-pub-5884294479391638&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:34 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:46:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4881
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 07:50:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7F12
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
256610
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Feb 2023 08:33:44 GMT
expires
Thu, 01 Feb 2024 08:33:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9930
783 B
1002 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
418b7115d9c8b98774efa2dc1659e508c5566727b90b88aab7dafc80c22616d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MZfPhE9Ap69hG3jO-MUHfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-MZfPhE9Ap69hG3jO-MUHfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 07:50:34 GMT
expires
Sat, 04 Feb 2023 07:50:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
pagead2.googlesyndication.com/bg/ Frame 7F12
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
sffe /
Resource Hash
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 20:40:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
299429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14413
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 20:40:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9930
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=2143437821200090&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
track.adform.net/adfserve/ Frame E2C1
13 KB
5 KB
Script
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=61256853;rtbwp=Y94OSQAIsgkKm58IAAUSqBJ3K3hsFfWXKk7AGA;rtbdata=ncg-eru067uNm7BJYc4QhkOQGM0B_F8naCfnbn9Eyay6Q7LEyGOebQ6lzVbaIVSChljGbukj6VE4NCrWU5ISlNWAm0om8yyolKghTYuu6z13BpC6jn13UJUfbXDfrXpbDpIFbMWTcE67rbi0irfgzshFqCtlp0Of4CenImELwog3R6Yx3QD3bScB6QhY-qzv3CNAwpwVJhQIcbXYlDZ21F0b9EQ78LPyHcrY4FBizgAsunvRoNnnIHTTS-Tb_zwEoK4smKBqutyy0Zzhg4ZzqPxvH-zUlwcIPV5KQ2I6lyO8pi9qKoswj3D6JDiEPdY8um0FKVbllY_DeIjrSAcYFw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CnyDmSQ7eY4nkIoi-7gSopZSQCc_ZtZNczPrvubQJwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAtyV5IlqdoM-qAMBqgTLAU_QmlKJDzEX26WsDa82xvS2djVJNM2PYdOhALgiFlxmmASgzxU0PbbtS5lyf1kZInYHsqYSZN-yyDtV5RH74b_byfvlEuWyccqvXxQuLVV-kA-8RNa8Gf3yia2Jn_QC9p0z5RSqt-zBUk1FRL-Ab-HyruZ7Luo2vLJV5ymYEFb8LToUJaKCOKJugTTxjBBdk-Y8f4PdClc9f0isTyONMc4O0liQd3VxKX9lIIsJCpuBPDDrPSJBg8PyZMriGZ6ZloEa_-sYrVsJs1wrgAbrzfSUiZjjidoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0-52rnFyMmzpySrIIvrY_jdPd4ug&client=ca-pub-5884294479391638&adurl=;js=1;adfxid=1x;5344;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f8d36ddd75af3dd8b5642b94870b62afa9e68f6ee908f45d3f26754f82aa0b89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
4761
expires
-1
generate_204
tpc.googlesyndication.com/ Frame 7F12
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?WB0_Dw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
skeleton.js
pixel.adsafeprotected.com/rjss/st/1322739/68772677/ Frame E2C1
46 KB
12 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/rjss/st/1322739/68772677/skeleton.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.232.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-232-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c562aa1bba81b6d9f7942125647400e4a8ad6722bac6994c73f84aafda1754a8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
redot.gif
pro.hit.gemius.pl/__/ Frame E2C1
Redirect Chain
  • https://pro.hit.gemius.pl/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_nam...
  • https://pro.hit.gemius.pl/__/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_...
43 B
220 B
Image
General
Full URL
https://pro.hit.gemius.pl/__/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_name=OH0004_Citroen|cam_id=2904892|advertiser_name=Citroen|placement_name=Citroen_AC_160x600|media_name=Real+Time+Bidding|cre_name=Citroen+-+Kody%2c+160x600_AC|cre_id=57048497|cre_w=160|cre_h=600|dev_advid=|app_name=|app_id=|geo_lat=52.37798|geo_lng=20.91693|user_opt=0|src_event=impression
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Server
195.177.217.225 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-195-177-217-225.dataspace.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
43
expires
Fri, 03 Feb 2023 07:50:34 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/redot.gif?id=zChFNjPLWaQICmTbA764KZaGXfdR4sb.0g8mU9gp_QH.a7/extra=src_name=AdForm-OH-Apps|env_name=apps|src_inv_name=Doubleclick+Ad+Exchange+by+Google|src_inv_id=1|cam_name=OH0004_Citroen|cam_id=2904892|advertiser_name=Citroen|placement_name=Citroen_AC_160x600|media_name=Real+Time+Bidding|cre_name=Citroen+-+Kody%2c+160x600_AC|cre_id=57048497|cre_w=160|cre_h=600|dev_advid=|app_name=|app_id=|geo_lat=52.37798|geo_lng=20.91693|user_opt=0|src_event=impression
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 03 Feb 2023 07:50:34 GMT
extra=;
adocean-pl.hit.gemius.pl/__/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/ Frame E2C1
Redirect Chain
  • https://adocean-pl.hit.gemius.pl/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=;
  • https://adocean-pl.hit.gemius.pl/__/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=;
43 B
219 B
Image
General
Full URL
https://adocean-pl.hit.gemius.pl/__/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=;
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Server
185.11.128.202 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-185-11-128-202.dataspace.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
43
expires
Fri, 03 Feb 2023 07:50:34 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/redot.gif/id=zDfrOPinCCN4GMovAp2uKZa1XhZpsu7QS5OAvw0iCDn.47/stparam=waerpqhjfe/fastid=ncwdyjpaoziamtlgtoblezredild/sarg=NC;/inner=%7C;/extra=;
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 03 Feb 2023 07:50:34 GMT
B29201693.357095956;dc_pre=CKj5ueyw-_wCFYfzEQgdJS4CcA;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=0
ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/ Frame E2C1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
  • https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_pre=CKj5ueyw-_wCFYfzEQgdJS4CcA;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;t...
42 B
118 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_pre=CKj5ueyw-_wCFYfzEQgdJS4CcA;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N755990.2079315ONEHORIZONPL/B29201693.357095956;dc_pre=CKj5ueyw-_wCFYfzEQgdJS4CcA;dc_trk_aid=548056597;dc_trk_cid=185464125;ord=1673605304;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=0
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/csimpr/ Frame E2C1
35 B
477 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=61256853&csi=3Ip6_M45aIwXkmzDa3_-rE1yeVE-RphTYIGkGktVOKXrygPkIxxfk1oJliluEBek3WO_sxFr0ns3fHDI5ZkpRWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame E2C1
34 KB
15 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d76b2cfa829493369c8998a7188d559c5fdf7a04d1420f846db44da566e85e09

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:34 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 16:00:42 GMT
main.19.8.390.js
static.adsafeprotected.com/ Frame E2C1
200 KB
63 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.390.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1322739/68772677/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.239.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-239-101.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bacfaf4f24a8c99c48c29e32293cd6207924d289b2bc1da4bbfeaf54b03f19b2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 15:20:59 GMT
x-amz-version-id
92LQopFh_7IbkJnbrvXbYa5ocG_FxdQW
content-encoding
gzip
via
1.1 a33954238ddc352c152e2314fffad1ae.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
age
59375
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 02 Feb 2023 18:40:44 GMT
server
AmazonS3
etag
W/"022987f281b11cf4cfb9b7bfe65a2517"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
tkDKGvCOeqp-gIHJ0-jDnbpX7huZnNyw1swwDV6G7Su60SdnrTaGFQ==
ad.js
myao.adocean.pl/__/_1675497034/ Frame E2C1
Redirect Chain
  • https://myao.adocean.pl/_1675497034600/ad.js?id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
  • https://myao.adocean.pl/__/_1675497034600/ad.js?id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
  • https://adocean-pl.hit.gemius.pl/redataredir?url=https%3A%2F%2Fmyao.adocean.pl%2F__%2F_1675497034%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DQMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.b...
  • https://myao.adocean.pl/__/_1675497034/ad.js?hclsdata=&hcudata=yrV2Mx9a1EkEsmQlRwzKjZnCBuD32XQAtSBYMrdsPPL.U7&id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
4 KB
2 KB
Script
General
Full URL
https://myao.adocean.pl/__/_1675497034/ad.js?hclsdata=&hcudata=yrV2Mx9a1EkEsmQlRwzKjZnCBuD32XQAtSBYMrdsPPL.U7&id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Server
185.11.128.197 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-185-11-128-197.dataspace.pl
Software
GAD /
Resource Hash
bc67ebfe224c3d156b87eee8834cd9e07fd5d76897f41914c3db79bceb84a9b6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
content-encoding
gzip
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
1445
expires
Fri, 03 Feb 2023 07:50:34 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://myao.adocean.pl/__/_1675497034/ad.js?hclsdata=&hcudata=yrV2Mx9a1EkEsmQlRwzKjZnCBuD32XQAtSBYMrdsPPL.U7&id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 03 Feb 2023 07:50:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 97F1
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
5791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 06:14:03 GMT
etag
48472445140208031
expires
Sun, 05 Feb 2023 06:14:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 97F1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHSEvp08KhFSv2tfFKFWZVY&google_cver=1&google_push=Aa02lx8HBQNNa-qHJceKfvmN9VW6R3pd4v_MS-b-W9OmppkukR4tUAF48DeyTDhqiI30p9YZEEJmNCX...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHSEvp08KhFSv2tfFKFWZVY&google_cver=1&google_push=Aa02lx8HBQNNa-qHJceKfvmN9VW6R3pd4v_MS-b-W9OmppkukR4tUAF48DeyTDhqiI30p...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=5StD_Ol3QhSuapgoqf_R7mPeDko
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=5StD_Ol3QhSuapgoqf_R7mPeDko
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=5StD_Ol3QhSuapgoqf_R7mPeDko
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 97F1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPaNdT0MZLltsu73sAyg80g&google_cver=1&google_push=Aa02lx9GFjp7VELgwV05U4zT0Crx8KSZmKGOMPrEFK0VJQSh4Xa578dfTH4afFbkUkRBZmL5mwj_f2vAEeaI3UDbvYZk_TS...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9GFjp7VELgwV05U4zT0Crx8KSZmKGOMPrEFK0VJQSh4Xa578dfTH4afFbkUkRBZmL5mwj_f2vAEeaI3UDbvYZk_TSjtJE&google_hm=eS1fREUyMHBORTJwRkFJTHd...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9GFjp7VELgwV05U4zT0Crx8KSZmKGOMPrEFK0VJQSh4Xa578dfTH4afFbkUkRBZmL5mwj_f2vAEeaI3UDbvYZk_TSjtJE&google_hm=eS1fREUyMHBORTJwRkFJTHd3Q0hzc3dfbi5LSF9vaE9pTX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Feb 2023 07:50:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9GFjp7VELgwV05U4zT0Crx8KSZmKGOMPrEFK0VJQSh4Xa578dfTH4afFbkUkRBZmL5mwj_f2vAEeaI3UDbvYZk_TSjtJE&google_hm=eS1fREUyMHBORTJwRkFJTHd3Q0hzc3dfbi5LSF9vaE9pTX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 97F1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL2EzGN5gjlDlHi8odSpHnM&google_cver=1&google_push=Aa02lx8tOJA-KM0YdK1F1ss9hqq5MlRgsD3qXGMmFHG36gnyEK3-TAYkSYwkftVrZwpFD8-sFQwF9Yxb...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI1MjY0NDc3MzY0MzA2NDE5&google_push=Aa02lx8tOJA-KM0YdK1F1ss9hqq5MlRgsD3qXGMmFHG36gnyEK3-TAYkSYwkftVrZwpFD8-sFQwF9Yxb...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI1MjY0NDc3MzY0MzA2NDE5&google_push=Aa02lx8tOJA-KM0YdK1F1ss9hqq5MlRgsD3qXGMmFHG36gnyEK3-TAYkSYwkftVrZwpFD8-sFQwF9YxbG48Yi7WlkaDhg_yVuEk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI1MjY0NDc3MzY0MzA2NDE5&google_push=Aa02lx8tOJA-KM0YdK1F1ss9hqq5MlRgsD3qXGMmFHG36gnyEK3-TAYkSYwkftVrZwpFD8-sFQwF9YxbG48Yi7WlkaDhg_yVuEk
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 97F1
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBsUwwuhvkMrRmM1mmDNuGU&google_cver=1&google_push=Aa02lx9KZjfl7-y7aLZdPWTjOIR2Y5xYRMYndLQTseLHp_e8jMTrUEXhzaMfxU5JuDT_T-Sm2F2eRr7kRZYsk9RGrF3WHLsDhe0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
d3viulr5slt8reuo2b793lj9ececn5ol
pixel
cm.g.doubleclick.net/ Frame 97F1
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEF-QaGq3nN3lav112Ab8g6I&google_cver=1&google_push=Aa02lx94sPzyf__xE4aaYVCmqlgyiCovkEUcofXQXy6TT-Gkpq6yUzZeLva_VAGWf3mw7HOr5u1kUrVdK6mqSNRCYms76i...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEF-QaGq3nN3lav112Ab8g6I&google_cver=1&google_push=Aa02lx94sPzyf__xE4aaYVCmqlgyiCovkEUcofXQXy6TT-Gkpq6yUzZeLva_VAGWf3mw7HOr5u1kUrVdK6mqSNRC...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dNq6EiM3SDOT2CDNFJXZ2g&google_push=Aa02lx94sPzyf__xE4aaYVCmqlgyiCovkEUcofXQXy6TT-Gkpq6yUzZeLva_VAGWf3mw7HOr5u1kUrVdK6mqSNR...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dNq6EiM3SDOT2CDNFJXZ2g&google_push=Aa02lx94sPzyf__xE4aaYVCmqlgyiCovkEUcofXQXy6TT-Gkpq6yUzZeLva_VAGWf3mw7HOr5u1kUrVdK6mqSNRCYms76i3Grw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dNq6EiM3SDOT2CDNFJXZ2g&google_push=Aa02lx94sPzyf__xE4aaYVCmqlgyiCovkEUcofXQXy6TT-Gkpq6yUzZeLva_VAGWf3mw7HOr5u1kUrVdK6mqSNRCYms76i3Grw
access-control-allow-origin
*
date
Sat, 04 Feb 2023 07:50:34 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 97F1
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKpaSbEow9XvnAWvNcNj12o&google_cver=1&google_push=Aa02lx-Hby_EuxFPhvghdKtOnCGuYG7r7lR9Hp7y6XgBS2zexePInlPgbnbaOrtYkSC1OEib61zYb5-JFG3ko7HKcSiKig2p4GE
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-Hby_EuxFPhvghdKtOnCGuYG7r7lR9Hp7y6XgBS2zexePInlPgbnbaOrtYkSC1OEib61zYb5-JFG3ko7HKcSiKig2p4GE...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU3MjM4NjQ2NDE4MzkxODI3MTIxMA%3D%3D&google_push=Aa02lx-Hby_EuxFPhvghdKtOnCGuYG7r7lR9Hp7y6XgBS2zexePInlPg...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU3MjM4NjQ2NDE4MzkxODI3MTIxMA%3D%3D&google_push=Aa02lx-Hby_EuxFPhvghdKtOnCGuYG7r7lR9Hp7y6XgBS2zexePInlPgbnbaOrtYkSC1OEib61zYb5-JFG3ko7HKcSiKig2p4GE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU3MjM4NjQ2NDE4MzkxODI3MTIxMA%3D%3D&google_push=Aa02lx-Hby_EuxFPhvghdKtOnCGuYG7r7lR9Hp7y6XgBS2zexePInlPgbnbaOrtYkSC1OEib61zYb5-JFG3ko7HKcSiKig2p4GE
date
Sat, 04 Feb 2023 07:50:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 97F1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBijM82scXVkqr7Sa5bAK8Y&google_cver=1&google_push=Aa02lx8N_9Yq6_Sx1...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEBijM82scXVkqr7Sa5bAK8Y%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM0ODQwMjY5NzQxMzIyMzI2Ng%3D%3D&google_gid=CAESEBijM82scXVkqr7Sa5bAK8Y&google_cver=1&google_push=Aa02lx8N_9Yq6_Sx13yi3pwfqc3KtyYzgt...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM0ODQwMjY5NzQxMzIyMzI2Ng%3D%3D&google_gid=CAESEBijM82scXVkqr7Sa5bAK8Y&google_cver=1&google_push=Aa02lx8N_9Yq6_Sx13yi3pwfqc3KtyYzgtQAbkCDhdrQ3v6ap0zF81fRut8jXHmtXvUHaRFDn-SiMznCNm-DxGqXM_BNEJZin4Ip
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 04 Feb 2023 07:50:34 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
176.67.86.47; 176.67.86.47; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6c013265-3e4f-41f8-8990-358d08e481b6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM0ODQwMjY5NzQxMzIyMzI2Ng%3D%3D&google_gid=CAESEBijM82scXVkqr7Sa5bAK8Y&google_cver=1&google_push=Aa02lx8N_9Yq6_Sx13yi3pwfqc3KtyYzgtQAbkCDhdrQ3v6ap0zF81fRut8jXHmtXvUHaRFDn-SiMznCNm-DxGqXM_BNEJZin4Ip
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 97F1
0
78 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNFicHwkU4bQH0ExC2nxi1g2Fq3Bz2MLdnQrYqdeyP5MqptkrWA0jUAK3HX2eiEK_XjFj4uA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 4881
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=2143437821200090&bg=!eXqlej7NAAaq5O5FiuQ7ACkAdvg8WniVYKSqU-y3rcWuFX69GADMWgHyB8mPnQWo5SJCtq8AtN6Z4gIAAABUUgAAAARoAQcKAB_YkepQhTDGfSLcpuWPBY_UfPlDry4kKCpDSmUA0xSKmQLjZ5z2TDcJFuSzMoAidKzZA8tz5-tM55ZzFEdG_rKXpTBAojnfREvdVm-ULTJJ8v6AI7rl5sDAaKTengOsZXuwNFR_GTYqxv41td7SwDV-4VmqwoxcbnGVAnY9ivdE4HnevXUVpKW3xA8_afNeG8dghz79-hhDYldR9ztCqpvvB77gNWAjDpJAr2s937Y2Lc68e1pPM3OcMhrGOCpO0y0rV2oEYgj6MrT3PFtK4FN5-76DyuD49FNqEIZRdOcfOuR0nU08kexFaDBqeM3pYM7jMgK6kLHECGjVyLduqZtaoMDB1nIbpEuk2Qbr7W0a8ZNv79oXLs5Cu4uE-KOedPfz4EDdZ2Mf2zhQeuCRbFkkkDH7HxCqFf7_GDKdgPJderhdlwopdFx7nUFhMjkZvVFAWErLXRT4Cf26Qa3eOpZMNdD4hDX7vpOtQ2UdZ8AUIuKv8-F9gVx-rhXbTOgeAoUytExyvtqik89bIlrP9VQY9XqUGVclnFqDzsY4ZqlVivLvrErJB6n3xFBiZKPSG7Hs-lcpTAKq0j0jmytGDJTQyuJIkg1L0VbGZpdChOBHP_HKseyMnjLIS6Hj-fHlhKH7I576VrlKEePlLM4dk0Vk3l09KDabeZttZxkwVKznBTgGAbcIdfOr82Cicym6vlxgzvzzljtQm6beUwG45hMHqBUUEeixRraJb3fYvtfK98pkcfWQU3U6fva9PK4x638oJS8tAzJ_aO1fBlfW8lMiqiaonfnYcHgzD8JtJhtS8VJRyhNBDQjP-xgjIPk9bMaNpJoP4in6ipEcIn9mKVZdVOGacv4zcNsHr79RU1M2qcq8ouDsNMJz0l_XLnvjChqxBCkQjoBmtfoFhS8HmZw2gN5dGAKH8SkQUJg_hsgHlE9hIQcmdGNg-DL3bhB3tm-F1G8zJ9UJYEzgjqDz-IT3IrauNcNrzXTPKgq1robFkUD2FFYIjc25kKY0r9GK248PuEV8gg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

code.min.js
myao.adocean.pl/files/x/lmn/egrpjcj/xajkevmjdv/ Frame E2C1
92 KB
19 KB
Script
General
Full URL
https://myao.adocean.pl/files/x/lmn/egrpjcj/xajkevmjdv/code.min.js
Requested by
Host: myao.adocean.pl
URL: https://myao.adocean.pl/_1675497034600/ad.js?id=QMOcUOvm7VkDD982zAS.a.xbfRk_Nwdz23dod0c9.bP.p7/cid=7359/kid=2/aocodetype=1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.11.128.197 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-185-11-128-197.dataspace.pl
Software
GAD /
Resource Hash
558001dcb063d3fde4731d98309580dbe7d28e31488775b6327828091d96cfd7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:34 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 13:49:34 GMT
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
"60647DEE00017182C784567F"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
public, must-revalidate, max-age=4320000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
19615
expires
Sun, 26 Mar 2023 07:50:34 GMT
skeleton.js
static.adsafeprotected.com/ Frame E2C1
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1322739/68772677/skeleton.js?adsafe_url=https%3A%2F%2Fwww.xgcartoon.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Server
13.225.239.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-239-101.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:33:19 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 a33954238ddc352c152e2314fffad1ae.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
age
5375837
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
1lNMqmtP5nbJ0NrheMe8Z4Xs7B8p2uxLTnLwnLzkB5zZAVirVpz65w==

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:34 GMT
server
nginx
x-server-name
app12.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 173A
91 KB
92 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.239.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-239-101.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:28:02 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 a33954238ddc352c152e2314fffad1ae.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
age
5883752
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
QtaAofwUl8zwD8hSdagkZmCYPPu2azWhbXab_JbKMCwNR41fKoGckA==
dt
dt.adsafeprotected.com/ Frame E2C1
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=2d39ec36-5e80-ddb4-f0c0-0fc0e80780c7&tv=%7Bc:3eIl9a,pingTime:-3,time:326,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:327,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuSyO3k+11%7C121%7C122%7C131*.1322739-68772677%7C1311%7C141%7C15,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:300%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.94.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-94-91.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:35 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E2C1
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=2d39ec36-5e80-ddb4-f0c0-0fc0e80780c7&tv=%7Bc:3eIl9c,pingTime:-6,time:328,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:328,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuSyO3k+11%7C121%7C122%7C131*.1322739-68772677%7C1311%7C141%7C15,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:300%7D&tpiLookup=ao:www.xgcartoon.com*%2C57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.94.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-94-91.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:35 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E2C1
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=2d39ec36-5e80-ddb4-f0c0-0fc0e80780c7&tv=%7Bc:3eIl9i,pingTime:-2,time:334,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:807,bdZ:1172,beA:1173,beZ:1174,mfA:1459,cmA:1461,inA:1462,inZ:1465,prA:1466,prZ:1469,si:1474,poA:1475,poZ:1497,cmZ:1497,mfZ:1497,loA:1501,loZ:1503,ltA:1507,ltZ:1507,mdA:1174,mdZ:1431%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:334,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuSyO3k+11%7C121%7C122%7C131*.1322739-68772677%7C1311%7C141%7C15,idMap:131*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:300,sinceFw:32,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.94.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-94-91.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:35 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
oaoa.min.css
myao.adocean.pl/files/x/lmn/egrpjcj/ubqqhsgonq/ Frame E2C1
19 KB
3 KB
Stylesheet
General
Full URL
https://myao.adocean.pl/files/x/lmn/egrpjcj/ubqqhsgonq/oaoa.min.css
Requested by
Host: myao.adocean.pl
URL: https://myao.adocean.pl/files/x/lmn/egrpjcj/xajkevmjdv/code.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.11.128.197 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-185-11-128-197.dataspace.pl
Software
GAD /
Resource Hash
ccbbcafee0d6711f41fde0b95765f8af7c0c462d951aaae7fd67af961a0b5df0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:34 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 13:50:07 GMT
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
"60647E0F00004B0931DBDD17"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/css
cache-control
public, must-revalidate, max-age=4320000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
3224
expires
Sun, 26 Mar 2023 07:50:34 GMT
Citroen_12_styczen_PP_C5_AC_banner_160x600.jpg
myao.adocean.pl/files/x/xch/oguhicp/ubqqhsgonq/ Frame E2C1
37 KB
38 KB
Image
General
Full URL
https://myao.adocean.pl/files/x/xch/oguhicp/ubqqhsgonq/Citroen_12_styczen_PP_C5_AC_banner_160x600.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.11.128.197 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-185-11-128-197.dataspace.pl
Software
GAD /
Resource Hash
3e73301fa68d16b08e91a2697bd1fb85e97e8a029b7d193330368b43953963d6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:34 GMT
last-modified
Fri, 13 Jan 2023 10:02:24 GMT
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
"63C12C30000095C73D3F2F79"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=4320000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
38343
expires
Sun, 26 Mar 2023 07:50:34 GMT
dt
dt.adsafeprotected.com/ Frame E2C1
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=2d39ec36-5e80-ddb4-f0c0-0fc0e80780c7&tv=%7Bc:3eIlbu,time:470,type:e,im:%7Bimprf:%7Bttecl:811,ecd:143,tsecr:0%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:470,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B180~0%5D,as:%5B180~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuSyO3k+11%7C121%7C122%7C131*.1322739-68772677%7C1311%7C141%7C15,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:300,sis:445%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.94.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-94-91.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:35 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E2C1
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1322739&asId=2d39ec36-5e80-ddb4-f0c0-0fc0e80780c7&tv=%7Bc:3eIlfk,pingTime:-10,time:708,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675497035305%7C%7C68f4014d44bfab5549182cb7b230987d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cb874bb194ecf47a15aad94a6097a1546%7C%7C18adc7ab55b6763c6651e4e696091381%7C%7C43fbe7e03476961cec0705dd1acfd4c0%7C%7C8fc5a81254957def10e7e8825c7d5198%7C%7C607ced9387ef2269ea17b1f4c5621bfb%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031639&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675497033155&bpp=13&bdt=327&idt=257&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=3793&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1172057326&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071812&oid=2&pvsid=2749981354211186&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ry6so7skrllb&fsb=1&dtd=268
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.94.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-94-91.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 07:50:35 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame D4AE
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHqglpar-NNvGCjPVUOR1CinB0H347UJiIsfA10aXMkNw0zIY2mUXwsCkCZoUEuYSF3C3TNMYxp91nX1xTN6RcV_lNpe4Q3092d_Aa2bCoqAMx7cqWxWYz9-fpUFx5J04bWJkhcV20FrK26SmnIBX7s9_cvYepXV7x88iivtZRlXdZEG_pJ8FhxnH0V3f-gN0PhbzjAwCebbvHyak3tOahb6NCV4l5LVS5Kb-dJLfjuKXWQ_yu2zM3dvwykkYlXULltf9u0pCJwbYfUuLcCdvg_GPAUDmq_RB5pltWnkDZ47eafzYroZ362OrkNmDlo66J6OUkiHeGgKa5zPUSUKb9BNHwslnbFnrtjBY&sai=AMfl-YQ94ZqPqG5rCU3yQrEb5pcocrOF8yywDf1bTm26vh2oaldBpKBrNJ79RXbE2mnQVt8Km2ptBXSyncOxNjg&sig=Cg0ArKJSzKmxZ6epD8gAEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Feb 2023 07:50:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D4AE
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com&bust=31071812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
3a85e29a804fa6641d8cb11663ccbd3fafed2a6e97a3627b2e2e7f81dfcb9bea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11341
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D4AE
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com&bust=31071812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 07:50:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4302
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
256611
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Feb 2023 08:33:44 GMT
expires
Thu, 01 Feb 2024 08:33:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9AFC
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
4e3420d8e69c76a789eb7b39a224cf9f84c394c8f12ed42cc47f6aba10af029c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UFSm3M_gZWu_YaXtQV0mUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-UFSm3M_gZWu_YaXtQV0mUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 07:50:35 GMT
expires
Sat, 04 Feb 2023 07:50:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
pagead2.googlesyndication.com/bg/ Frame 4302
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
sffe /
Resource Hash
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 20:40:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
299430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14413
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 20:40:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9AFC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=2749981354211186&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 4302
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?0s4I-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 07:50:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D4AE
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=2749981354211186&bg=!fH-lfzvNAAaq5O5FiuQ7ACkAdvg8WifY2-9X_-x3Uj0_SuVz2TWgjDZQ4Bo_p2NM-RSFEk_JKy2u3wIAAABSUgAAAANoAQeZAuxUO1ASP5ZTIm7_LK3CPbHYBGFdZnNv8lifKrKKt3MX6pKgsFjZhw4w8hdiEDwLSXmshOWD_zml9noT9Eq-zblwjerhPaYpEAJLQwwf1N2Zf6PX9GFBR1EoGNj0xklHFKh1jSJMB4mheUSfxqfDk8AkCzMWHQ1Bo0Q1KH-ncVkZrS1L3DOQl790pTiQFACoKx_SKa8tEc4O0M1twvMWwPgkdoQ7ARy5bGZfLWBUVjXb2rJXmTbfvQYtlyx9L4_T5ReizW_GtPSb33irKrRUg0JAl5oV6aU3rFER1CVa4L6FX37YwL0TOvaTaVfxh-hHGt4JDpw3WkKxnUvvoh6V_YTXQGx6sB3-ohaZ-PMjri7zH3312irdfEewBlge-7pMEEexJZjoqQTAMXZswqBWdi4soSpZP3xxwxROZ14cTGpKBrAANEPiojzkHf68dii3H7pF2Igy9JBoIQbZzvBskkDljHGagj__eOi4K6dn72B_ueNdRhw9K8YhRU1G2Ktiqb-QpTdUyHD6pzvjPflWgDiYwdFUUyJWDqs627wn1yIY7D3PYB8gKuDYOZPPjG51iMItGhLOqt9Cr6c-58AahGieUAawAI6dV7UNF2BAnWqLmvtOLaO_AmwruKOOH7Rgi4LGofGYouFGSoLNXCjw1e57qe1sRYB5G2Vy18iXa5D_it0M4XbM_n9l6MTd-IHrkITMkrXkgxQB487FA0CkG_nuQnqa7VYOFZcQdnEYszfDK3jpql7dgD-33yBtRvKFfKfjAIbL2OI3EG5Z8ogEfFHfYaL5hJN1theXAgYdqbwqGdqWX52lMzv1QvBmkmi_6nzlADnVE0-75OQDRVM7aw3hHSOJX-i0Y_QQQquY0zXLqDBkZNyj-D3P4_qLq2HtvlGjynxY7St_atChx-CvByHu32FWnbzgC27uoXBTKdLqE4ZraaK9CempwqosQMnwkAXNupVRCrPoWi_ojuKHMGtrIaUAX4xrPiKEHmAS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| FormProxy number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

15 Cookies

Domain/Path Name / Value
.xgcartoon.com/ Name: _ga
Value: amp-PFVN6giKWqovbwzZbSaPkQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlkKfrXvnyKoopK6l6rf_2QB-pUw2cjx0HYnwt0mS808_HxN7mTFbz14xTdXp0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 125264477364306419
.adform.net/ Name: TPC
Value: 1675497034186
.hit.gemius.pl/ Name: Gdyn
Value: KlGIMMaGQMGG0kzo9ICmlK9issGMXP8cE8ySssX6nsGfGSZlH72xkSlsxcSHsyCtI8l8MG..
.3lift.com/ Name: tluid
Value: 4572386464183918271210
.adnxs.com/ Name: uuid2
Value: 5348402697413223266
.sitescout.com/ Name: ssi
Value: e52b43fc-e977-4214-ae6a-9828a9ffd1ee#1675497034815
.myao.adocean.pl/ Name: GAD
Value: Klx-QRGGQMQGRvWM_nCmlK9issGMXP8cERySssX6xssGvaGpI7EPoGjZL1BGFCaG6x8iXD_ns8RKyC4nY33nGsR7IGla
.360yield.com/ Name: tuuid
Value: 74daba12-2337-4833-93d8-20cd1495d9da
.360yield.com/ Name: tuuid_lu
Value: 1675497034
.yahoo.com/ Name: A3
Value: d=AQABBEoO3mMCEA_r6tqozlHwDwkVDVUkbpUFEgEBAQFf32PnYwAAAAAA_eMAAA&S=AQAAAuS7jRuAbwBVrKF_gvZkxZA
.sitescout.com/ Name: _ssuma
Value: e30

2 Console Messages

Source Level URL
Text
security warning URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

57de637965b7c20ac9b91d8afe4ce757.safeframe.googlesyndication.com
ad.doubleclick.net
adocean-pl.hit.gemius.pl
adservice.google.com
adservice.google.pl
amp.analytics-debugger.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
dt.adsafeprotected.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.360yield.com
myao.adocean.pl
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pr-bh.ybp.yahoo.com
pro.hit.gemius.pl
rtb.openx.net
s1.adform.net
secure.adnxs.com
securepubads.g.doubleclick.net
static-a.xgcartoon.com
static.adsafeprotected.com
tpc.googlesyndication.com
track.adform.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.xgcartoon.com
104.22.47.147
104.26.11.132
13.225.239.101
13.248.245.213
142.250.185.193
142.250.186.130
142.250.186.131
142.250.186.68
142.250.201.193
142.250.201.194
142.251.208.162
142.251.208.98
142.251.39.10
172.217.16.134
172.217.16.194
172.217.18.98
185.11.128.197
185.11.128.202
195.177.217.225
216.239.32.178
34.247.103.109
35.186.253.211
37.157.2.238
37.157.6.233
37.157.6.236
37.252.171.149
54.154.232.93
54.203.94.91
63.34.67.64
84.17.37.43
98.98.134.242
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
030d75355d868a3dc85d951a6e8a788a04a77ceccfdbead6e77a4156853aa762
03e6e5ef5fd9dcb7cfce528d42082f90a602e14c65c3e82a6c7a0150395708f1
03e92208d6d8172e560d3cdaaad8ba850fbd17921939d158c652f9bec8df9ab7
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a6fd980a580d570c2a261e7bf6e446037ad1138622f70bb386944588953ff31
0aab3d6b4165ca27cf899946ebfdf34ac07c682c31e354d2e81076d7e0cdbe5a
0b7e1006530c7dedc19b61d787b3d1bbca66004fff4ef630613e08395a278c43
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1a00bb00bf528d6e1282ee2b1ca863a9ba8c40184bf2e56e20a7e30c7dec6591
1ce14301b2157149ea815c904d0c3725c883dcc908a41ac00007f2578702b631
25bf5a07c544e52b2a6ea1e716d15b8ff097bfad88dbd2c100a558ca6591d340
28f2bc0b4cb94e01179a1602d6c7f846ddae17293bc9caee24a0cc2ff4db8adb
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2d2435b6c36d637c82a7ab8379cb2aa21796e80714390a956003ffa7ad7a8b64
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323ef2a4f72fdf8680e616392d7ee93764fb6322a13f1d9271582f77229b734b
354d1ca68fda9a2824ed887bc679a0bcc69d15cd7b952757a982109f9c878991
39371c55354ea195a5eceb89b35069b8314220b8f56ebb7b6bfa080df35edee2
3a85e29a804fa6641d8cb11663ccbd3fafed2a6e97a3627b2e2e7f81dfcb9bea
3e73301fa68d16b08e91a2697bd1fb85e97e8a029b7d193330368b43953963d6
418b7115d9c8b98774efa2dc1659e508c5566727b90b88aab7dafc80c22616d4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
490d1a19cf9493e7cca5239f9144df49c0414aac52dd126f60518ba5d6dc5202
4c0852ee5a053fd8d373b56dee188f1836172a1445014db8a2e7c84b5df69906
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3420d8e69c76a789eb7b39a224cf9f84c394c8f12ed42cc47f6aba10af029c
558001dcb063d3fde4731d98309580dbe7d28e31488775b6327828091d96cfd7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65880e2f6b6a055553e04068d64e2eaa5f1310f76e1b4f7a93ea0b08334e154f
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
7ab7c9af43dd94efa0cf5362d9ab7902728051251a3875b39d7abab35258a16e
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8c4782746496d13d1a037741305f1d07a00ac457b2cbd431fc01a6a14e94802c
9a45886bd83e8d6dd133e5cf9aa88bf28903c2cb87fbeee5e9a593f32aafee9a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
af7b8f59a09dc3e2e276195a318e77fc4c7a6f475fa1976746b5a54459be65c0
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e0a2a6b0da4532308b86d9989da4ad3a1c6f00d81a6f3e62d9add193a09122
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5126c4cfa17ca8e4fc49121047cd3f3ea6faefac5e8c5790bf9c93a749a35ad
bacfaf4f24a8c99c48c29e32293cd6207924d289b2bc1da4bbfeaf54b03f19b2
bc67ebfe224c3d156b87eee8834cd9e07fd5d76897f41914c3db79bceb84a9b6
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf25f73afeacfa712038a8492642d59c7d5b6be92543910b08ec6a2a583102a6
c562aa1bba81b6d9f7942125647400e4a8ad6722bac6994c73f84aafda1754a8
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cb6731124d8b36e7fe0cd3a1bb09a3980ebc59fb4bbde274f1ad7e1b6acc22ef
cc0a1136991ce0c974c69a5d74915fd6a0d3c6cd0dfad41be9e4036825e01ccf
ccbbcafee0d6711f41fde0b95765f8af7c0c462d951aaae7fd67af961a0b5df0
d76b2cfa829493369c8998a7188d559c5fdf7a04d1420f846db44da566e85e09
dce8e966c886d9e0a1d62ef4e0ea80e307fef3d4a453be1f2776b63887a96f12
e20d44c1b4c43a629f47d6a0f7f393d4f7dbcea8b6c42593d8842641465ae2f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1bdcb1c8460c8059269ceb223b709105c98f919a641419db7d703aa642827d
ed0293e1640f7af7551ec7175f78ffda8da9e8b834189732fbcc3aa0fa41450d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef28194c3641ab305e2fb46642777b221398d4674832524c0dd4c42c7ad8caae
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f8d36ddd75af3dd8b5642b94870b62afa9e68f6ee908f45d3f26754f82aa0b89
fa7fd7587cab5b03eb59aed08fd27f61215fbb192b36fa0cec7f3ed7d3cfdea2
fdb5e0585b3f270c1c7acc5f708c7871e79ea339d4cc30af4503d1f107ad6404