URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Submission: On February 06 via manual from US — Scanned from PL

Summary

This website contacted 31 IPs in 10 countries across 29 domains to perform 185 HTTP transactions. The main IP is 84.17.37.43, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com. The Cisco Umbrella rank of the primary domain is 797467.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 84.17.37.43 60068 (CDN77 ^_^)
14 142.251.208.161 15169 (GOOGLE)
5 104.22.47.147 13335 (CLOUDFLAR...)
16 142.251.39.34 15169 (GOOGLE)
5 142.251.39.33 15169 (GOOGLE)
1 104.26.11.132 13335 (CLOUDFLAR...)
1 142.250.186.110 15169 (GOOGLE)
1 172.217.18.10 15169 (GOOGLE)
1 25 172.217.20.1 15169 (GOOGLE)
6 142.250.185.226 15169 (GOOGLE)
1 142.250.186.131 15169 (GOOGLE)
42 142.251.39.66 15169 (GOOGLE)
2 142.250.201.195 15169 (GOOGLE)
10 172.217.16.194 15169 (GOOGLE)
5 142.251.208.164 15169 (GOOGLE)
7 17 142.250.74.194 15169 (GOOGLE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
2 3 37.252.171.22 29990 (ASN-APPNEX)
4 142.250.185.166 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
2 23.35.209.30 16625 (AKAMAI-AS)
2 2 3.67.159.22 16509 (AMAZON-02)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 1 52.49.58.80 16509 (AMAZON-02)
2 2 37.157.6.242 198622 (ADFORM)
1 35.186.253.211 15169 (GOOGLE)
1 2 51.89.9.253 16276 (OVH)
2 2 3.73.242.58 16509 (AMAZON-02)
4 172.217.18.2 15169 (GOOGLE)
1 2 46.228.164.11 56396 (AMOBEE)
1 91.228.74.200 16509 (AMAZON-02)
1 63.215.202.137 41041 (VCLK-EU-SE)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 3 213.19.147.45 3356 (LEVEL3)
1 1 18.156.0.31 16509 (AMAZON-02)
1 1 37.252.172.123 29990 (ASN-APPNEX)
14 104.16.13.64 13335 (CLOUDFLAR...)
185 31
Apex Domain
Subdomains
Transfer
72 googlesyndication.com
628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
806 KB
40 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325
255 KB
14 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8206
181 KB
14 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 358
273 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
3 KB
9 xgcartoon.com
www.xgcartoon.com — Cisco Umbrella Rank: 797467
static-a.xgcartoon.com — Cisco Umbrella Rank: 716919
312 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
289 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
4 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 283
77 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
secure.adnxs.com — Cisco Umbrella Rank: 409
4 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 417
rtb.openx.net — Cisco Umbrella Rank: 1634
768 B
3 google.pl
adservice.google.pl — Cisco Umbrella Rank: 28681
861 B
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
42 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 507
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 748
r.turn.com — Cisco Umbrella Rank: 3187
869 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
487 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 568
1 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1733
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1232
344 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
574 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1836
173 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2918
104 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 632
462 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
256 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 47488
2 KB
185 29
Domain Requested by
42 pagead2.googlesyndication.com 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.xgcartoon.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
25 tpc.googlesyndication.com 1 redirects 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
17 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
14 c.bannerflow.net s0.2mdn.net
c.bannerflow.net
14 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
12 securepubads.g.doubleclick.net cdn.ampproject.org
628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
www.googletagservices.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 www.googletagservices.com 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
5 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com cdn.ampproject.org
5 static-a.xgcartoon.com www.xgcartoon.com
4 googleads4.g.doubleclick.net www.xgcartoon.com
4 s0.2mdn.net www.xgcartoon.com
s0.2mdn.net
4 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
4 www.xgcartoon.com www.xgcartoon.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 adservice.google.pl pagead2.googlesyndication.com
2 sync.1rx.io 2 redirects
2 x.bidswitch.net 2 redirects
2 onetag-sys.com 1 redirects googleads.g.doubleclick.net
2 c1.adform.net 2 redirects
2 pm.w55c.net 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
1 secure.adnxs.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 r.turn.com
1 ad.turn.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 www.gstatic.com 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
1 fonts.googleapis.com 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
1 www.google-analytics.com cdn.ampproject.org
1 amp.analytics-debugger.com cdn.ampproject.org
185 42

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G2
2022-09-14 -
2023-10-16
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.analytics-debugger.com
GTS CA 1P5
2023-01-22 -
2023-04-22
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.google.pl
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
www.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
teads.tv
R3
2023-01-20 -
2023-04-20
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2022-12-14 -
2023-03-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-10 -
2023-06-10
a year crt.sh

This page contains 30 frames:

Primary Page: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Frame ID: 685B17807B13F11CC34E9868AFE2185B
Requests: 32 HTTP requests in this frame

Frame: data://truncated
Frame ID: B38AC64E2C4F33BE1AF6EF9B26AD7DE3
Requests: 3 HTTP requests in this frame

Frame: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: A7142230A7F10BC3803D49C62A0BF4E7
Requests: 15 HTTP requests in this frame

Frame: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: CE1D8789D0BF884F2A31885AE82BE3D5
Requests: 12 HTTP requests in this frame

Frame: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 3D6CC3C2C253C566F9E7C9B296E9E02F
Requests: 12 HTTP requests in this frame

Frame: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 70E625B666E920FA7A0102591DF0CFD1
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: A8F282166372F4DA9C3D955904B5A70D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=1831158112&adf=816031639&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968639&bpp=12&bdt=328&idt=238&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=2&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1978821820&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071545%2C31071580%2C42531705%2C31071722&oid=2&pvsid=3169183860831099&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.930j8l70d89i&fsb=1&dtd=250
Frame ID: BCECA2DF85204CD67F05156225944D4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Frame ID: BA1EECED4E4F5F59639443C12DABED8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Frame ID: D92DF3BA6B122B54663FDF4CE5E8D7ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNUyd9_K9_xZdK0navQPdzGKNF8DDsrbQRMkPVt0V82WsCUtk7R7xbIYB1FfktV-TU7S3s9EKZXXgc76k4cnOvoBWuBwQQxVCEc_B5TLQa3aMydyzwttuR9d4RedvBEIh9Cukqj_HkH8KO1FN5-WGGno6Lq_XnS81SDy4i21jhO-IDBdgSQ
Frame ID: 2CBC050B0749E3E2365BEEDFB7E490D8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A671737B5604547677FF8289D14BB79D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNVg6O7EqC6FjEYStwpcPl2QdvmB4SQC90uKwzBKwxDTqM0061UyEM76aAN0w6kwcAuxphTmIKiLgUyV3RqB79YyTtd6cu5_649LB4LeamVBKycQ-X-IkCG6oidcZkWF-9SLtg9ibh4vUWEVUwfsuQ63EftPAmBZx2NlxkLnQ8rtWUcRCCI
Frame ID: 8BFCB0A1D8E09E4C68A96C9FA9ACB7FB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7E940A8F19D7E19C395ECD1AC7C55637
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3543A4B5585D13C05555132720D9630E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 850495F15ABFB17FDCDA10D05C0DC7C1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6FF1C6CD83B534D93914E13DBAD2F141
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 704468136A772CFE77C10D4F2306EE92
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16720323297882931200/p-aj-pl-prog_display-prospecting-great_service-industry-2022-w26-Polish-120x240-637910741498433108-768eb54c-d986-4d12-80b8-f8b4a2dc8393.html
Frame ID: EF749646CA686005A9E7455DF466C25D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2F86887FCD1F720F16095A8CAF3072F1
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16720323297882931200/p-aj-pl-prog_display-prospecting-great_service-industry-2022-w26-Polish-120x240-637910741498433108-768eb54c-d986-4d12-80b8-f8b4a2dc8393.html
Frame ID: 6677F4D4F36A6AFF750CA7C2F43022CC
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5C7B0FFE27F6B6B2433EE1B26F9776A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7EA79EC7B724189D0EB30A69245277EF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D6A39E9B96E7F9A3956442EA9E99CBF9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D84D5B05C4782BCCB85D9E4C4025AEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F1881F2B0961BE658A5CF9354A3A44B
Requests: 2 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/84529ab2-2a00-4f97-be3f-76569b66b86f
Frame ID: 0B31A13DDF62498BCCFA95C543E97D80
Requests: 1 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/1fc3ee13-66af-493e-af2b-4399aaf42812
Frame ID: 542CD8D87A0B02D2C1B552EDB0D9A309
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Faj-produkter%2F55f6c9c5163b58e2a8681ac3%2Fimages%2Ff21bfe9f-5ff3-4005-a50b-1dcde8514ec2.jpg&w=1268&h=1268&q=85&f=webp&rt=contain
Frame ID: 47EF08DC78570383F8F3E02A51290FB1
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Faj-produkter%2F55f6c9c5163b58e2a8681ac3%2Fimages%2Ff21bfe9f-5ff3-4005-a50b-1dcde8514ec2.jpg&w=1268&h=1268&q=85&f=webp&rt=contain
Frame ID: B1EE9D151E089D3B8D4DF98A685D5B4E
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

🍸更衣人偶墜入愛河(戀上換裝娃娃)【日語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

185
Requests

90 %
HTTPS

0 %
IPv6

29
Domains

42
Subdomains

31
IPs

10
Countries

2246 kB
Transfer

6162 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrla7TmQEQgAgYgAgyCMogKkuLg2PU HTTP 301
  • https://tpc.googlesyndication.com/simgad/12720611189492641873
Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_xYi9OQ45XwA9-Mr_7JGw&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_xYi9OQ45XwA9-Mr_7JGw&google_cver=1&C=1
Request Chain 87
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.DsafARI4Z-7lkhAuPyLgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_xYi9OQ45XwA9-Mr_7JGw&google_cver=1&google_hm=2
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOl2qd0jIh5kpe2lfozRzns&google_cver=1
Request Chain 89
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0OTUzMjQ5NDQxOTg4MDM4Ng%3D%3D
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED73KS_X5MskE7AYu1I64Ko&google_cver=1
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAXtdcBX9MM3cvXYHzyQpFk&google_cver=1
Request Chain 115
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO78YyFdHWrxUJkdhOZpigU&google_cver=1&google_push=Aa02lx_Alx2L6tmbUp1SQWXnfZ40pMP3VmtSMVmGCAuzGkuuSxAWbZn7gSnf1MD7pHN8Wwqtaz2GHsIRKOjoRFLQPV0nRqOmOw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO78YyFdHWrxUJkdhOZpigU&google_cver=1&google_push=Aa02lx_Alx2L6tmbUp1SQWXnfZ40pMP3VmtSMVmGCAuzGkuuSxAWbZn7gSnf1MD7pHN8Wwqtaz2GHsIRKOjoRFLQPV0nRqOmOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SENOZnJWWGcxUHAwY1Y1&google_gid=CAESEO78YyFdHWrxUJkdhOZpigU&google_cver=1&google_push=Aa02lx_Alx2L6tmbUp1SQWXnfZ40pMP3VmtSMVmGCAuzGkuuSxAWbZn7gSnf1MD7pHN8Wwqtaz2GHsIRKOjoRFLQPV0nRqOmOw
Request Chain 116
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECMKUdDW-TybHCRtebqG5mc&google_cver=1&google_push=Aa02lx8WtI3ceETGPN0yIRAs4CMt5qiIHa1-kPhsLbZ9I20GOYXrE8UABugYV50tyLXjB-S7XJbErFoBomvzd13am3jK5f7sY6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8WtI3ceETGPN0yIRAs4CMt5qiIHa1-kPhsLbZ9I20GOYXrE8UABugYV50tyLXjB-S7XJbErFoBomvzd13am3jK5f7sY6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECMKUdDW-TybHCRtebqG5mc&google_cver=1&google_push=Aa02lx8WtI3ceETGPN0yIRAs4CMt5qiIHa1-kPhsLbZ9I20GOYXrE8UABugYV50tyLXjB-S7XJbErFoBomvzd13am3jK5f7sY6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8WtI3ceETGPN0yIRAs4CMt5qiIHa1-kPhsLbZ9I20GOYXrE8UABugYV50tyLXjB-S7XJbErFoBomvzd13am3jK5f7sY6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 117
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEK2jfIKnhRjqn7VX65l88Uw&google_cver=1&google_push=Aa02lx_dGMppreLJuUtIYV1z1T09pSfpTWrsEk-suGN7kAq2czzczBt6SsF_-573vDKX4LriZXL4K9upGfQ2WfoKdnc4zUPbPv8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_dGMppreLJuUtIYV1z1T09pSfpTWrsEk-suGN7kAq2czzczBt6SsF_-573vDKX4LriZXL4K9upGfQ2WfoKdnc4zUPbPv8&google_hm=eS1zVGJ0XzJCRTJwSEJIdHhIcVlHZ012Qkk3T3pXYjhhOX5B
Request Chain 118
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAYd7LMpgR0UAFxsu8lLddM&google_cver=1&google_push=Aa02lx94ana8J-8Ra0Pib_5H14CxXXMbVdWfj389ep9gBhf_9P3kJXk7QmWuYSVrkbhPCAxcO_TTdDwFeVpUpFkto4DoxZpgtBU HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAYd7LMpgR0UAFxsu8lLddM&google_cver=1&google_push=Aa02lx94ana8J-8Ra0Pib_5H14CxXXMbVdWfj389ep9gBhf_9P3kJXk7QmWuYSVrkbhPCAxcO_TTdDwFeVpUpFkto4DoxZpgtBU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyOTE5NDcwMzEyMzA2NTE1MA&google_push=Aa02lx94ana8J-8Ra0Pib_5H14CxXXMbVdWfj389ep9gBhf_9P3kJXk7QmWuYSVrkbhPCAxcO_TTdDwFeVpUpFkto4DoxZpgtBU
Request Chain 120
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJp2wCmEw983vIp30OpbJVE&google_cver=1&google_push=Aa02lx9H2ItqHjayTPrN0hLJifZ5BxGknEr4sF98AfsQjLA5LEH1rPzR38UlsQNNV5i4iSUXD95YOlXnRx1TtEQczFn_jdhyBYzd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9H2ItqHjayTPrN0hLJifZ5BxGknEr4sF98AfsQjLA5LEH1rPzR38UlsQNNV5i4iSUXD95YOlXnRx1TtEQczFn_jdhyBYzd HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 121
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKQqkQvyf9hqWh9hk2FcKlQ&google_cver=1&google_push=Aa02lx9B_tEYoO5amLy6L5jVkSoeM61cRZpj0AiIUZEpk6Obqw5OHayM6hNC5JxidQgmBLiCihPgLj_tWfYB3J9_tsvT3RLmm4He HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKQqkQvyf9hqWh9hk2FcKlQ&google_cver=1&google_push=Aa02lx9B_tEYoO5amLy6L5jVkSoeM61cRZpj0AiIUZEpk6Obqw5OHayM6hNC5JxidQgmBLiCihPgLj_tWfYB3J9_tsvT3RLmm4He HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2de2d6d9-a899-4c2c-911e-e4d7e9e70563&%%GOOGLE_PUSH_PAIR%%
Request Chain 142
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA_oWbikCcPRJdFR1l2wPjY&google_cver=1&google_push=Aa02lx_taXyYzpMsgtbC4p0TouIuizZeOD0bna8rFXlEqu2KU-7Gwa6D-PyBzDMhS_0hi4UKb5Jv9bSsAvkv2NtCyNozvnp79eYb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU4MTY4Njk0MjUyNDc3MDU1Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA_oWbikCcPRJdFR1l2wPjY&google_cver=1
Request Chain 146
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEObiAGJFC8QbQtnrWk7WMow&google_cver=1&google_push=Aa02lx8WHOeChnPPf3HqagGsyOdr_03_DVNcTQWnSItuhxwbKSB8AdDNcjLh8CeWnpgzIaMR5_7_1iVyeGuzg1LsjlhMfVhA4FnA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8WHOeChnPPf3HqagGsyOdr_03_DVNcTQWnSItuhxwbKSB8AdDNcjLh8CeWnpgzIaMR5_7_1iVyeGuzg1LsjlhMfVhA4FnA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675684970128 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-bab71406-4083-48c7-afa3-8894f62d376d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8WHOeChnPPf3HqagGsyOdr_03_DVNcTQWnSItuhxwbKSB8AdDNcjLh8CeWnpgzIaMR5_7_1iVyeGuzg1LsjlhMfVhA4FnA%26google_hm%3DA7q3FAZAg0jHr6OIlPYtN20 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8WHOeChnPPf3HqagGsyOdr_03_DVNcTQWnSItuhxwbKSB8AdDNcjLh8CeWnpgzIaMR5_7_1iVyeGuzg1LsjlhMfVhA4FnA&google_hm=A7q3FAZAg0jHr6OIlPYtN20
Request Chain 147
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELnkoUPeNWAJqeJT5H9sAd8&google_cver=1&google_push=Aa02lx-IHR7ejMu3JiF-GNr-bJacf1agzvlETGY1MNiwxsA3TGCFtvMsQW6AN3QmfvWXugiPSm-BIE6tKtwDrT9xnTSdjKlsZask HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fOFR4NmoxRTJ1SFhaVXNFcVQ4MEI5NWhrb0w1Ty43SX5B&google_push=Aa02lx-IHR7ejMu3JiF-GNr-bJacf1agzvlETGY1MNiwxsA3TGCFtvMsQW6AN3QmfvWXugiPSm-BIE6tKtwDrT9xnTSdjKlsZask
Request Chain 148
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKS30Ozm6hGb8M3rpNEe5l4&google_cver=1&google_push=Aa02lx_0NjxQwQFE_b6wk11un3J_AArAy3TPDnW7ZuiKCVwM1tHfWjTY6eWtbUqpFB98xG0zUQnsJRNppuS20Ei6aHSZhB9lFgpJsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODQ0OTUzMjQ5NDQxOTg4MDM4Ng%3D%3D&google_gid=CAESEKS30Ozm6hGb8M3rpNEe5l4&google_cver=1&google_push=Aa02lx_0NjxQwQFE_b6wk11un3J_AArAy3TPDnW7ZuiKCVwM1tHfWjTY6eWtbUqpFB98xG0zUQnsJRNppuS20Ei6aHSZhB9lFgpJsQ

185 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
www.xgcartoon.com/detail/
76 KB
18 KB
Document
General
Full URL
https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
802c35105734abda669ad7a7cbc29be47eea463803dee720b67d31bc4842c7dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 06 Feb 2023 12:02:45 GMT
ETag
"131e0-h3FyhyYVjkq48pTcAJKIaHY3q08"
Expires
Mon, 06 Feb 2023 12:03:45 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/
276 KB
71 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
ed0293e1640f7af7551ec7175f78ffda8da9e8b834189732fbcc3aa0fa41450d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 12:02:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72688
x-xss-protection
0
server
sffe
etag
"674edbe596924c0a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Feb 2023 12:02:45 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/
82 KB
23 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
7ab7c9af43dd94efa0cf5362d9ab7902728051251a3875b39d7abab35258a16e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 12:02:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23089
x-xss-protection
0
server
sffe
etag
"8d2b4bf31173f520"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Feb 2023 12:02:45 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/
29 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
8c4782746496d13d1a037741305f1d07a00ac457b2cbd431fc01a6a14e94802c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 12:02:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9473
x-xss-protection
0
server
sffe
etag
"c6321f616f371dfa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Feb 2023 12:02:45 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/
49 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
cb6731124d8b36e7fe0cd3a1bb09a3980ebc59fb4bbde274f1ad7e1b6acc22ef
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 12:02:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14977
x-xss-protection
0
server
sffe
etag
"1d120f1cc7733352"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Feb 2023 12:02:45 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/
41 KB
14 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
0aab3d6b4165ca27cf899946ebfdf34ac07c682c31e354d2e81076d7e0cdbe5a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 12:02:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14307
x-xss-protection
0
server
sffe
etag
"10bd233c2c6ad157"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Feb 2023 12:02:45 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/
40 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
25bf5a07c544e52b2a6ea1e716d15b8ff097bfad88dbd2c100a558ca6591d340
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 12:02:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10293
x-xss-protection
0
server
sffe
etag
"ffa4662108b82d3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Feb 2023 12:02:45 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/
109 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
b0e0a2a6b0da4532308b86d9989da4ad3a1c6f00d81a6f3e62d9add193a09122
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 12:02:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31946
x-xss-protection
0
server
sffe
etag
"5023241975e48b39"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Feb 2023 12:02:45 GMT
logo.png
www.xgcartoon.com/img/
13 KB
13 KB
Image
General
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:02:45 GMT
Last-Modified
Sun, 28 Aug 2022 14:10:33 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"3473-182e4ca3706"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13427
Expires
Mon, 06 Feb 2023 12:05:45 GMT
gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi.jpg
static-a.xgcartoon.com/cover/
93 KB
93 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e35e60e835bf5ab3690fd90ff51d64ae41a6b28c0b314c871ceb67014345f6c2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:47 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 03:06:22 GMT
server
cloudflare
etag
"4E5F03183B2B5B216724A9BAC52B72DD"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7953bd1ecd2c355a-WAW
content-length
94783
expires
Sat, 04 Feb 2023 14:39:30 GMT
play.png
www.xgcartoon.com/img/
470 B
790 B
Image
General
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:02:46 GMT
Last-Modified
Wed, 17 Aug 2022 11:09:20 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1d6-182ab7e5700"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
470
Expires
Mon, 06 Feb 2023 12:05:46 GMT
star.png
www.xgcartoon.com/img/
424 B
744 B
Image
General
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.43 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-43.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 12:02:46 GMT
Last-Modified
Wed, 17 Aug 2022 11:09:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1a8-182ab7e37c0"
Content-Type
image/png
Cache-Control
max-age=180
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
424
Expires
Mon, 06 Feb 2023 12:05:46 GMT
jinglingbaokemengjuchangban2004liekongdefangwenzhe_daiouqixisiriyu-tiankaozhi.jpg
static-a.xgcartoon.com/cover/
88 KB
88 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/jinglingbaokemengjuchangban2004liekongdefangwenzhe_daiouqixisiriyu-tiankaozhi.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf368db569da57a52fd1255e32b17195d690418f24d396b3db03ecbad7b24f9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:47 GMT
cf-cache-status
HIT
last-modified
Sun, 27 Nov 2022 01:11:17 GMT
server
cloudflare
etag
"9FBB1997B697ECCAF130F50AF3E792A4"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7953bd1ecd2e355a-WAW
content-length
90169
expires
Mon, 06 Feb 2023 18:22:59 GMT
chaomimiluxiangdai_jiamianqishikongwovsgangliguairengejiyineidariyu-lingcunzhanhong.jpg
static-a.xgcartoon.com/cover/
72 KB
73 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/chaomimiluxiangdai_jiamianqishikongwovsgangliguairengejiyineidariyu-lingcunzhanhong.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102b09a0796101da4548cf35ad65bba1373f47a5bcbc02d7af0bc0b8ba489494

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:47 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Aug 2022 16:37:48 GMT
server
cloudflare
etag
"0E8527DCE56DE36CEBDFB75788049DC3"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7953bd1ecd30355a-WAW
content-length
74104
expires
Mon, 06 Feb 2023 15:55:01 GMT
wodeyingxiongxueyuanjuchangbanyingxiongjueqi_riyu-kuyuegengping.jpg
static-a.xgcartoon.com/cover/
15 KB
16 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/wodeyingxiongxueyuanjuchangbanyingxiongjueqi_riyu-kuyuegengping.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d1e0b14a5678fe471c01aedb53ad0b3da587e2de8264aca76d83a6a89a2ab0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:46 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 19 Sep 2022 08:49:38 GMT
server
cloudflare
etag
"DFA6B7274C2C16B4CF4781E310595751"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7953bd1ecd2a355a-WAW
content-length
15635
expires
Mon, 06 Feb 2023 15:54:15 GMT
zuozuosangbiriyu-yongshoutaicheng.jpg
static-a.xgcartoon.com/cover/
10 KB
10 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/zuozuosangbiriyu-yongshoutaicheng.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e20e0c0e4eb56c5b784c0ac5daeea097edacaa3546f63758e3aa8f21eef4f8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:47 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 08 Nov 2022 12:38:26 GMT
server
cloudflare
etag
"96E86510947815B28BC95E9E5E5C5B74"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7953bd1ecd2b355a-WAW
content-length
10378
expires
Mon, 06 Feb 2023 12:03:24 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
fdb5e0585b3f270c1c7acc5f708c7871e79ea339d4cc30af4503d1f107ad6404
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 01:56:52 GMT
age
209154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2993
x-xss-protection
0
server
sffe
etag
"26c3a73b94839cdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 01:56:52 GMT
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
240 KB
63 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
1ce14301b2157149ea815c904d0c3725c883dcc908a41ac00007f2578702b631
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 13:06:22 GMT
age
168984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64492
x-xss-protection
0
server
sffe
etag
"0099ca0a2c56b704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 13:06:22 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
eb1bdcb1c8460c8059269ceb223b709105c98f919a641419db7d703aa642827d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 21:08:39 GMT
age
140047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3947
x-xss-protection
0
server
sffe
etag
"987306f4076d6158"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 21:08:39 GMT
integrator.json
adservice.google.com/adsid/
86 B
484 B
Fetch
General
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
102 KB
33 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=3001988&ga_cid=amp-Ekz_TzMi-E3eKdSOEYaEBg&ga_hid=1988&dt=1675684966328&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fgengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi&bdt=578&dtd=189&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
43dcb7935b1277a8767f6c4b23f6ff033c7fb34524882d697563d51bf05ca3e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:47 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33526
x-xss-protection
0
google-lineitem-id
-1
x-qqid
CMOS2PnsgP0CFU3huwgdoIACaQ
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Mon, 06 Feb 2023 12:02:47 GMT
ads
securepubads.g.doubleclick.net/gampad/
23 KB
11 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=3001988&ga_cid=amp-Ekz_TzMi-E3eKdSOEYaEBg&ga_hid=1988&dt=1675684966328&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fgengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi&bdt=578&dtd=219&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
edfb70e62af38264bf0fe9e05a38843948031728636b8e777ff9139f98fda031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:47 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
120x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10637
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CPfEyfnsgP0CFRHBuwgdhW4MYw
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138351399041
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Mon, 06 Feb 2023 12:02:47 GMT
ads
securepubads.g.doubleclick.net/gampad/
23 KB
11 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=3001988&ga_cid=amp-Ekz_TzMi-E3eKdSOEYaEBg&ga_hid=1988&dt=1675684966328&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fgengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi&bdt=578&dtd=220&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
aa13c83deaaffe4ecf22cd5949b9c29841848b91b6215b9f221af054c4cd7c6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:47 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
336x280
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10640
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CMiwyfnsgP0CFbOH_QcdhY4MbQ
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027455473
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Mon, 06 Feb 2023 12:02:47 GMT
ads
securepubads.g.doubleclick.net/gampad/
23 KB
11 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=1608544924&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=673088382&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=3001988&ga_cid=amp-Ekz_TzMi-E3eKdSOEYaEBg&ga_hid=1988&dt=1675684966328&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fgengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi&bdt=578&dtd=220&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
809e41bc24681852f0c56d295fcc1a15bea9eda0154ef6dcc9ea424d243f2f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:47 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
336x280
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10634
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
COaqyfnsgP0CFfqf_QcdWDoEKQ
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324663409
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Mon, 06 Feb 2023 12:02:47 GMT
ads
securepubads.g.doubleclick.net/gampad/
382 KB
101 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=2565837172&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1627611741&nhd=0&adx=954&ady=931&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2301181928000&d_imp=1&c=3001988&ga_cid=amp-Ekz_TzMi-E3eKdSOEYaEBg&ga_hid=1988&dt=1675684966328&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fgengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi&bdt=578&dtd=221&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
beada79c6ecbd7f51dd299c32bf47ac12c9d79c4f9c83fe1e57f90466f918ee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:46 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
x-creativesize
728x90
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampanalytics
{"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBe0O2QjrpX6C7A9bpVJ8zaRGlIuUkuKdaX_w5JoLzhLFvzYcPRtP0LizaHqA1udYICFoY9MBegvTU5yaa8N30RS6XynRShlwSInC9OJ5EyLxPsIiHSC_yiFD1Vei3NnJyyqh-Fg\u0026sai=AMfl-YQvJ2TFOZO_cTh32czbBU2uxm4z5cRuVOEg98zzsHUu0ii-ujLYJT0xO3QxQm-r4H1dJWPwlgPzJsu1\u0026sig=Cg0ArKJSzFrfbRbTElsIEAE\u0026cid=CAQSGwDUE5ymojGBAz65cs9ibUXao6kYLhyaxUu7EBgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=2565837172"],"btrUrl":[]}
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100686
x-xss-protection
0
amp-fast-fetch-signature
google:1:bpbPRytisaNri378Qw/DYx9ggRRRfHUfLSHZoZD3DZi5iqGf4rTTvhibKuSm02w7NtYU8+PyY5FZJXLXdlcbZ3zjdAC+pQbqBQsZT/hQK0x9+72yQ9EKIFf07B4L+Fw3rSNyq1ZIyZT+2RKgstW8rwLCdPHt8+3JA9wFLdUjwpRlOgYMhmLq5ZDMQUvRBzY1XiW0y6obe57He9fy8niXpArRq4r5CtvBXvuDp4+KdS9/9GUWofZK9JQWQJ8wYE6ab2rLSA9GWeUUDPubag3NmSyLC7cpqHO5j2yRoN9a2inoZ75QYhXrtl48XDkA/i2WAwAwMwQp+9DRMFXrjakEbg==
google-lineitem-id
-1
x-qqid
CNCZyvnsgP0CFZjHuwgdQDoEag
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Mon, 06 Feb 2023 12:02:46 GMT
container.html
628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/
0
0
Other
General
Full URL
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
19 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
03e92208d6d8172e560d3cdaaad8ba850fbd17921939d158c652f9bec8df9ab7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 03 Feb 2023 22:10:31 GMT
age
222736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6658
x-xss-protection
0
server
sffe
etag
"740864165de13201"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 03 Feb 2024 22:10:31 GMT
amp-animation-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
82 KB
19 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-animation-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
12b29d2c9bccf7eb796d9fdc56952c75ab369f04daf70d339a52919843a93dd7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 11:26:15 GMT
age
174992
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18981
x-xss-protection
0
server
sffe
etag
"e93ed86495286612"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 11:26:15 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012301181928000/v0/
7 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
e20d44c1b4c43a629f47d6a0f7f393d4f7dbcea8b6c42593d8842641465ae2f9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 02:55:45 GMT
age
205622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2507
x-xss-protection
0
server
sffe
etag
"88d0f622ab0ac3d7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 02:55:45 GMT
truncated
/ Frame B38A
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05dc159632ec2bc6be6e78d0d55244258455dae31d674006e3c0ec17d65ff680

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B38A
49 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b6426fd4497967f0b242654b64085722f1132745f6fb6b075ea58b58162a5ff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame B38A
25 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7caca509e42e6620d4ca14e3162359383a89e9393a6356896a3de0f4850c278f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
googleanalytics.json
cdn.ampproject.org/rtv/012301181928000/v0/analytics-vendors/
2 KB
812 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f1.1e100.net
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Feb 2023 00:17:29 GMT
age
215118
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
etag
"e1e63f57d8aea27a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Feb 2024 00:17:29 GMT
ga4.json
amp.analytics-debugger.com/
4 KB
2 KB
Fetch
General
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:47 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only, master-only
age
33181
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, same-origin
last-modified
Mon, 06 Feb 2023 02:49:46 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.xgcartoon.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fA03jvTntUbWg65GbeaBM4O17GU0sA77i1%2FggsWbGXCdc%2Bxqo4ssKukDqhyCc5RPKWmwJMU9jhTLT2KPJWU%2FTXl89Cfmdh1bfD0hYRmXiynXa321EC1nzL6tM3YQEDJlSqF2xAdWHjDUPEq"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
7953bd259fb8bf94-WAW
collect
www.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=1988&cid=amp-Ekz_TzMi-E3eKdSOEYaEBg&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fgengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi&dr=&dt=%F0%9F%8D%B8%E6%9B%B4%E8%A1%A3%E4%BA%BA%E5%81%B6%E5%A2%9C%E5%85%A5%E6%84%9B%E6%B2%B3%EF%BC%88%E6%88%80%E4%B8%8A%E6%8F%9B%E8%A3%9D%E5%A8%83%E5%A8%83%EF%BC%89%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1675684967&sct=1&seg=1&_et=1000&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A714
6 KB
3 KB
Document
General
Full URL
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:47 GMT
expires
Tue, 06 Feb 2024 12:02:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CE1D
6 KB
3 KB
Document
General
Full URL
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:47 GMT
expires
Tue, 06 Feb 2024 12:02:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D6C
6 KB
3 KB
Document
General
Full URL
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:47 GMT
expires
Tue, 06 Feb 2024 12:02:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 70E6
6 KB
3 KB
Document
General
Full URL
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:47 GMT
expires
Tue, 06 Feb 2024 12:02:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame A714
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 10:43:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Feb 2023 12:02:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A714
2 KB
818 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
9787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 09:19:41 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame A714
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
cafe /
Resource Hash
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
9787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8993
x-xss-protection
0
server
cafe
etag
12355142264901698679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 09:19:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A714
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
9787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 09:19:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A714
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
9787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 09:19:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A714
157 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Feb 2023 12:02:48 GMT
8aec859a266e19fb42fee7f82edeac28.js
www.gstatic.com/mysidia/ Frame A714
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 15:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14079
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 06:12:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 06 May 2023 15:32:16 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A714
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoH-_ZuzgY8PHOs3C7_UPoIGKyAawsNPVbuLQ4IPgCuiusNjzHRABINPLzjBg6eTJhdgaoAGwuqHXA8gBCakC3nDN8XAcsj7gAgCoAwHIA9sEqgSrAk_Q1sKckRy1Y91PQFl4NWzueMWx7k1AiKxO7_KlhdSR_7y8olYfAoqbqWTg3viN_lz75FzLPNYAouB6lzDBy8rvi5B_ljERTJ_71zD1U7mOsDgn8qoXz6c8JXNhkEwbWKT7V57-N7AXp4XljZ9y302lZAuBd9TSywcvfRnMu2TK9n6rXG1RZe0ZYR0ZbgUEein4b1THd7I6FDus9O_9DbRXSuYwoB9LiAQfmHlPMQ7l8HMweKlB0UcxQwL4155bQlLMN23FDL-38tcJyxnuwggo0RbP5lxjVQ-KJgT-AL31wrlkrqVgpOx4hpwCv-uBHaSOwbs8NMZ_qMooY1F9pprI4xxjDsADEbumes0tsbj7u9xaYui6fTo7LrO7GrrQI9m_S9yv1Gn-CGeGwATA9py2ywLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzZy3d6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHAxDwLtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMMiBQB0BUBgBcBshceChwIABIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=-vWqEx3JIL0&uach_m=[UACH]&cid=CAQSGwDUE5ymTEYERk4X1LawU2pI3WAfPJa8X02mqBgB&template_id=494&vis=1
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

show_ads.js
pagead2.googlesyndication.com/pagead/ Frame CE1D
102 KB
34 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
a52f430bb84cd89ab3df9d6875807c4874b69f90cf8c01bbf417cdd347a6de4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34661
x-xss-protection
0
server
cafe
etag
4303331702380582002
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 12:02:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CE1D
157 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Feb 2023 12:02:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CE1D
0
460 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFouApYKiqPUYa2ffUPtEm0odp-wyUND4KL1lhIRT4UQYnI7e1GgKYBWP-Yr7H5J5h4hafYducYH6vaFFAeK4JhE1MDoZNEvPh714Y1yvRC-9X-IxpGUxDB9g3rN1iTueSAZ1dPmKnJ9p9JCi0sTvT1Iy22FieR785hNBwTdSR9vn0phkZE3qGKdiUMSg1UIYqOZ9U6p2UBmSyADrQLl2VdGLv9Sl4bp3FLR7jXQALT85IE3lDskJ8ErbeTEf3iXw3C9PaB3um9TJJBnfMIGfT1N0CJ0dXjfAUvhaxPWl_0j-cgPJHvmW1wzrk4gZ5qRkRVVORB43trs2lywam-UJNrYz_mJQ_5EgcSg&sai=AMfl-YRlRoc0jK50h71HwW_AIfjGuJebfl2ndUQsxhqArAtFGoOGRN9WH0UnW7DZoRUAuZkSX1Q1orIL0dPjHKA&sig=Cg0ArKJSzOJsb2LrLqrAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Feb 2023 12:02:48 GMT
truncated
/ Frame A714
287 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
12720611189492641873
tpc.googlesyndication.com/simgad/ Frame A714
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrla7TmQEQgAgYgAgyCMogKkuLg2PU
  • https://tpc.googlesyndication.com/simgad/12720611189492641873
8 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12720611189492641873
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:22:13 GMT
x-content-type-options
nosniff
age
204035
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 15:30:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 04 Feb 2024 03:22:13 GMT

Redirect headers

date
Sun, 05 Feb 2023 21:42:05 GMT
x-content-type-options
nosniff
server
cafe
age
51643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/12720611189492641873
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Mar 2023 21:42:05 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3D6C
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:44:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
220725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Feb 2024 22:44:03 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3D6C
102 KB
34 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
966683af3f6ee4dea56ffd113e6fd17c234eb2e89c9cd7d733c810053f7e415e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34583
x-xss-protection
0
server
cafe
etag
7784530701875190666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 12:02:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D6C
157 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Feb 2023 12:02:48 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 70E6
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:44:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
220725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Feb 2024 22:44:03 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 70E6
102 KB
34 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
6952653f6e0903fbed7571ab5041f504a813f4133e2182090104d6e9f4f4109d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34583
x-xss-protection
0
server
cafe
etag
8868578706715070385
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 12:02:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 70E6
157 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Feb 2023 12:02:48 GMT
truncated
/ Frame A714
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db5772ff3da5e05c2637185ce2b88dd9c6cf815dcce60e017fc4ad5dd72273dc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3D6C
0
26 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzxBoRzLA8dvqGZ4sn4vufZSqjQ3-4QB9eVFQfWLSnaUvlyIkZdtXiVJYk-3TCKR5UzyigmwZ8tNMIFUA-6oHoRpqRNqik1yIp_ER0_JU5_4jSVh3DQihfn0ZpMignOIZFUkiPX4UPYWgnUhw6N-IivrZ3n9RHvHB6ZrDk9UyqdEx-ESRwxEAQ70oCVmNPeBJNpGQY-qDGDvJVfSTPB52jK1xeB1WybrK7-GakVR0l4DqgvU1j_K7qpukbpEXRpviL07pLdmKAz7n5zN1UUc4dA9VxPVchmPxzSHJ_IMxHg4dAZpOM4SP4v_rNNlkYaUo7AcXqaf6y534bV7ch2eB_EcfqWkjFpBbp&sai=AMfl-YRMQ1qvCJ7_hJQdq8ECTn__VgYIv3TsMZvlI-T14b4SNKVpBnqRf8ZrNNLrYjh-oDRG5wrSIEILQ31ajTg&sig=Cg0ArKJSzPughqo3jvylEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 70E6
0
26 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssh8JVVPVjNHs6a43XZMFa1IpjEw7WiKNUWjow2VzPzbC7-cA3Gb88mEV0X76bdL-6vfmzdJTEjMyT0mWc5g_NfWicmhzeCUvln1IaoelOC28BuZMX-2Dk11kw-ON2PTvVtaBzEx8LgGrplq8vN9V4L0O9yCd12XscoCHOj_nvnuqp9vxoSYicl1_yOouVk0YtfX4-VtbQZ-9mnB786OjckCDichapslnAjXKc9xRMaPuIEysFvZegeeykRCaaqrtHIAl3maJx_z8jpXNKCpGOlZ2xU4Ojngc63sGPuhy2_wIoXIrQztHHsPHx5QS0jApMlTelRP2t61veLbf164Y2hXN6YneatXbrJ&sai=AMfl-YSG5A8Y2M3AjhSP9Ee5lHaDbT86zMDGtP_-xs8Nv0wiQCSSiwL7edZcZZ7Bg2Yzr2BRdvsAGb-Ovwz71EQ&sig=Cg0ArKJSzIKiWNbD14jvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
URL: https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/ Frame CE1D
361 KB
119 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071722
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
1bce3aa5fd9d3a2952d25f1e5072ea8aa70047087a21f98397666e09e675f7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121327
x-xss-protection
0
server
cafe
etag
13997056135479677569
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 12:02:48 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A714
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 15:23:02 GMT
x-content-type-options
nosniff
age
592786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 15:23:02 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A714
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f3.1e100.net
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 17:41:27 GMT
x-content-type-options
nosniff
age
584481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 17:41:27 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/ Frame 70E6
361 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071854
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
57f3586a5880fd6109046314707c41879ac8fed9db9ca8345a4047b09c16592e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121172
x-xss-protection
0
server
cafe
etag
467383545460712467
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 12:02:48 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/ Frame 3D6C
361 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071812
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
57f3586a5880fd6109046314707c41879ac8fed9db9ca8345a4047b09c16592e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121172
x-xss-protection
0
server
cafe
etag
467383545460712467
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 12:02:48 GMT
truncated
/ Frame CE1D
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e160d8dab634140d27db76690c2f5754343034d4f051e89432b85fc23b2a958c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame A8F2
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 12:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
258562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 12:13:26 GMT
integrator.js
adservice.google.pl/adsid/ Frame CE1D
107 B
531 B
Script
General
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CE1D
107 B
196 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BCEC
603 B
112 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=1831158112&adf=816031639&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968639&bpp=12&bdt=328&idt=238&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=2&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1978821820&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071545%2C31071580%2C42531705%2C31071722&oid=2&pvsid=3169183860831099&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.930j8l70d89i&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.pl/adsid/ Frame 70E6
107 B
165 B
Script
General
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 70E6
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BA1E
20 KB
9 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
9344135be84140c03e7c35de775354e7b4d743da0c9edbc6e480b4c0d17947fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
8655
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.pl/adsid/ Frame 3D6C
107 B
165 B
Script
General
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3D6C
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D92D
20 KB
8 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
5150b4d518589c03fe78e7a9e55bb207932dac64003695a295a28ceaec0e81e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
8517
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2CBC
624 B
288 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNUyd9_K9_xZdK0navQPdzGKNF8DDsrbQRMkPVt0V82WsCUtk7R7xbIYB1FfktV-TU7S3s9EKZXXgc76k4cnOvoBWuBwQQxVCEc_B5TLQa3aMydyzwttuR9d4RedvBEIh9Cukqj_HkH8KO1FN5-WGGno6Lq_XnS81SDy4i21jhO-IDBdgSQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A671
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 12:02:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A671
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
9788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 09:19:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A671
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
9788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 09:19:41 GMT
l
www.google.com/ads/measurement/ Frame A671
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpKFZTKkYP1sMg2aMxhiSv47H95JEZEsDR7k8W0RdKZJyRIEYCxPCH9wE9Yo7ZmsxbTeyzm4_Hc-dlUEZw4gQ4f0HTqg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A671
157 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Feb 2023 12:02:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A671
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5jpSip9pHHDLDOx6ZD2PF-lcyIcPv2uixAX_XUxqyxcLYg9IvDS7ruMbq9FBhYhuah7U5DDHN4mAvNrgfRl-YuX1zeP9ZGShqh7kEbQYAgS3nANI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A671
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14774500761414845880&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CE1D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKN8k1on81Tv26xnuUoiyMIgAqG2j1V9wmJpCWRz07cC16kXIowgE8aaM27DSKVlooqOX7TlSOPw3TVJ3ToTNWEBhUziLm4Ze5sTROFiB2MTH_N662n9BFWaKYk3bvYMOh6hf203IBV8JlaGHWHhhQtad7XaWWFo3iWUUQA44qJ0oSXZQ00w3Tg1wxp3qI-JYwhl3yFd1lrp0IcGwasQ_M-VK5JYAA49Rj0mHNFf2zDarpCb-enbjD-UNtXkRAOx_-7oqdBD3J08JSGUYD4o-DQMhsKNct_6ELLzCCozSlDFbQo4AB7i3xYKrGi5YVfDW5i2mq0PDfHOiB4qNTQuMOaOSaGUfUS5hDQiEV&sai=AMfl-YQblwN7MqBfnwtyeG41t4RSWtn01wOqPKmBlHiy9--KtLc3LXN6pXZSRN2AzYubShhavaQzDmYQOQdlUsM&sig=Cg0ArKJSzOrQ5JBX75A4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Feb 2023 12:02:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CE1D
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
563fb8e7a59cda9efd56480289f8e0a4ba70deb631ea06eec65faf07e8bc5dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11307
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 2CBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_xYi9OQ45XwA9-Mr_7JGw&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_xYi9OQ45XwA9-Mr_7JGw&google_cver=1&C=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_xYi9OQ45XwA9-Mr_7JGw&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNUyd9_K9_xZdK0navQPdzGKNF8DDsrbQRMkPVt0V82WsCUtk7R7xbIYB1FfktV-TU7S3s9EKZXXgc76k4cnOvoBWuBwQQxVCEc_B5TLQa3aMydyzwttuR9d4RedvBEIh9Cukqj_HkH8KO1FN5-WGGno6Lq_XnS81SDy4i21jhO-IDBdgSQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 12:02:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 12:02:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEH_xYi9OQ45XwA9-Mr_7JGw&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 2CBC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.DsafARI4Z-7lkhAuPyLgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_xYi9OQ45XwA9-Mr_7JGw&google_cver=1&google_hm=2
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_xYi9OQ45XwA9-Mr_7JGw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNUyd9_K9_xZdK0navQPdzGKNF8DDsrbQRMkPVt0V82WsCUtk7R7xbIYB1FfktV-TU7S3s9EKZXXgc76k4cnOvoBWuBwQQxVCEc_B5TLQa3aMydyzwttuR9d4RedvBEIh9Cukqj_HkH8KO1FN5-WGGno6Lq_XnS81SDy4i21jhO-IDBdgSQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 12:02:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_xYi9OQ45XwA9-Mr_7JGw&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2CBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOl2qd0jIh5kpe2lfozRzns&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOl2qd0jIh5kpe2lfozRzns&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNUyd9_K9_xZdK0navQPdzGKNF8DDsrbQRMkPVt0V82WsCUtk7R7xbIYB1FfktV-TU7S3s9EKZXXgc76k4cnOvoBWuBwQQxVCEc_B5TLQa3aMydyzwttuR9d4RedvBEIh9Cukqj_HkH8KO1FN5-WGGno6Lq_XnS81SDy4i21jhO-IDBdgSQ
Protocol
HTTP/1.1
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 12:02:49 GMT
AN-X-Request-Uuid
3398aa20-2b66-4620-9055-7a3b7c5961fa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
176.67.86.63; 176.67.86.63; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOl2qd0jIh5kpe2lfozRzns&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2CBC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0OTUzMjQ5NDQxOTg4MDM4Ng%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0OTUzMjQ5NDQxOTg4MDM4Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNUyd9_K9_xZdK0navQPdzGKNF8DDsrbQRMkPVt0V82WsCUtk7R7xbIYB1FfktV-TU7S3s9EKZXXgc76k4cnOvoBWuBwQQxVCEc_B5TLQa3aMydyzwttuR9d4RedvBEIh9Cukqj_HkH8KO1FN5-WGGno6Lq_XnS81SDy4i21jhO-IDBdgSQ
Protocol
H2
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 06 Feb 2023 12:02:49 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
176.67.86.63; 176.67.86.63; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6eb3b27d-13fe-480a-b052-e63b55b2cf10
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0OTUzMjQ5NDQxOTg4MDM4Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A671
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6920437030059&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A671
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6920437030059&version=m202301230201&ct=76&x=1&cor=14774500761414846000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A671
81 KB
34 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFQGROvfStiG-EsDGOVyx20r8FedlztswL69lDJ4TeYwMbKxBpEk2KSutrt2Y_1143iBROmGlLNYELkHD8OnFsyZgqgA&cry=1&dbm_d=AKAmf-CbU8TG_VWzj8539Tni0Y2dnPkQrITojIBIkjkgEDyqC2E24mDJHDfBAckQBVsrSdHHy4qIM9h8o589dqEkNAnikRzg_nI5yB3zbw4sKHqvAHI2G5SZMueAduRP5KVeDZl6KF6-K_59H4owzpa8eLlFTEcoapmXPlUfXq2GAbHdqeu-x5mrmS0GN5qN5ZAzPRdLo35c4BQuA0kQUsLJFRQxlhNtgslkD1vlI3NTmoMWfw-ND1c_uz5KAXPZaVOM4zj3xFd3Ao5cP5WbWyzbZk7djGTFsONS0-MLvRJ8xO9LDUxtwW3dYXWLexjRHuVr4jmUq6IXpZ-HYZiOubrkO3jd0tigKLdXVm5bleT9rA75HfltVijdH9YYGKW7eLmm4Ag9fS_geVkfDjF2QM2bPOp2tzBkHj4nES0va19oHmKSwkdjFYoyUyP-qajAMse8x-eGWLp2gVdzedxYy7bfET2Bn8Fw8s-bu-74GA49yK0OVkp_1iyLwy2l6wmIEqDLrIALiG_RMrsEO2M1SGuMReu7DO10g8nlR2RRMAe3t9twUQasloXLglnOBGmv7Pj2XCwZ0ptis2AvwYLd5ekHfDWoulFJ9ZOpnBt0MI_7lVX4Co9O8PCPeZM6o8669m4SInOB99kXZo9YQIbXo9IOFzg3LLdo10ZmglBbZzJa3EKeeUyCAxELfR5DKfdcSXnhh6zlmgqwQoW-cUaB_L8mpVY43gbKZO3WIJDxHHCzC9dbrTW5vlkLqJ1bI850bRu2Qepg2oXrtXWV26afJisV1-VQErllLgInvltaSb6-_l13tjeFtiv9_gKNVd16fCTLDjqkpyAXAXvmyQYCO0wdU7NwiqWZ3rQS8eG5FlYhJIglauUtqnJDgLsHGafnsdfMk8nKYuMh-vllGTlTqw6Agk70LLptwfg2GJfQDNr9U0ojXi1rIqc_JZEH65boHkLFWE-sFksDpyBggmvx82u6XivFhtY422yvKULDZtRzHggJ0g3ByM4717tShq1X1Wn-a35H6vYJRjaoICfpC_O7ANXcJUH5Ko4RWS1zmre1jHbMDQ9RnDZOc2jlC5DeW7VRFZWX_L9H8iMrmtMVZt_c9iEYSBZ8BsSaqHP79TeWXJGawmJaVOnD6KBHxuaqOTOl1GQ2j66toK3gAU8hTlbzR4W4Jnz-MM-5VSCwPDMBC8rgcPc7NZKwUDpkN2nZwHwDb2-hHWaEqrr3dk0CJFy-qq7rAc3dJBf4ekIdTkNg8AkARIvX7_rQMOk0bpEs_DuKI1ASCC6Uc8B94Skt4LC_Zqy1_r18-yAxdyWpM2g7g_2rZxoYyebLpvguJM9SqUudkOUi8_7QG6WVF1i_QpUnQB-xJPhaI0eE2MUbXZ0p5wx39Dvpk8Lol-otoZLvC1jd-0mvOLEKi_-bXIYUcgVeqPUCcLPCDMj5DYrUTjMAlK2RJWIt8KjNQeExRWs-JTsmRP9V6Hat8qAeYaf4I5WUpS4cSbwzoZDuBZp30rX8UgmbYUww3xhB7DCijCNUFUA4HK2i-KFr16sy6uOdUQNrciU_aCdqsnVD6VEqg5hDzUQcUxgIaSsDz6dz1ONQtEokrBcW13KxHy5PHehdFhjGEAOl4trW0EpyqBSESzLdFCND_YKmJWj3qNLe9DuQHXzlIkd4UG3cC5UByzxpYa--RGvSFKq0daT4e5UMEDdGPKJzB_7HWdj73iXVP3t5dc5no-ZVe9YDe98l4ZNKJX7cy2S_b2EpBvmUfH-NZ5iE1gtlkmOvPkl_BMEiD4fqmmFSPN4Bho8syQ_nd2gxUcqNyEk5MW3Ah3mbCslWD7wJZm7ov9-It7PpQJkgV3jxCC2Ss4F_Bb8JxArioexi2jXIP1z2p5TjK3Ax4RxzGxkZITMUmUgq_TLgEk0sJigwEWuZT30hHn4ivxoF554jGDXDQBo2Mtr3YQ99Enc0w4AdSaiv_ZLgWs22AoJWlJcpN6vYO1hEfssvRyjAogo-sC55hwsAbJRfbQQtwIz2d8rdWYd3oVG6e1Zhh8KXedOtfv4hAMc2Mn5cV0Wv5dX_q2GIomhrgRpyZlJn2c5c88awQ3U2BQIbm99GLTGgwuUq2yNnvOLVXWHhjW1-lwWjAcoJ3Dj2pzPV9t0H_FL6II-DKPqTDjn1TR4Vy84fQCG2QoPux_i7nZQZ6NpFhvdge59MBNzbARIDisNG65gZa_MydKUUUGnh4ez8WZq9DEAWahLVR-H3SopHnDzZujhB7142Aj7mlqQx1hJPiQH6TU8nSABU6CqZ8lxWXGWJJP9OmQDm46MWjQmmVJRn-FWKyEhOQ85X276ch8oqf1tQhtEodcFBsNy3-Q17IVyP7WJTFfQ_LoLKFevz02sdQF2v5oVAPmvnfHyANpFDpuFis5-LsAxgRA5WogNyffwAQa9gadHma5ljMsUcb0mImgQdrIOCqZsZydAhrBnYqJ26EfHjfaOwPSjnDtcoSJas-QpnWZn9VsaE2NogBpBnh0emj94cS_ol5K_WeRNCdYFTfqFbuE7tAwT-4eD5OOLR-kVYcW8wfh2PTMMkOm-20PlqknQ1muJSLhZKVVlPzhagZt0Mq-LcovosYY-nz_QEmhJE046ugDhu7TLz7R-Zy1qPHmlOcXxmxmvG19aksjlh6daVeNc3DFOhKPxKlnzrmSF6LcLxRIjC0ZCz09cs2o_COxEyKj4UC4DslMAH6D-1uoCyu_qzy2zVzj8m3WxZr-7-1XGVH1SmcpmOgnGHrKhaFPndDrY_z19ELAnFpao0URfICpXTpQrf-TVmXiXE4wgjgL5J69xHEY3EM8UR8dQgQTP3uZyZEOlFUIGUi6MejefapjixOBe6lEbX5wK3Q8vkJd3SD2xCq4I5CfxQOSe1uUPYOfi6z7CKm7Ut2QI-Z7-KMPQERGrsSUL0ThNYmhUg7pADWvOubKn-Nnt7xu2uK5XL9VnT9wTAJ-XihSIz1Yby4TiGUpJ45jGhcpEbbIvVlwfKtvQgHWNcfbzQQn0AJS_Ko8H5KVPOYoHJLGXaPfx2F4QdJyH1yPe5TVIaj5Wf3y7zsfHVDe86ges1EUwpfjR9BSvLIwtnZGkK0nhoQl5BmD3x0ahcpV_UU_xA70GRnSgo3WPl4WvwoiaIjxweChgxK_fSac0eFg&cid=CAQSKQDUE5ymN2zKWkm8ry0aVN58cJQLdRps1MPu-EC3mWHfqnowzVaIU_WQGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14774500761414846000&adk=451094747&idt=129&cac=0&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
0cb83c0b0d8f10740688280803f5a997386809252ec87153022f679795c55165
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34739
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8BFC
640 B
262 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNVg6O7EqC6FjEYStwpcPl2QdvmB4SQC90uKwzBKwxDTqM0061UyEM76aAN0w6kwcAuxphTmIKiLgUyV3RqB79YyTtd6cu5_649LB4LeamVBKycQ-X-IkCG6oidcZkWF-9SLtg9ibh4vUWEVUwfsuQ63EftPAmBZx2NlxkLnQ8rtWUcRCCI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7E94
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 12:02:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7E94
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
9788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 09:19:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7E94
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
9788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Feb 2023 09:19:41 GMT
l
www.google.com/ads/measurement/ Frame 7E94
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTt9uYmMZQUbcNpH3iJ9MOVFwiZPqq85QQs4TMG9XUOFrWb9EIGvxVpo6o3bQ0F-2g-u3xFGHvui4aH4enhQ5zsla6HqA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7E94
157 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Feb 2023 12:02:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E94
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dkk1DTrnz8wG9N8kuHVtjkoRd547QkZnkH1K-EEdbu1nAM0ZCzEQRu25Go9_D_zqubFlbCWvi2dX9WPzIlYFqlpq0rwO2qreepqe6Egwz0y0F-k3M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E94
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15278985849701647038&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CE1D
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Feb 2023 12:02:49 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A671
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 23:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 06 Feb 2023 23:10:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame A671
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFQGROvfStiG-EsDGOVyx20r8FedlztswL69lDJ4TeYwMbKxBpEk2KSutrt2Y_1143iBROmGlLNYELkHD8OnFsyZgqgA&cry=1&dbm_d=AKAmf-CbU8TG_VWzj8539Tni0Y2dnPkQrITojIBIkjkgEDyqC2E24mDJHDfBAckQBVsrSdHHy4qIM9h8o589dqEkNAnikRzg_nI5yB3zbw4sKHqvAHI2G5SZMueAduRP5KVeDZl6KF6-K_59H4owzpa8eLlFTEcoapmXPlUfXq2GAbHdqeu-x5mrmS0GN5qN5ZAzPRdLo35c4BQuA0kQUsLJFRQxlhNtgslkD1vlI3NTmoMWfw-ND1c_uz5KAXPZaVOM4zj3xFd3Ao5cP5WbWyzbZk7djGTFsONS0-MLvRJ8xO9LDUxtwW3dYXWLexjRHuVr4jmUq6IXpZ-HYZiOubrkO3jd0tigKLdXVm5bleT9rA75HfltVijdH9YYGKW7eLmm4Ag9fS_geVkfDjF2QM2bPOp2tzBkHj4nES0va19oHmKSwkdjFYoyUyP-qajAMse8x-eGWLp2gVdzedxYy7bfET2Bn8Fw8s-bu-74GA49yK0OVkp_1iyLwy2l6wmIEqDLrIALiG_RMrsEO2M1SGuMReu7DO10g8nlR2RRMAe3t9twUQasloXLglnOBGmv7Pj2XCwZ0ptis2AvwYLd5ekHfDWoulFJ9ZOpnBt0MI_7lVX4Co9O8PCPeZM6o8669m4SInOB99kXZo9YQIbXo9IOFzg3LLdo10ZmglBbZzJa3EKeeUyCAxELfR5DKfdcSXnhh6zlmgqwQoW-cUaB_L8mpVY43gbKZO3WIJDxHHCzC9dbrTW5vlkLqJ1bI850bRu2Qepg2oXrtXWV26afJisV1-VQErllLgInvltaSb6-_l13tjeFtiv9_gKNVd16fCTLDjqkpyAXAXvmyQYCO0wdU7NwiqWZ3rQS8eG5FlYhJIglauUtqnJDgLsHGafnsdfMk8nKYuMh-vllGTlTqw6Agk70LLptwfg2GJfQDNr9U0ojXi1rIqc_JZEH65boHkLFWE-sFksDpyBggmvx82u6XivFhtY422yvKULDZtRzHggJ0g3ByM4717tShq1X1Wn-a35H6vYJRjaoICfpC_O7ANXcJUH5Ko4RWS1zmre1jHbMDQ9RnDZOc2jlC5DeW7VRFZWX_L9H8iMrmtMVZt_c9iEYSBZ8BsSaqHP79TeWXJGawmJaVOnD6KBHxuaqOTOl1GQ2j66toK3gAU8hTlbzR4W4Jnz-MM-5VSCwPDMBC8rgcPc7NZKwUDpkN2nZwHwDb2-hHWaEqrr3dk0CJFy-qq7rAc3dJBf4ekIdTkNg8AkARIvX7_rQMOk0bpEs_DuKI1ASCC6Uc8B94Skt4LC_Zqy1_r18-yAxdyWpM2g7g_2rZxoYyebLpvguJM9SqUudkOUi8_7QG6WVF1i_QpUnQB-xJPhaI0eE2MUbXZ0p5wx39Dvpk8Lol-otoZLvC1jd-0mvOLEKi_-bXIYUcgVeqPUCcLPCDMj5DYrUTjMAlK2RJWIt8KjNQeExRWs-JTsmRP9V6Hat8qAeYaf4I5WUpS4cSbwzoZDuBZp30rX8UgmbYUww3xhB7DCijCNUFUA4HK2i-KFr16sy6uOdUQNrciU_aCdqsnVD6VEqg5hDzUQcUxgIaSsDz6dz1ONQtEokrBcW13KxHy5PHehdFhjGEAOl4trW0EpyqBSESzLdFCND_YKmJWj3qNLe9DuQHXzlIkd4UG3cC5UByzxpYa--RGvSFKq0daT4e5UMEDdGPKJzB_7HWdj73iXVP3t5dc5no-ZVe9YDe98l4ZNKJX7cy2S_b2EpBvmUfH-NZ5iE1gtlkmOvPkl_BMEiD4fqmmFSPN4Bho8syQ_nd2gxUcqNyEk5MW3Ah3mbCslWD7wJZm7ov9-It7PpQJkgV3jxCC2Ss4F_Bb8JxArioexi2jXIP1z2p5TjK3Ax4RxzGxkZITMUmUgq_TLgEk0sJigwEWuZT30hHn4ivxoF554jGDXDQBo2Mtr3YQ99Enc0w4AdSaiv_ZLgWs22AoJWlJcpN6vYO1hEfssvRyjAogo-sC55hwsAbJRfbQQtwIz2d8rdWYd3oVG6e1Zhh8KXedOtfv4hAMc2Mn5cV0Wv5dX_q2GIomhrgRpyZlJn2c5c88awQ3U2BQIbm99GLTGgwuUq2yNnvOLVXWHhjW1-lwWjAcoJ3Dj2pzPV9t0H_FL6II-DKPqTDjn1TR4Vy84fQCG2QoPux_i7nZQZ6NpFhvdge59MBNzbARIDisNG65gZa_MydKUUUGnh4ez8WZq9DEAWahLVR-H3SopHnDzZujhB7142Aj7mlqQx1hJPiQH6TU8nSABU6CqZ8lxWXGWJJP9OmQDm46MWjQmmVJRn-FWKyEhOQ85X276ch8oqf1tQhtEodcFBsNy3-Q17IVyP7WJTFfQ_LoLKFevz02sdQF2v5oVAPmvnfHyANpFDpuFis5-LsAxgRA5WogNyffwAQa9gadHma5ljMsUcb0mImgQdrIOCqZsZydAhrBnYqJ26EfHjfaOwPSjnDtcoSJas-QpnWZn9VsaE2NogBpBnh0emj94cS_ol5K_WeRNCdYFTfqFbuE7tAwT-4eD5OOLR-kVYcW8wfh2PTMMkOm-20PlqknQ1muJSLhZKVVlPzhagZt0Mq-LcovosYY-nz_QEmhJE046ugDhu7TLz7R-Zy1qPHmlOcXxmxmvG19aksjlh6daVeNc3DFOhKPxKlnzrmSF6LcLxRIjC0ZCz09cs2o_COxEyKj4UC4DslMAH6D-1uoCyu_qzy2zVzj8m3WxZr-7-1XGVH1SmcpmOgnGHrKhaFPndDrY_z19ELAnFpao0URfICpXTpQrf-TVmXiXE4wgjgL5J69xHEY3EM8UR8dQgQTP3uZyZEOlFUIGUi6MejefapjixOBe6lEbX5wK3Q8vkJd3SD2xCq4I5CfxQOSe1uUPYOfi6z7CKm7Ut2QI-Z7-KMPQERGrsSUL0ThNYmhUg7pADWvOubKn-Nnt7xu2uK5XL9VnT9wTAJ-XihSIz1Yby4TiGUpJ45jGhcpEbbIvVlwfKtvQgHWNcfbzQQn0AJS_Ko8H5KVPOYoHJLGXaPfx2F4QdJyH1yPe5TVIaj5Wf3y7zsfHVDe86ges1EUwpfjR9BSvLIwtnZGkK0nhoQl5BmD3x0ahcpV_UU_xA70GRnSgo3WPl4WvwoiaIjxweChgxK_fSac0eFg&cid=CAQSKQDUE5ymN2zKWkm8ry0aVN58cJQLdRps1MPu-EC3mWHfqnowzVaIU_WQGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14774500761414846000&adk=451094747&idt=129&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 19:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
58121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Feb 2023 19:54:08 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame A671
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFQGROvfStiG-EsDGOVyx20r8FedlztswL69lDJ4TeYwMbKxBpEk2KSutrt2Y_1143iBROmGlLNYELkHD8OnFsyZgqgA&cry=1&dbm_d=AKAmf-CbU8TG_VWzj8539Tni0Y2dnPkQrITojIBIkjkgEDyqC2E24mDJHDfBAckQBVsrSdHHy4qIM9h8o589dqEkNAnikRzg_nI5yB3zbw4sKHqvAHI2G5SZMueAduRP5KVeDZl6KF6-K_59H4owzpa8eLlFTEcoapmXPlUfXq2GAbHdqeu-x5mrmS0GN5qN5ZAzPRdLo35c4BQuA0kQUsLJFRQxlhNtgslkD1vlI3NTmoMWfw-ND1c_uz5KAXPZaVOM4zj3xFd3Ao5cP5WbWyzbZk7djGTFsONS0-MLvRJ8xO9LDUxtwW3dYXWLexjRHuVr4jmUq6IXpZ-HYZiOubrkO3jd0tigKLdXVm5bleT9rA75HfltVijdH9YYGKW7eLmm4Ag9fS_geVkfDjF2QM2bPOp2tzBkHj4nES0va19oHmKSwkdjFYoyUyP-qajAMse8x-eGWLp2gVdzedxYy7bfET2Bn8Fw8s-bu-74GA49yK0OVkp_1iyLwy2l6wmIEqDLrIALiG_RMrsEO2M1SGuMReu7DO10g8nlR2RRMAe3t9twUQasloXLglnOBGmv7Pj2XCwZ0ptis2AvwYLd5ekHfDWoulFJ9ZOpnBt0MI_7lVX4Co9O8PCPeZM6o8669m4SInOB99kXZo9YQIbXo9IOFzg3LLdo10ZmglBbZzJa3EKeeUyCAxELfR5DKfdcSXnhh6zlmgqwQoW-cUaB_L8mpVY43gbKZO3WIJDxHHCzC9dbrTW5vlkLqJ1bI850bRu2Qepg2oXrtXWV26afJisV1-VQErllLgInvltaSb6-_l13tjeFtiv9_gKNVd16fCTLDjqkpyAXAXvmyQYCO0wdU7NwiqWZ3rQS8eG5FlYhJIglauUtqnJDgLsHGafnsdfMk8nKYuMh-vllGTlTqw6Agk70LLptwfg2GJfQDNr9U0ojXi1rIqc_JZEH65boHkLFWE-sFksDpyBggmvx82u6XivFhtY422yvKULDZtRzHggJ0g3ByM4717tShq1X1Wn-a35H6vYJRjaoICfpC_O7ANXcJUH5Ko4RWS1zmre1jHbMDQ9RnDZOc2jlC5DeW7VRFZWX_L9H8iMrmtMVZt_c9iEYSBZ8BsSaqHP79TeWXJGawmJaVOnD6KBHxuaqOTOl1GQ2j66toK3gAU8hTlbzR4W4Jnz-MM-5VSCwPDMBC8rgcPc7NZKwUDpkN2nZwHwDb2-hHWaEqrr3dk0CJFy-qq7rAc3dJBf4ekIdTkNg8AkARIvX7_rQMOk0bpEs_DuKI1ASCC6Uc8B94Skt4LC_Zqy1_r18-yAxdyWpM2g7g_2rZxoYyebLpvguJM9SqUudkOUi8_7QG6WVF1i_QpUnQB-xJPhaI0eE2MUbXZ0p5wx39Dvpk8Lol-otoZLvC1jd-0mvOLEKi_-bXIYUcgVeqPUCcLPCDMj5DYrUTjMAlK2RJWIt8KjNQeExRWs-JTsmRP9V6Hat8qAeYaf4I5WUpS4cSbwzoZDuBZp30rX8UgmbYUww3xhB7DCijCNUFUA4HK2i-KFr16sy6uOdUQNrciU_aCdqsnVD6VEqg5hDzUQcUxgIaSsDz6dz1ONQtEokrBcW13KxHy5PHehdFhjGEAOl4trW0EpyqBSESzLdFCND_YKmJWj3qNLe9DuQHXzlIkd4UG3cC5UByzxpYa--RGvSFKq0daT4e5UMEDdGPKJzB_7HWdj73iXVP3t5dc5no-ZVe9YDe98l4ZNKJX7cy2S_b2EpBvmUfH-NZ5iE1gtlkmOvPkl_BMEiD4fqmmFSPN4Bho8syQ_nd2gxUcqNyEk5MW3Ah3mbCslWD7wJZm7ov9-It7PpQJkgV3jxCC2Ss4F_Bb8JxArioexi2jXIP1z2p5TjK3Ax4RxzGxkZITMUmUgq_TLgEk0sJigwEWuZT30hHn4ivxoF554jGDXDQBo2Mtr3YQ99Enc0w4AdSaiv_ZLgWs22AoJWlJcpN6vYO1hEfssvRyjAogo-sC55hwsAbJRfbQQtwIz2d8rdWYd3oVG6e1Zhh8KXedOtfv4hAMc2Mn5cV0Wv5dX_q2GIomhrgRpyZlJn2c5c88awQ3U2BQIbm99GLTGgwuUq2yNnvOLVXWHhjW1-lwWjAcoJ3Dj2pzPV9t0H_FL6II-DKPqTDjn1TR4Vy84fQCG2QoPux_i7nZQZ6NpFhvdge59MBNzbARIDisNG65gZa_MydKUUUGnh4ez8WZq9DEAWahLVR-H3SopHnDzZujhB7142Aj7mlqQx1hJPiQH6TU8nSABU6CqZ8lxWXGWJJP9OmQDm46MWjQmmVJRn-FWKyEhOQ85X276ch8oqf1tQhtEodcFBsNy3-Q17IVyP7WJTFfQ_LoLKFevz02sdQF2v5oVAPmvnfHyANpFDpuFis5-LsAxgRA5WogNyffwAQa9gadHma5ljMsUcb0mImgQdrIOCqZsZydAhrBnYqJ26EfHjfaOwPSjnDtcoSJas-QpnWZn9VsaE2NogBpBnh0emj94cS_ol5K_WeRNCdYFTfqFbuE7tAwT-4eD5OOLR-kVYcW8wfh2PTMMkOm-20PlqknQ1muJSLhZKVVlPzhagZt0Mq-LcovosYY-nz_QEmhJE046ugDhu7TLz7R-Zy1qPHmlOcXxmxmvG19aksjlh6daVeNc3DFOhKPxKlnzrmSF6LcLxRIjC0ZCz09cs2o_COxEyKj4UC4DslMAH6D-1uoCyu_qzy2zVzj8m3WxZr-7-1XGVH1SmcpmOgnGHrKhaFPndDrY_z19ELAnFpao0URfICpXTpQrf-TVmXiXE4wgjgL5J69xHEY3EM8UR8dQgQTP3uZyZEOlFUIGUi6MejefapjixOBe6lEbX5wK3Q8vkJd3SD2xCq4I5CfxQOSe1uUPYOfi6z7CKm7Ut2QI-Z7-KMPQERGrsSUL0ThNYmhUg7pADWvOubKn-Nnt7xu2uK5XL9VnT9wTAJ-XihSIz1Yby4TiGUpJ45jGhcpEbbIvVlwfKtvQgHWNcfbzQQn0AJS_Ko8H5KVPOYoHJLGXaPfx2F4QdJyH1yPe5TVIaj5Wf3y7zsfHVDe86ges1EUwpfjR9BSvLIwtnZGkK0nhoQl5BmD3x0ahcpV_UU_xA70GRnSgo3WPl4WvwoiaIjxweChgxK_fSac0eFg&cid=CAQSKQDUE5ymN2zKWkm8ry0aVN58cJQLdRps1MPu-EC3mWHfqnowzVaIU_WQGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14774500761414846000&adk=451094747&idt=129&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 19:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
58121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10940
x-xss-protection
0
server
cafe
etag
260008737171085554
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Feb 2023 19:54:08 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A671
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 10:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 10:24:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3543
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
20926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 06:14:03 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 06:14:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame 8BFC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED73KS_X5MskE7AYu1I64Ko&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED73KS_X5MskE7AYu1I64Ko&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNVg6O7EqC6FjEYStwpcPl2QdvmB4SQC90uKwzBKwxDTqM0061UyEM76aAN0w6kwcAuxphTmIKiLgUyV3RqB79YyTtd6cu5_649LB4LeamVBKycQ-X-IkCG6oidcZkWF-9SLtg9ibh4vUWEVUwfsuQ63EftPAmBZx2NlxkLnQ8rtWUcRCCI
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED73KS_X5MskE7AYu1I64Ko&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 8BFC
43 B
304 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNVg6O7EqC6FjEYStwpcPl2QdvmB4SQC90uKwzBKwxDTqM0061UyEM76aAN0w6kwcAuxphTmIKiLgUyV3RqB79YyTtd6cu5_649LB4LeamVBKycQ-X-IkCG6oidcZkWF-9SLtg9ibh4vUWEVUwfsuQ63EftPAmBZx2NlxkLnQ8rtWUcRCCI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 8BFC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAXtdcBX9MM3cvXYHzyQpFk&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAXtdcBX9MM3cvXYHzyQpFk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNVg6O7EqC6FjEYStwpcPl2QdvmB4SQC90uKwzBKwxDTqM0061UyEM76aAN0w6kwcAuxphTmIKiLgUyV3RqB79YyTtd6cu5_649LB4LeamVBKycQ-X-IkCG6oidcZkWF-9SLtg9ibh4vUWEVUwfsuQ63EftPAmBZx2NlxkLnQ8rtWUcRCCI
Protocol
H2
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 06 Feb 2023 12:02:49 GMT
pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEAXtdcBX9MM3cvXYHzyQpFk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 8BFC
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv79QEQ6OvGmQIY99evzQEwAQ&v=APEucNVg6O7EqC6FjEYStwpcPl2QdvmB4SQC90uKwzBKwxDTqM0061UyEM76aAN0w6kwcAuxphTmIKiLgUyV3RqB79YyTtd6cu5_649LB4LeamVBKycQ-X-IkCG6oidcZkWF-9SLtg9ibh4vUWEVUwfsuQ63EftPAmBZx2NlxkLnQ8rtWUcRCCI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 06 Feb 2023 12:02:49 GMT
pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E94
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1069546169028&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E94
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1069546169028&version=m202301230201&ct=76&x=1&cor=15278985849701646000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7E94
81 KB
34 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTDWsN6HibElqaHNqSftstJ3D-_pqJGksYeY1oi_il8BQUVynZsvMtu-Ix2nVA0epdTMMHwHDg0bKYEK6ubJGU3rh4OA&cry=1&dbm_d=AKAmf-CjqgwprFgpTrLjFM7DcQ0wp3fm5LGOZp_afEzBZjvKUA2_W6KM0fIZ5P8bLAqA0-KL5DZXPVV6Bp-Nw-A0rY-iAOiHwq7W88x93qX3rv1bOfL220pAJpQj8H4-WHt8fMCxhBvwuo4FzQj4IEqREiams4AQjDq5OKawFZYreOOfhFERgDnZNgl7lau-1N9QJOmUzmNoUIfAm6KBYYvS2jrRrI0-008XUefrlcc0X9se6JjklJyqJWA5ZvOMkft42hX1os9GUO_p0XRq95T40KOHnETMrbC8EAPj2BOO5QuK8mjyN55zgw6OlqURhH7AvRKsgbibk4thSvIKRBOz-cMk9oaGal-NlJYgNvA45mvSJsfE4uPQ2YUn2j66Yd3utHKcAF2v2reVpfMU2B6JLT8qN6FnlMkoN9jTgke01YrskDMOryWVlHHP7-FssdaNgX7gdrXnOT1Y0DqmldmtwE-KK9c9z0pKpL2xRK7ooxGcK6JlyYKxdXw9DE2sa_kjgIHA8US9yTIZmlaNyv_yUlEengyxRilKYzNjB5FTvMEf-8TZrAaGyFM9gsRtRK0hYenyT28QAAfOAEk5txGsS5STtP2qyWEJ4hEpRezCV16wfgVLnPiT_l86WfgRXsrtS3ii_VhrnlLPPJyz5DQovs0hWPU81mjOogjYgFCWQP7XlJUu4QT1oVjWkkMeYGRLLI29HQMrrA_rRtv9O3-FuwwTTHJBLFRYifAKCrbu4lRjQnFLQO4zDcMllicvECpRgSV8GL9XYvOOYSr5HmxAwTs0_XWsgdCQ1x4MB1TWtOsF45tmVItTAYYVPqW6rzNWpyoOvyCb8EDcYWoueE0B6BqTDvp--hLo3lAsshWd9xkoCk67BxrOKQiEvVBkt5m2JNoMuf-avMASrsryv03ScM9bARbiAZDCFHky5XEP9TnYlsjN3gnLaaNYFvR18YGfi7phU8_It8sGXLcqrXWkZFG1DXSm0PsIV5K0B4osxBgXuCktpuLBbqcxNPQ9kzuiDrLeF-3tQ9eRSVMP1Xo1rOAfozhLXSYAUhJlRXyXcklwfNvQrnwAef8-liv7F-R0vzd9GGQM4R-0hrUxu9yiGuXFFpu6c270kXF-2sEiY-kEhVU5pzVUumpxOK-1Wj_dfHO-Lp7AmVixOtZ_AADXR07czAKuydcEHfOgDqG2DGRMuC58dDbhANM13819xFkW5f25zTMml0iz4AGYi97Zetl3ID8pubEa6Di7Ej0q36ZsEVfx-MXzF1BSzoBGkw7tjRYt1-LF50P-6u8T_IRa62xu9tAIzFLbKxqhapXRFkyctiOKZYH9p_bzcfrNY7v2wIpzNM45dlH3zYOeMcqnhmoVyGDeTQcO8MClNF2cQ-ZhpE6IHYSGr8i2bG-RUpEdhLO_v8Wo1QpqOexKAExBdrIKoV5tcTrbEW3uvfPWUMXAF3ronGqDz02lG7Yh4ZDdVt8yEDlkzqcAV3hjN6yUG1RJgAbY7UqoZRnQC2qY4umjfJuIm0vfE1grTpglB-XgFh6K6y74KwbRCuk8aPzG1Sp7lxUNWid0cNOdi_mOjyZkE97REOQ6zYErurPNJ87Pr5azIJkw2dkfk6CYn3Y83gKYoUKr4NZUiFzQSe319c_vSNI-aOpOzxg2ofaXGcy3LCeU6tc-UIYedcR_dsQgm_eO8rh_EEvzypKgbBR87nRMX1lvxN2IdVbvFLuX3-WyjsE6YJJsXXNIxICu-90gxI-0U0c5KZZuoNScnFs97XmQHkFlVGB8iuRZ2Kr12fcxO8cQUlhHL5GLk-rHs-9n0b9pJsx_FGVqcYQ26Gylsi2nLj-edD-GNfe7xy3J6-oWQdcozB3_ynDed6beVjAh4YoR5H4FX0BxKVJtMq9E9h0P-2QvhO-xQ1RWj437HZTSQ7KfmKrsJ8iMnwgbksd3ypOCQZSoYJ3G3vqkjctlstBZzrFOGpWp-ZfS-2nGcr0oA6BAgmWGVmSQclynY1M2aFWIV51QToBJ1ZqbwOKpLnIVEuaWGvt-bk0108K_jJdB0mR7v4emymsZHcvlXVwwSs-saZPVJvEH3WHgrYx6sxdBi8zrAjd5cLMXwRr6z7_s1KMX7ZXFX7_pW6djbitijphvULx5b6JbxBMPXtdE4ii4JIpb54NRYkz2ZmiiQmtvxT-rpse2NAXIXX9Ch4SEeemIaQtrn-4ikRg13_gyGCgs8FSbpN3tT72DTAFFI2AAPlIf_Dt8pZ5t7vYIptWAxL1ufe17ndrDpxpPsxMwpwWHbDwJNPpbPjm14m0Qqc43J8aMJvUca8ihpJ6OqL5QhUNC-RWwu02PhsbHjZ5iQKpWnE8sc4bisz7MZba8Sgg2YBfvjHDD_TQ_urqiF7XNAiqtIT0ei50Xn_IYaov6EQlriRx9G0AmNjyczD2cibiWBRcsFrvg2CexfpjNVNcpWQFKjQhLd9Bao0BAtV_fiI4uYCEfTvtxFhOFZLA9bgKXidr7eEMGdQtBXI-EO5pTvObOXAQY_uvzeq9wzXIso0RtPSa7_j6NhD657NLGqqUKTVeCH1y-BU3PjwY_Opv4kzauyyn4z-OkjPS_CYj0tVhpKBiJ7xKQ0QVbg8FUMfbzDIc4v7U5fLBWpAC1AWJQqGBne0M0XaIJp6gM5HT56-pTW1Al-dayItEOrwlmvms2xPbBsukbM86tn0wc57i1Dlm3Jz5hlVsXyebW9UW6RjEDmaVXqIIijAvCu97nLDIOyFHn62ECOUhjvvChhYvoDkZOe6M28uVWDSa8VvLU0m9xRG2zudNoFGAaPyFrHRl2UbNW2VOGyW2DsmIYIdPqKJehjP_LmCq8CRubuLyWxIUdHk0z-cumBNj4UFSmhcJKbPyA7MrIKlWJvvMMg8DAGZOJXcDBKnTpWQLnfFrxLBPtrp94YbL4wsq5BXWPxZFRfHwHmkd8-RY-r8P788XyC01lMJqaFno-fFXr3Ze6O5qC4rKPQJoXlZ2nwg4T36OmBzDYsMSKtHYI9YNQMiWHsmglm0aTpty2Pnx905vlkZRot9W3640pUeBrq-_nGbye_aCjGi--TMOjRUrzyAw0IvIKWA3yUmLsIjHYSG8hK5n5rSqCfto_ArI8sCKVA34p0dpqoqh4V0u6Uy_QRWn6yY8EicCGWg&cid=CAQSKQDUE5ymeeedSS-Lrz75dylGvwgi4XLOGr_57OYVJLCA6aw3XDr5L2VzGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=15278985849701646000&adk=2993637451&idt=107&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
3f20a0adf62be7f92a22040b1ec7d87a0abd2fb70a6c259d8051204c9ab8a20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34848
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8504
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
220262
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 22:51:47 GMT
expires
Sat, 03 Feb 2024 22:51:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 3543
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO78YyFdHWrxUJkdhOZpigU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO78YyFdHWrxUJkdhOZpigU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SENOZnJWWGcxUHAwY1Y1&google_gid=CAESEO78YyFdHWrxUJkdhOZpigU&google_cver=1&google_push=Aa02lx_Alx2L6tmbUp1SQWXnfZ40pMP3VmtSMVmGCAuzGku...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SENOZnJWWGcxUHAwY1Y1&google_gid=CAESEO78YyFdHWrxUJkdhOZpigU&google_cver=1&google_push=Aa02lx_Alx2L6tmbUp1SQWXnfZ40pMP3VmtSMVmGCAuzGkuuSxAWbZn7gSnf1MD7pHN8Wwqtaz2GHsIRKOjoRFLQPV0nRqOmOw
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 12:02:49 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/d601d38#rel-ec2-master i-05a89a035fd5ddeba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SENOZnJWWGcxUHAwY1Y1&google_gid=CAESEO78YyFdHWrxUJkdhOZpigU&google_cver=1&google_push=Aa02lx_Alx2L6tmbUp1SQWXnfZ40pMP3VmtSMVmGCAuzGkuuSxAWbZn7gSnf1MD7pHN8Wwqtaz2GHsIRKOjoRFLQPV0nRqOmOw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 3543
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECMKUdDW-TybHCRtebqG5mc&google_cver=1&google_push=Aa02lx8WtI3ceETGPN0yIRAs4CMt5qiIHa1-kPhsLbZ9I20GOYXrE8UABugYV50tyLXjB-S7XJbErFoBomvzd13am3jK5f7sY6M&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECMKUdDW-TybHCRtebqG5mc&google_cver=1&google_push=Aa02lx8WtI3ceETGPN0yIRAs4CMt5qiIHa1-kPhsLbZ9I20GOYXrE8UABugYV50tyLXjB-S7XJbErFoBomvzd13am3jK5f7sY6M...
43 B
443 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECMKUdDW-TybHCRtebqG5mc&google_cver=1&google_push=Aa02lx8WtI3ceETGPN0yIRAs4CMt5qiIHa1-kPhsLbZ9I20GOYXrE8UABugYV50tyLXjB-S7XJbErFoBomvzd13am3jK5f7sY6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8WtI3ceETGPN0yIRAs4CMt5qiIHa1-kPhsLbZ9I20GOYXrE8UABugYV50tyLXjB-S7XJbErFoBomvzd13am3jK5f7sY6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7953bd36c90d35c6-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1848
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECMKUdDW-TybHCRtebqG5mc&google_cver=1&google_push=Aa02lx8WtI3ceETGPN0yIRAs4CMt5qiIHa1-kPhsLbZ9I20GOYXrE8UABugYV50tyLXjB-S7XJbErFoBomvzd13am3jK5f7sY6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8WtI3ceETGPN0yIRAs4CMt5qiIHa1-kPhsLbZ9I20GOYXrE8UABugYV50tyLXjB-S7XJbErFoBomvzd13am3jK5f7sY6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7953bd354f6335c6-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3543
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEK2jfIKnhRjqn7VX65l88Uw&google_cver=1&google_push=Aa02lx_dGMppreLJuUtIYV1z1T09pSfpTWrsEk-suGN7kAq2czzczBt6SsF_-573vDKX4LriZXL4K9upGfQ2WfoKdnc4zUP...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_dGMppreLJuUtIYV1z1T09pSfpTWrsEk-suGN7kAq2czzczBt6SsF_-573vDKX4LriZXL4K9upGfQ2WfoKdnc4zUPbPv8&google_hm=eS1zVGJ0XzJCRTJwSEJIdHh...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_dGMppreLJuUtIYV1z1T09pSfpTWrsEk-suGN7kAq2czzczBt6SsF_-573vDKX4LriZXL4K9upGfQ2WfoKdnc4zUPbPv8&google_hm=eS1zVGJ0XzJCRTJwSEJIdHhIcVlHZ012Qkk3T3pXYjhhOX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 06 Feb 2023 12:02:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_dGMppreLJuUtIYV1z1T09pSfpTWrsEk-suGN7kAq2czzczBt6SsF_-573vDKX4LriZXL4K9upGfQ2WfoKdnc4zUPbPv8&google_hm=eS1zVGJ0XzJCRTJwSEJIdHhIcVlHZ012Qkk3T3pXYjhhOX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3543
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAYd7LMpgR0UAFxsu8lLddM&google_cver=1&google_push=Aa02lx94ana8J-8Ra0Pib_5H14CxXXMbVdWfj389ep9gBhf_9P3kJXk7QmWuYSVrkbhPCAxcO_TTdDwF...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAYd7LMpgR0UAFxsu8lLddM&google_cver=1&google_push=Aa02lx94ana8J-8Ra0Pib_5H14CxXXMbVdWfj389ep9gBhf_9P3kJXk7QmWuYSVrkbhPCAxcO_T...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyOTE5NDcwMzEyMzA2NTE1MA&google_push=Aa02lx94ana8J-8Ra0Pib_5H14CxXXMbVdWfj389ep9gBhf_9P3kJXk7QmWuYSVrkbhPCAxcO_TTdD...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyOTE5NDcwMzEyMzA2NTE1MA&google_push=Aa02lx94ana8J-8Ra0Pib_5H14CxXXMbVdWfj389ep9gBhf_9P3kJXk7QmWuYSVrkbhPCAxcO_TTdDwFeVpUpFkto4DoxZpgtBU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyOTE5NDcwMzEyMzA2NTE1MA&google_push=Aa02lx94ana8J-8Ra0Pib_5H14CxXXMbVdWfj389ep9gBhf_9P3kJXk7QmWuYSVrkbhPCAxcO_TTdDwFeVpUpFkto4DoxZpgtBU
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 3543
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEO7Xk5EMwuV4Y1ETHpxIMhM&google_cver=1&google_push=Aa02lx818oJt_TVb8oR4r4bTr6xUv46MswzNctAypmRyrmNeh_sa6Qc97ctv9q8uH_P2TMbmNTmBX1nryjHG_wJHHE5bDAx1-nI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
bipv3punro72sr9r9vtqc5cia3artl6l
/
onetag-sys.com/match/ Frame 3543
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJp2wCmEw983vIp30OpbJVE&google_cver=1&google_push=Aa02lx9H2ItqHjayTPrN0hLJifZ5BxGknEr4sF98AfsQjLA5LEH1rPzR38UlsQNNV5i4iSUXD95YOlXnRx1...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9H2ItqHjayTPrN0hLJifZ5BxGknEr4sF98AfsQjLA5LEH1rPzR38UlsQNNV5i4iSUXD95YOlXnRx1TtEQczFn_jdhyBYzd
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3543
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKQqkQvyf...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2de2d6d9-a899-4c2c-911e-e4d7e9e70563&%%GOOGLE_PUSH_PAIR%%
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2de2d6d9-a899-4c2c-911e-e4d7e9e70563&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2de2d6d9-a899-4c2c-911e-e4d7e9e70563&%%GOOGLE_PUSH_PAIR%%
date
Mon, 06 Feb 2023 12:02:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3543
0
50 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYDHWGT0uocJ9lj0H-abhXUrx5OazdEd3kMdhifxs8XdXMKNRl-UuqcqYCLWNmVHjj3EPui3s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031633&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968682&bpp=16&bdt=309&idt=228&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071854%2C44779793%2C31061690&oid=2&pvsid=3098394816906351&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.tvlbycena2sw&fsb=1&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6FF1
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
9789
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 09:19:40 GMT
expires
Tue, 06 Feb 2024 09:19:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7044
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f4.1e100.net
Software
GSE /
Resource Hash
905c2830b45011539e920dada33dbdb2e111c22458b80e820b9aeb5039645abf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zs5oMsV3X1xmT0nZoA47XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-zs5oMsV3X1xmT0nZoA47XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:49 GMT
expires
Mon, 06 Feb 2023 12:02:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame 8504
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 12:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
258563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 12:13:26 GMT
p-aj-pl-prog_display-prospecting-great_service-industry-2022-w26-Polish-120x240-637910741498433108-768eb54c-d986-4d12-80b8-f8b4a2dc8393.html
s0.2mdn.net/sadbundle/16720323297882931200/ Frame EF74
4 KB
1 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/16720323297882931200/p-aj-pl-prog_display-prospecting-great_service-industry-2022-w26-Polish-120x240-637910741498433108-768eb54c-d986-4d12-80b8-f8b4a2dc8393.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
970760d10a35e0bb7b43241f4fd83d0fed73167952d285909a076054b7d44031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
353877
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1427
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 09:44:52 GMT
expires
Fri, 02 Feb 2024 09:44:52 GMT
last-modified
Fri, 17 Jun 2022 14:49:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A671
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQGZR36ffudWyJYM8cTCcuKqGBipzcX0KYH0Iyro_FiXQiCK1_ntJCf6Wni84WewfMSpZHiAKz-sucwgo14lrae-1mhNDY6gTcmpx_7opw2VxK4Alz7qeSOi4ixlgEe7JzIxvji5zwriE8ptuR1hOUv_XPj_nYYK1hJ3xhz8rMl-m9c4K2jRQqIJquJnsz6CPAMoMmH5p9BZgycOl3vY_xiIQdSjQtoZX8rcjZGOs61CBjByp10PV9t19Voey50Cq-PDwQUbkCLP0z4e72mGiz7IeK56ns5nJf_nf5IDzRC8WNs5J3nR0ix42-djicZfnHeYx8HC_hKpuPbloge3zjFZZaM74P-S-oAEC1qxsB-qB7wScm_6Pac8S1UPOUhfPyIetj5FhxxHsNeftqb2Ie9quYIDUk62mLmM1r5nqJiELA3wL6eCPRLkg3gizS6wOrkimkZgjU7MhxgFbl7UodotsjNIkszwnzWin51FELwQJQiVWuVqsEqviCB_k5qRid0FdMSXcAmA_QSRH7wZzHUU1zyxmcJnZMaoQ7B-9K3UOZ8Q-6EftMIzrTFmla1HapmxByWpVzHsamULvG_x-3XZWKAEK439hR6ID210Dm8ZhjuEMx0ZvZB2xYu7ekoUsmdyqvkmxYQ_cs5PBywR2kB_b1SCG_XYfhoD4OmMHJ8E2rtjeCLXY2fwNIzOoNAeSF4h8EzDsjcLhhDspU2mGX36NjX0qe3z7p-BWl3gxTrL57xpxjQRewsfandxGhvJIc1xImlLxTWcOwN5eylBmQPDgACEKbqVTHsvcmXTZBWE9PXqbApo2Rpdno-c-oGZSwWT7n8CRDNNW-7AhYpmSusbhlezZj26460KlXKNXF1tcg6cjdSvxkmughpjnoaX0L4lBY0U3CV2EWrwXjuCKaprkcKZgbslbt9PDUbldp3t3lCA_6MKj9pwA5I0_cZfErm_RQLw7PmA0AAD5cA3QDuxtl9_5nbmOrav3a_y8VNrTdNIZ93_T3cbxP3KlvL0B08bK_sJrnwwJzBEZW2ZKCWPsTutuqFEnUTfPza2yoPx5iRUR93cbNxFj4IaPf10oAIbL_sQW6QfiLgmxBoFJ3L1savtz_7V9a_ydqR3GknpFFWHHFHsWSokYSQiFa8QL0_LfWVba00xfFtCfYDxQYGVkPSe0jvPH-2bU4hJNM1OY-7Yb4EN3nOfpvLAdgGxN8lzSf3X_KWxXEkL_LFuA1ltMuQCIw&sai=AMfl-YQpbOtmuYH_Vea7XszSkZb1Pc5_-52RM9h5UZtVUcMthY_d9sGsI-jFRMdhTrZpGpb3zpLLDXtDfSJ7cc75YwIoS5oRAgr3PX5yhm_n6Mi0qI3YVLnFS2VOBSLUX8CzwEDcNerUj6J-WgpA9IK5oz-8DQqH7gJcqNTd4paA-j5U3omP8lCNU7Ll6-RsFJNcag-3O6PFU5ag&sig=Cg0ArKJSzP2BTpTqkvliEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=186&cbvp=1&cstd=182&cisv=r20230201.18063&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Feb 2023 12:02:49 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7E94
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 23:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 06 Feb 2023 23:10:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 7E94
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTDWsN6HibElqaHNqSftstJ3D-_pqJGksYeY1oi_il8BQUVynZsvMtu-Ix2nVA0epdTMMHwHDg0bKYEK6ubJGU3rh4OA&cry=1&dbm_d=AKAmf-CjqgwprFgpTrLjFM7DcQ0wp3fm5LGOZp_afEzBZjvKUA2_W6KM0fIZ5P8bLAqA0-KL5DZXPVV6Bp-Nw-A0rY-iAOiHwq7W88x93qX3rv1bOfL220pAJpQj8H4-WHt8fMCxhBvwuo4FzQj4IEqREiams4AQjDq5OKawFZYreOOfhFERgDnZNgl7lau-1N9QJOmUzmNoUIfAm6KBYYvS2jrRrI0-008XUefrlcc0X9se6JjklJyqJWA5ZvOMkft42hX1os9GUO_p0XRq95T40KOHnETMrbC8EAPj2BOO5QuK8mjyN55zgw6OlqURhH7AvRKsgbibk4thSvIKRBOz-cMk9oaGal-NlJYgNvA45mvSJsfE4uPQ2YUn2j66Yd3utHKcAF2v2reVpfMU2B6JLT8qN6FnlMkoN9jTgke01YrskDMOryWVlHHP7-FssdaNgX7gdrXnOT1Y0DqmldmtwE-KK9c9z0pKpL2xRK7ooxGcK6JlyYKxdXw9DE2sa_kjgIHA8US9yTIZmlaNyv_yUlEengyxRilKYzNjB5FTvMEf-8TZrAaGyFM9gsRtRK0hYenyT28QAAfOAEk5txGsS5STtP2qyWEJ4hEpRezCV16wfgVLnPiT_l86WfgRXsrtS3ii_VhrnlLPPJyz5DQovs0hWPU81mjOogjYgFCWQP7XlJUu4QT1oVjWkkMeYGRLLI29HQMrrA_rRtv9O3-FuwwTTHJBLFRYifAKCrbu4lRjQnFLQO4zDcMllicvECpRgSV8GL9XYvOOYSr5HmxAwTs0_XWsgdCQ1x4MB1TWtOsF45tmVItTAYYVPqW6rzNWpyoOvyCb8EDcYWoueE0B6BqTDvp--hLo3lAsshWd9xkoCk67BxrOKQiEvVBkt5m2JNoMuf-avMASrsryv03ScM9bARbiAZDCFHky5XEP9TnYlsjN3gnLaaNYFvR18YGfi7phU8_It8sGXLcqrXWkZFG1DXSm0PsIV5K0B4osxBgXuCktpuLBbqcxNPQ9kzuiDrLeF-3tQ9eRSVMP1Xo1rOAfozhLXSYAUhJlRXyXcklwfNvQrnwAef8-liv7F-R0vzd9GGQM4R-0hrUxu9yiGuXFFpu6c270kXF-2sEiY-kEhVU5pzVUumpxOK-1Wj_dfHO-Lp7AmVixOtZ_AADXR07czAKuydcEHfOgDqG2DGRMuC58dDbhANM13819xFkW5f25zTMml0iz4AGYi97Zetl3ID8pubEa6Di7Ej0q36ZsEVfx-MXzF1BSzoBGkw7tjRYt1-LF50P-6u8T_IRa62xu9tAIzFLbKxqhapXRFkyctiOKZYH9p_bzcfrNY7v2wIpzNM45dlH3zYOeMcqnhmoVyGDeTQcO8MClNF2cQ-ZhpE6IHYSGr8i2bG-RUpEdhLO_v8Wo1QpqOexKAExBdrIKoV5tcTrbEW3uvfPWUMXAF3ronGqDz02lG7Yh4ZDdVt8yEDlkzqcAV3hjN6yUG1RJgAbY7UqoZRnQC2qY4umjfJuIm0vfE1grTpglB-XgFh6K6y74KwbRCuk8aPzG1Sp7lxUNWid0cNOdi_mOjyZkE97REOQ6zYErurPNJ87Pr5azIJkw2dkfk6CYn3Y83gKYoUKr4NZUiFzQSe319c_vSNI-aOpOzxg2ofaXGcy3LCeU6tc-UIYedcR_dsQgm_eO8rh_EEvzypKgbBR87nRMX1lvxN2IdVbvFLuX3-WyjsE6YJJsXXNIxICu-90gxI-0U0c5KZZuoNScnFs97XmQHkFlVGB8iuRZ2Kr12fcxO8cQUlhHL5GLk-rHs-9n0b9pJsx_FGVqcYQ26Gylsi2nLj-edD-GNfe7xy3J6-oWQdcozB3_ynDed6beVjAh4YoR5H4FX0BxKVJtMq9E9h0P-2QvhO-xQ1RWj437HZTSQ7KfmKrsJ8iMnwgbksd3ypOCQZSoYJ3G3vqkjctlstBZzrFOGpWp-ZfS-2nGcr0oA6BAgmWGVmSQclynY1M2aFWIV51QToBJ1ZqbwOKpLnIVEuaWGvt-bk0108K_jJdB0mR7v4emymsZHcvlXVwwSs-saZPVJvEH3WHgrYx6sxdBi8zrAjd5cLMXwRr6z7_s1KMX7ZXFX7_pW6djbitijphvULx5b6JbxBMPXtdE4ii4JIpb54NRYkz2ZmiiQmtvxT-rpse2NAXIXX9Ch4SEeemIaQtrn-4ikRg13_gyGCgs8FSbpN3tT72DTAFFI2AAPlIf_Dt8pZ5t7vYIptWAxL1ufe17ndrDpxpPsxMwpwWHbDwJNPpbPjm14m0Qqc43J8aMJvUca8ihpJ6OqL5QhUNC-RWwu02PhsbHjZ5iQKpWnE8sc4bisz7MZba8Sgg2YBfvjHDD_TQ_urqiF7XNAiqtIT0ei50Xn_IYaov6EQlriRx9G0AmNjyczD2cibiWBRcsFrvg2CexfpjNVNcpWQFKjQhLd9Bao0BAtV_fiI4uYCEfTvtxFhOFZLA9bgKXidr7eEMGdQtBXI-EO5pTvObOXAQY_uvzeq9wzXIso0RtPSa7_j6NhD657NLGqqUKTVeCH1y-BU3PjwY_Opv4kzauyyn4z-OkjPS_CYj0tVhpKBiJ7xKQ0QVbg8FUMfbzDIc4v7U5fLBWpAC1AWJQqGBne0M0XaIJp6gM5HT56-pTW1Al-dayItEOrwlmvms2xPbBsukbM86tn0wc57i1Dlm3Jz5hlVsXyebW9UW6RjEDmaVXqIIijAvCu97nLDIOyFHn62ECOUhjvvChhYvoDkZOe6M28uVWDSa8VvLU0m9xRG2zudNoFGAaPyFrHRl2UbNW2VOGyW2DsmIYIdPqKJehjP_LmCq8CRubuLyWxIUdHk0z-cumBNj4UFSmhcJKbPyA7MrIKlWJvvMMg8DAGZOJXcDBKnTpWQLnfFrxLBPtrp94YbL4wsq5BXWPxZFRfHwHmkd8-RY-r8P788XyC01lMJqaFno-fFXr3Ze6O5qC4rKPQJoXlZ2nwg4T36OmBzDYsMSKtHYI9YNQMiWHsmglm0aTpty2Pnx905vlkZRot9W3640pUeBrq-_nGbye_aCjGi--TMOjRUrzyAw0IvIKWA3yUmLsIjHYSG8hK5n5rSqCfto_ArI8sCKVA34p0dpqoqh4V0u6Uy_QRWn6yY8EicCGWg&cid=CAQSKQDUE5ymeeedSS-Lrz75dylGvwgi4XLOGr_57OYVJLCA6aw3XDr5L2VzGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=15278985849701646000&adk=2993637451&idt=107&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 19:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
58121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Feb 2023 19:54:08 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 7E94
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTDWsN6HibElqaHNqSftstJ3D-_pqJGksYeY1oi_il8BQUVynZsvMtu-Ix2nVA0epdTMMHwHDg0bKYEK6ubJGU3rh4OA&cry=1&dbm_d=AKAmf-CjqgwprFgpTrLjFM7DcQ0wp3fm5LGOZp_afEzBZjvKUA2_W6KM0fIZ5P8bLAqA0-KL5DZXPVV6Bp-Nw-A0rY-iAOiHwq7W88x93qX3rv1bOfL220pAJpQj8H4-WHt8fMCxhBvwuo4FzQj4IEqREiams4AQjDq5OKawFZYreOOfhFERgDnZNgl7lau-1N9QJOmUzmNoUIfAm6KBYYvS2jrRrI0-008XUefrlcc0X9se6JjklJyqJWA5ZvOMkft42hX1os9GUO_p0XRq95T40KOHnETMrbC8EAPj2BOO5QuK8mjyN55zgw6OlqURhH7AvRKsgbibk4thSvIKRBOz-cMk9oaGal-NlJYgNvA45mvSJsfE4uPQ2YUn2j66Yd3utHKcAF2v2reVpfMU2B6JLT8qN6FnlMkoN9jTgke01YrskDMOryWVlHHP7-FssdaNgX7gdrXnOT1Y0DqmldmtwE-KK9c9z0pKpL2xRK7ooxGcK6JlyYKxdXw9DE2sa_kjgIHA8US9yTIZmlaNyv_yUlEengyxRilKYzNjB5FTvMEf-8TZrAaGyFM9gsRtRK0hYenyT28QAAfOAEk5txGsS5STtP2qyWEJ4hEpRezCV16wfgVLnPiT_l86WfgRXsrtS3ii_VhrnlLPPJyz5DQovs0hWPU81mjOogjYgFCWQP7XlJUu4QT1oVjWkkMeYGRLLI29HQMrrA_rRtv9O3-FuwwTTHJBLFRYifAKCrbu4lRjQnFLQO4zDcMllicvECpRgSV8GL9XYvOOYSr5HmxAwTs0_XWsgdCQ1x4MB1TWtOsF45tmVItTAYYVPqW6rzNWpyoOvyCb8EDcYWoueE0B6BqTDvp--hLo3lAsshWd9xkoCk67BxrOKQiEvVBkt5m2JNoMuf-avMASrsryv03ScM9bARbiAZDCFHky5XEP9TnYlsjN3gnLaaNYFvR18YGfi7phU8_It8sGXLcqrXWkZFG1DXSm0PsIV5K0B4osxBgXuCktpuLBbqcxNPQ9kzuiDrLeF-3tQ9eRSVMP1Xo1rOAfozhLXSYAUhJlRXyXcklwfNvQrnwAef8-liv7F-R0vzd9GGQM4R-0hrUxu9yiGuXFFpu6c270kXF-2sEiY-kEhVU5pzVUumpxOK-1Wj_dfHO-Lp7AmVixOtZ_AADXR07czAKuydcEHfOgDqG2DGRMuC58dDbhANM13819xFkW5f25zTMml0iz4AGYi97Zetl3ID8pubEa6Di7Ej0q36ZsEVfx-MXzF1BSzoBGkw7tjRYt1-LF50P-6u8T_IRa62xu9tAIzFLbKxqhapXRFkyctiOKZYH9p_bzcfrNY7v2wIpzNM45dlH3zYOeMcqnhmoVyGDeTQcO8MClNF2cQ-ZhpE6IHYSGr8i2bG-RUpEdhLO_v8Wo1QpqOexKAExBdrIKoV5tcTrbEW3uvfPWUMXAF3ronGqDz02lG7Yh4ZDdVt8yEDlkzqcAV3hjN6yUG1RJgAbY7UqoZRnQC2qY4umjfJuIm0vfE1grTpglB-XgFh6K6y74KwbRCuk8aPzG1Sp7lxUNWid0cNOdi_mOjyZkE97REOQ6zYErurPNJ87Pr5azIJkw2dkfk6CYn3Y83gKYoUKr4NZUiFzQSe319c_vSNI-aOpOzxg2ofaXGcy3LCeU6tc-UIYedcR_dsQgm_eO8rh_EEvzypKgbBR87nRMX1lvxN2IdVbvFLuX3-WyjsE6YJJsXXNIxICu-90gxI-0U0c5KZZuoNScnFs97XmQHkFlVGB8iuRZ2Kr12fcxO8cQUlhHL5GLk-rHs-9n0b9pJsx_FGVqcYQ26Gylsi2nLj-edD-GNfe7xy3J6-oWQdcozB3_ynDed6beVjAh4YoR5H4FX0BxKVJtMq9E9h0P-2QvhO-xQ1RWj437HZTSQ7KfmKrsJ8iMnwgbksd3ypOCQZSoYJ3G3vqkjctlstBZzrFOGpWp-ZfS-2nGcr0oA6BAgmWGVmSQclynY1M2aFWIV51QToBJ1ZqbwOKpLnIVEuaWGvt-bk0108K_jJdB0mR7v4emymsZHcvlXVwwSs-saZPVJvEH3WHgrYx6sxdBi8zrAjd5cLMXwRr6z7_s1KMX7ZXFX7_pW6djbitijphvULx5b6JbxBMPXtdE4ii4JIpb54NRYkz2ZmiiQmtvxT-rpse2NAXIXX9Ch4SEeemIaQtrn-4ikRg13_gyGCgs8FSbpN3tT72DTAFFI2AAPlIf_Dt8pZ5t7vYIptWAxL1ufe17ndrDpxpPsxMwpwWHbDwJNPpbPjm14m0Qqc43J8aMJvUca8ihpJ6OqL5QhUNC-RWwu02PhsbHjZ5iQKpWnE8sc4bisz7MZba8Sgg2YBfvjHDD_TQ_urqiF7XNAiqtIT0ei50Xn_IYaov6EQlriRx9G0AmNjyczD2cibiWBRcsFrvg2CexfpjNVNcpWQFKjQhLd9Bao0BAtV_fiI4uYCEfTvtxFhOFZLA9bgKXidr7eEMGdQtBXI-EO5pTvObOXAQY_uvzeq9wzXIso0RtPSa7_j6NhD657NLGqqUKTVeCH1y-BU3PjwY_Opv4kzauyyn4z-OkjPS_CYj0tVhpKBiJ7xKQ0QVbg8FUMfbzDIc4v7U5fLBWpAC1AWJQqGBne0M0XaIJp6gM5HT56-pTW1Al-dayItEOrwlmvms2xPbBsukbM86tn0wc57i1Dlm3Jz5hlVsXyebW9UW6RjEDmaVXqIIijAvCu97nLDIOyFHn62ECOUhjvvChhYvoDkZOe6M28uVWDSa8VvLU0m9xRG2zudNoFGAaPyFrHRl2UbNW2VOGyW2DsmIYIdPqKJehjP_LmCq8CRubuLyWxIUdHk0z-cumBNj4UFSmhcJKbPyA7MrIKlWJvvMMg8DAGZOJXcDBKnTpWQLnfFrxLBPtrp94YbL4wsq5BXWPxZFRfHwHmkd8-RY-r8P788XyC01lMJqaFno-fFXr3Ze6O5qC4rKPQJoXlZ2nwg4T36OmBzDYsMSKtHYI9YNQMiWHsmglm0aTpty2Pnx905vlkZRot9W3640pUeBrq-_nGbye_aCjGi--TMOjRUrzyAw0IvIKWA3yUmLsIjHYSG8hK5n5rSqCfto_ArI8sCKVA34p0dpqoqh4V0u6Uy_QRWn6yY8EicCGWg&cid=CAQSKQDUE5ymeeedSS-Lrz75dylGvwgi4XLOGr_57OYVJLCA6aw3XDr5L2VzGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=15278985849701646000&adk=2993637451&idt=107&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 19:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
58121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10940
x-xss-protection
0
server
cafe
etag
260008737171085554
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Feb 2023 19:54:08 GMT
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame 6FF1
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 12:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
258563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 12:13:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A714
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrJ8MstWj29g2Lo9cfjXGz0tWo4ZZvVh0QLBK8QpOkrSa91wKsjJoeFfUgL2lE0psCRDXW7MxVTru7tQvdvAe6Bi1d1vqlHCLZHEbF6aMJsYFCC8Lasl76gR22FwMh2FsDkNwh8A&sai=AMfl-YRukFjt6GjxBGGZ01pHKpwldO1j6YlB1zO-otilPqOdLr0nOfzUMDmKbIfd1BzA-7e6b_wikfUoPGKB&sig=Cg0ArKJSzEjtKOoZ8G_7EAE&cid=CAQSGwDUE5ymTEYERk4X1LawU2pI3WAfPJa8X02mqBgB&id=lidar2&mcvt=1016&p=0,0,90,728&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675684967638&rpt=1224&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7E94
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 10:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 10:24:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2F86
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
20926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 06:14:03 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 06:14:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 7044
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=3169183860831099&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p-aj-pl-prog_display-prospecting-great_service-industry-2022-w26-Polish-120x240-637910741498433108-768eb54c-d986-4d12-80b8-f8b4a2dc8393.html
s0.2mdn.net/sadbundle/16720323297882931200/ Frame 6677
4 KB
1 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/16720323297882931200/p-aj-pl-prog_display-prospecting-great_service-industry-2022-w26-Polish-120x240-637910741498433108-768eb54c-d986-4d12-80b8-f8b4a2dc8393.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
970760d10a35e0bb7b43241f4fd83d0fed73167952d285909a076054b7d44031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
353877
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1427
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 09:44:52 GMT
expires
Fri, 02 Feb 2024 09:44:52 GMT
last-modified
Fri, 17 Jun 2022 14:49:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7E94
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuEeTehZ9JTFY1Z6dHDmjVHm-PIIGChj_S2KdVXPnJR64sQPN_NpwutzIs0ZMqX4S_NDvzhdRwdEO7aF12jcg_2bfIz2ZNx6THka3F0tzkWQk9Ccp00HRSPy38_iLJeC08b2C4pOlcT4c78KJcYJfH683RzyYIulcKkFBVma-yd2S6JkkNXKTF7UacxeE4ByPrE0N-vvCNQXP4J1Vz9coJZ6HgDUbbYk1-WQ1_O6NFNqbx6YQFr1ww7zwSWzRaucizBnZKE1hV9H0jX-NiX0PyFXp7_sWR47CbJT277DLG7cvktUtEL0oqdcv5m4JlLsX8E1bev9nmMpn9IfQbGZvI3PxYJJqlxtJIrGuNmVMp9Lr0Pff1sqyajWEz8MU816VO1GvpuMYK_LS1IAPhtFlEF0z3ULSB-LqduA-SZ4gPfrsBuxhpGdkln6QoL4THPGiiEGbKVUtjUq9L7MwRedc0VIrlXVunsUphc5L_4McViZ0JuP6j4V32gfbMz9JGa0fXzXbomsKD9SvaWQU-dJyvoC3DKPumLDNWT_vLG6my6DF_59toibL_XHMhknqMEhkVj12js2ZL7_ZKwra0xN249VfxrCjWkEq--ElTgKhKUXGSmX7WwhjcwzEJQybACv8vhH9yv0t2-Pw1nMv255fBDTyWyEn3UhDu0BGCgktQBD_-n8eDlLB_oOI4sfjzuGrDsGaxZOaFrONADwbJkwcS3ljOmiyVRYXT2I1K9TKE_KcnXJ7AkSLXIdOBe9DeEeQaNiQV6PcC2uBOrOXeOknq_jadNMIhLVJnPah3yGi6sLfaBAF4Q6UeBiRiO-4xufK7eQ785Pj7TAav4wjG4MxtKmX0y0t45G8e2N1oDw2R8yDPMXRqUoZgHBfHGnzz38CGwaDSdU4yecMLIk2pUOxlB8_0w6xxU33OCp79yhqQYmN4gukp-1ehr3-xU2YkUHOjiSbEE3dhaMJaybByJ4GsIkJpKKU-goo4VWb1kjlupvaPuD1WuONzOuG0sF3kWOCSWqtz0-IgUbHUGZw_k_wgN3V9NmD8tT853MIAFtNWr1xzbBcpE1k8wtnoc4XHVHXbxH_yd3Ggcs-ci9UmKiy6ijAMOGeBnKQSiVf4hzUYnDp-MVSnrsdTdxne-bBoZHB3-fxCjugb7dHl6iuhvmneuJp4j2kOG_P_7IeVNzA_Cozh2EsioCAa1f3OSn2MadJ4HQwoOa_aLXAD7yBIKASJ7u8kB7rB&sai=AMfl-YQWWsGVGa3bBXJN0Kbe1KwRWolnrpwJwj7SWd0-hno0FBEhQ_os4LvAkED-r0FXyL7npmp3RUgZjoRodSDw_PvwLYQzRiWdEyXPLthL9wilSqazgDWO7HW9LvCHVYHav_E43OMzE_h4qkbmjeh1ZDU5MMqXMKYfl7ZaVapmG6JafWR4u_M8YNxlz5p5qnxPyl0B5c627WVX&sig=Cg0ArKJSzJqtd4Ogh11WEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=129&cbvp=1&cstd=127&cisv=r20230201.33776&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Feb 2023 12:02:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Feb 2023 12:02:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A671
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQGZR36ffudWyJYM8cTCcuKqGBipzcX0KYH0Iyro_FiXQiCK1_ntJCf6Wni84WewfMSpZHiAKz-sucwgo14lrae-1mhNDY6gTcmpx_7opw2VxK4Alz7qeSOi4ixlgEe7JzIxvji5zwriE8ptuR1hOUv_XPj_nYYK1hJ3xhz8rMl-m9c4K2jRQqIJquJnsz6CPAMoMmH5p9BZgycOl3vY_xiIQdSjQtoZX8rcjZGOs61CBjByp10PV9t19Voey50Cq-PDwQUbkCLP0z4e72mGiz7IeK56ns5nJf_nf5IDzRC8WNs5J3nR0ix42-djicZfnHeYx8HC_hKpuPbloge3zjFZZaM74P-S-oAEC1qxsB-qB7wScm_6Pac8S1UPOUhfPyIetj5FhxxHsNeftqb2Ie9quYIDUk62mLmM1r5nqJiELA3wL6eCPRLkg3gizS6wOrkimkZgjU7MhxgFbl7UodotsjNIkszwnzWin51FELwQJQiVWuVqsEqviCB_k5qRid0FdMSXcAmA_QSRH7wZzHUU1zyxmcJnZMaoQ7B-9K3UOZ8Q-6EftMIzrTFmla1HapmxByWpVzHsamULvG_x-3XZWKAEK439hR6ID210Dm8ZhjuEMx0ZvZB2xYu7ekoUsmdyqvkmxYQ_cs5PBywR2kB_b1SCG_XYfhoD4OmMHJ8E2rtjeCLXY2fwNIzOoNAeSF4h8EzDsjcLhhDspU2mGX36NjX0qe3z7p-BWl3gxTrL57xpxjQRewsfandxGhvJIc1xImlLxTWcOwN5eylBmQPDgACEKbqVTHsvcmXTZBWE9PXqbApo2Rpdno-c-oGZSwWT7n8CRDNNW-7AhYpmSusbhlezZj26460KlXKNXF1tcg6cjdSvxkmughpjnoaX0L4lBY0U3CV2EWrwXjuCKaprkcKZgbslbt9PDUbldp3t3lCA_6MKj9pwA5I0_cZfErm_RQLw7PmA0AAD5cA3QDuxtl9_5nbmOrav3a_y8VNrTdNIZ93_T3cbxP3KlvL0B08bK_sJrnwwJzBEZW2ZKCWPsTutuqFEnUTfPza2yoPx5iRUR93cbNxFj4IaPf10oAIbL_sQW6QfiLgmxBoFJ3L1savtz_7V9a_ydqR3GknpFFWHHFHsWSokYSQiFa8QL0_LfWVba00xfFtCfYDxQYGVkPSe0jvPH-2bU4hJNM1OY-7Yb4EN3nOfpvLAdgGxN8lzSf3X_KWxXEkL_LFuA1ltMuQCIw&sai=AMfl-YQpbOtmuYH_Vea7XszSkZb1Pc5_-52RM9h5UZtVUcMthY_d9sGsI-jFRMdhTrZpGpb3zpLLDXtDfSJ7cc75YwIoS5oRAgr3PX5yhm_n6Mi0qI3YVLnFS2VOBSLUX8CzwEDcNerUj6J-WgpA9IK5oz-8DQqH7gJcqNTd4paA-j5U3omP8lCNU7Ll6-RsFJNcag-3O6PFU5ag&sig=Cg0ArKJSzP2BTpTqkvliEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=373&vt=11&dtpt=187&dett=3&cstd=182&cisv=r20230201.18063&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Feb 2023 12:02:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 70E6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJK2OFVEOIBQMxPpmvOokpP_23O1FnG2vJUOUyPZ4uqjyvJRLkQzW0IRvRAhG2B6Vo-fXW6PpYhAylY8OTwQu_WVLKaPdkvHn0UolhtAsHntEXDw-GXJaOf7km4fwdMJ59fK-kFnPz8iQSAfX8Kg803f9bM2SR1fxN9ZalBkSWvd8z6cP0OeU_adfYDP7K7g-eCehFvXlmLrIkS7uE_ajFWwJnVAKRai3Wei4ft0f15nVYAnloH91NuXg8mskhERCv-13vFYXprmQpj_AtSb_xeCa3KfixGvIeOl6OaiRNlWGmJhxtn-19IZx2hwDhoKR_o5pIdQE9uxc9aXiVM2ilu2WTeFrMxB0dOSE&sai=AMfl-YRjYpZyggPd3UZdasLIoSs0Tgk_ZblYbXbpUs9HelOQyvXNtpyHN1H_JN2MM5RNxXgNH8oKmqYlgSHbfKo&sig=Cg0ArKJSzGM0mhYPTTeQEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Feb 2023 12:02:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 70E6
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
4ee96d9fe23d20661ddee664329c384bcab263b74e6d1fe7a0860b3328e956bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11328
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B5C7
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
220263
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 22:51:47 GMT
expires
Sat, 03 Feb 2024 22:51:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2F86
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA_oWbikCcPRJdFR1l2wPjY&google_cver=1&google_push=Aa02lx_taXyYzpMsgtbC4p0TouIuizZeOD0bna8rFXlEqu2KU-7Gwa6D-PyBzDMhS_0hi4UKb5Jv9bSsAvkv2NtCyNozvnp79eYb
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU4MTY4Njk0MjUyNDc3MDU1Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA_oWbikCcPRJdFR1l2wPjY&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA_oWbikCcPRJdFR1l2wPjY&google_cver=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 06 Feb 2023 12:02:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA_oWbikCcPRJdFR1l2wPjY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 2F86
35 B
462 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEvmzR7ZabPalTHUmIsONpA&google_cver=1&google_push=Aa02lx9LywRjxRzTaFJTE_2F6ugRbkGpoJo-rvdOOP-gVNODxjeCI-WIeSkKz-4yD_0KxDjPPNh1ww61dc69fNvPSJoIZ3otCytX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 2F86
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHTeI5w7enGmcdlCLi37iLI&google_cver=1&google_push=Aa02lx8dqU6T1vLF_jLqOk5Wva8KCSZhGXCDNFjjoASYyCqqMhh6Ifcwzm1WYkymoJ9fnzQuL7Rmgg-97ZhZx-FWSufflkByMtQh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams01-nessy-float1.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2F86
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECC3-t_w61deUzcu-g1gb4c&google_cver=1&google_push=Aa02lx-JBnvVCEEXF-EIkRiAT4EQ2waRxfBoM_hN6kRnObWLvFZnoBJpoViVFMkXloj9vMfk6UqZcJAp_jKFIrw2gHDHxVybTSo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 2F86
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8WHOeChnPPf3HqagGsyOdr_03_DVNcTQWnSItuhxwbKSB8AdDNcjLh8CeWnpgzIaMR5_7_1iVyeGuzg1LsjlhMfVhA4FnA&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-bab71406-4083-48c7-afa3-8894f62d376d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8WHOeChnPPf3HqagGsy...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8WHOeChnPPf3HqagGsyOdr_03_DVNcTQWnSItuhxwbKSB8AdDNcjLh8CeWnpgzIaMR5_7_1iVyeGuzg1LsjlhMfVhA4FnA&google_hm=A7q3FAZAg0jHr6OIlPYtN20
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8WHOeChnPPf3HqagGsyOdr_03_DVNcTQWnSItuhxwbKSB8AdDNcjLh8CeWnpgzIaMR5_7_1iVyeGuzg1LsjlhMfVhA4FnA&google_hm=A7q3FAZAg0jHr6OIlPYtN20
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8WHOeChnPPf3HqagGsyOdr_03_DVNcTQWnSItuhxwbKSB8AdDNcjLh8CeWnpgzIaMR5_7_1iVyeGuzg1LsjlhMfVhA4FnA&google_hm=A7q3FAZAg0jHr6OIlPYtN20
date
Mon, 06 Feb 2023 12:02:50 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXbab71406408348c7afa38894f62d376d003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 2F86
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELnkoUPeNWAJqeJT5H9sAd8&google_cver=1&google_push=Aa02lx-IHR7ejMu3JiF-GNr-bJacf1agzvlETGY1MNiwxsA3TGCFtvMsQW6AN3QmfvWXugiPSm...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fOFR4NmoxRTJ1SFhaVXNFcVQ4MEI5NWhrb0w1Ty43SX5B&google_push=Aa02lx-IHR7ejMu3JiF-GNr-bJacf1agzvlETGY1MNiwxsA3TGCFtvMsQ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fOFR4NmoxRTJ1SFhaVXNFcVQ4MEI5NWhrb0w1Ty43SX5B&google_push=Aa02lx-IHR7ejMu3JiF-GNr-bJacf1agzvlETGY1MNiwxsA3TGCFtvMsQW6AN3QmfvWXugiPSm-BIE6tKtwDrT9xnTSdjKlsZask
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fOFR4NmoxRTJ1SFhaVXNFcVQ4MEI5NWhrb0w1Ty43SX5B&google_push=Aa02lx-IHR7ejMu3JiF-GNr-bJacf1agzvlETGY1MNiwxsA3TGCFtvMsQW6AN3QmfvWXugiPSm-BIE6tKtwDrT9xnTSdjKlsZask
date
Mon, 06 Feb 2023 12:02:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 2F86
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKS30Ozm6hGb8M3rpNEe5l4&google_cver=1&google_push=Aa02lx_0NjxQwQFE_...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODQ0OTUzMjQ5NDQxOTg4MDM4Ng%3D%3D&google_gid=CAESEKS30Ozm6hGb8M3rpNEe5l4&google_cver=1&google_push=Aa02lx_0NjxQwQFE_b6wk11un3J_AArAy3...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODQ0OTUzMjQ5NDQxOTg4MDM4Ng%3D%3D&google_gid=CAESEKS30Ozm6hGb8M3rpNEe5l4&google_cver=1&google_push=Aa02lx_0NjxQwQFE_b6wk11un3J_AArAy3TPDnW7ZuiKCVwM1tHfWjTY6eWtbUqpFB98xG0zUQnsJRNppuS20Ei6aHSZhB9lFgpJsQ
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 06 Feb 2023 12:02:50 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
176.67.86.63; 176.67.86.63; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
68d949da-100b-4b66-b0ce-a31b19a4bd8a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODQ0OTUzMjQ5NDQxOTg4MDM4Ng%3D%3D&google_gid=CAESEKS30Ozm6hGb8M3rpNEe5l4&google_cver=1&google_push=Aa02lx_0NjxQwQFE_b6wk11un3J_AArAy3TPDnW7ZuiKCVwM1tHfWjTY6eWtbUqpFB98xG0zUQnsJRNppuS20Ei6aHSZhB9lFgpJsQ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2F86
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6KRN17YRKAeRLNEhcj24mXJ8rILPgh0patm-PVyZyqJw1N6LUUsx9R7Hg_bRRCU3RSMJbLmM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=2913260814&adf=816031632&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675684968698&bpp=14&bdt=376&idt=290&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&is_amp=1&correlator=1988&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3506798290&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071812%2C31071948&oid=2&pvsid=1647929270854148&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.81sjf2va9qqf&fsb=1&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 7E94
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuEeTehZ9JTFY1Z6dHDmjVHm-PIIGChj_S2KdVXPnJR64sQPN_NpwutzIs0ZMqX4S_NDvzhdRwdEO7aF12jcg_2bfIz2ZNx6THka3F0tzkWQk9Ccp00HRSPy38_iLJeC08b2C4pOlcT4c78KJcYJfH683RzyYIulcKkFBVma-yd2S6JkkNXKTF7UacxeE4ByPrE0N-vvCNQXP4J1Vz9coJZ6HgDUbbYk1-WQ1_O6NFNqbx6YQFr1ww7zwSWzRaucizBnZKE1hV9H0jX-NiX0PyFXp7_sWR47CbJT277DLG7cvktUtEL0oqdcv5m4JlLsX8E1bev9nmMpn9IfQbGZvI3PxYJJqlxtJIrGuNmVMp9Lr0Pff1sqyajWEz8MU816VO1GvpuMYK_LS1IAPhtFlEF0z3ULSB-LqduA-SZ4gPfrsBuxhpGdkln6QoL4THPGiiEGbKVUtjUq9L7MwRedc0VIrlXVunsUphc5L_4McViZ0JuP6j4V32gfbMz9JGa0fXzXbomsKD9SvaWQU-dJyvoC3DKPumLDNWT_vLG6my6DF_59toibL_XHMhknqMEhkVj12js2ZL7_ZKwra0xN249VfxrCjWkEq--ElTgKhKUXGSmX7WwhjcwzEJQybACv8vhH9yv0t2-Pw1nMv255fBDTyWyEn3UhDu0BGCgktQBD_-n8eDlLB_oOI4sfjzuGrDsGaxZOaFrONADwbJkwcS3ljOmiyVRYXT2I1K9TKE_KcnXJ7AkSLXIdOBe9DeEeQaNiQV6PcC2uBOrOXeOknq_jadNMIhLVJnPah3yGi6sLfaBAF4Q6UeBiRiO-4xufK7eQ785Pj7TAav4wjG4MxtKmX0y0t45G8e2N1oDw2R8yDPMXRqUoZgHBfHGnzz38CGwaDSdU4yecMLIk2pUOxlB8_0w6xxU33OCp79yhqQYmN4gukp-1ehr3-xU2YkUHOjiSbEE3dhaMJaybByJ4GsIkJpKKU-goo4VWb1kjlupvaPuD1WuONzOuG0sF3kWOCSWqtz0-IgUbHUGZw_k_wgN3V9NmD8tT853MIAFtNWr1xzbBcpE1k8wtnoc4XHVHXbxH_yd3Ggcs-ci9UmKiy6ijAMOGeBnKQSiVf4hzUYnDp-MVSnrsdTdxne-bBoZHB3-fxCjugb7dHl6iuhvmneuJp4j2kOG_P_7IeVNzA_Cozh2EsioCAa1f3OSn2MadJ4HQwoOa_aLXAD7yBIKASJ7u8kB7rB&sai=AMfl-YQWWsGVGa3bBXJN0Kbe1KwRWolnrpwJwj7SWd0-hno0FBEhQ_os4LvAkED-r0FXyL7npmp3RUgZjoRodSDw_PvwLYQzRiWdEyXPLthL9wilSqazgDWO7HW9LvCHVYHav_E43OMzE_h4qkbmjeh1ZDU5MMqXMKYfl7ZaVapmG6JafWR4u_M8YNxlz5p5qnxPyl0B5c627WVX&sig=Cg0ArKJSzJqtd4Ogh11WEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&vt=11&dtpt=77&dett=3&cstd=127&cisv=r20230201.33776&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/gengyirenouzhuiruaihelianshanghuanzhuangwawariyu-futianjinyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Feb 2023 12:02:50 GMT
62ac941e1de427dc32054f54
c.bannerflow.net/a/ Frame EF74
67 KB
23 KB
Script
General
Full URL
https://c.bannerflow.net/a/62ac941e1de427dc32054f54?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss7h5F8tQj6pFhjkVI47WN9WCEJZinP2-y8SFC0zfLO4q7hcYgGbgQcpPwfkn_V804OoATtfIGnS7_LmWkFKQjuzykKk3uAITttWkEmUohSSTqKFJsqCOeyDHBtRLB9AjWwYIrj6wmAp3ddcVY-5VDDDJdEm8wG3b9d0Oa0aViHo7PY7BgEkAAKQaDCQm7BQMN-GEumjboSMIgTkV4qjThtYVQS_rH7Sn1FK_8IcAYojcdPhg1dzgEDOXrvxLGIVegRJy7TrR7GcGpOKFLxdoR_QS0wrjBYOtd6x2vO8AZE604lf8OUTf3Gqmg1mlyDR2djO6Z0gsltdMKrispfC9huIvNe5XKg9iCTnjtoDScvZCfYarViD8ieGkxPvQ5wWZNXJlbwrN42d9hHMuGLpIfL8v6it9mxbjecvm383YIZloZKofQCy0pCytjuERjDiCYM-CBkjLxYIb51fCcEj1p3haITxMK9mP-LblMHupVVA-3UYySdLn2zCCFs-K0EDQvPBIn0a5mLchvAT_4cnMK7Qpx_ktlHop7lOxwI_9t2AIL-ajnaUgCIWMoM7p7lco1GfyUzbDsEC9LAOJvMyY7e2k01F4tGmfJPOzQOuwCWt83hD957DCDP4b9NTEXJEbIOvOBAU4HSN1v3bAb3KW8eFVRe-Uf6OTsbsp1p7MYxMP_6gRAapynkoGIUObbR3PZ-hBzYQ1AkzjlYehydIcm0AjLE9Gab61ZgcKekFpQTheJ7_uabS9SFdBNVBsnQ0CmeVIv3spjj8jaFZzUoeX1hcG8AJlm8PqP_OER_W5TKARbDspE5ncyTsoFCT845YqCS-WiD7ch1oIidE8kXZ2DIgbuP1BHgFMXpF2hLMGGWR_cdmnlS7KIv855m7FpJtCdordusWoFdecUt-FC48qkcgwQ4xeWlhm8MlZMSlWWn_bjFdOgvz8KgrzCZnuA6Desfw7mIpmZH3iUub4-Bpu64TNRZTraX6V2_k6Y40Fcy5Y4-lHB883440aGt7r-B71XPLd8kjY6_jYww6sP-SStOXf_zLUHBurcTwEkobnUZmUV2gFoZ_yCYyJ0xgsyzytZpx8s02R1JvHG8wOV-TkdiAw3-kI0D1eC_Cv95UfsGy1upEHLYAiEJnDiafThIKMn3OvRlatYA0AvAPEDOtJAxXQPdYXxFg0fdgbROlyWHBsnGC3EZEDGAj51jWo-HQFXFJEYXVzgajI4m6ZUy%26sai%3DAMfl-YQFo8kvIVkIYJZBkaAyiS4yhj4vZAHjwD1Ep0wVa8j0Sa0ZuWM-xEa9nEqD4WrA4H-jJJnQymZGCbrvqiq4dPLHauTuvkjJoLaKgiBwzhePvagGlbr8L0hnZ3ra2SUvQOy24pdyB_kuRhsQQweAVtIiZDYh0zshiqq0maHkAhgprVnTragVKBnCFcCSfFGVtMPERq4mBZAa8tBn_24W07U%26sig%3DCg0ArKJSzFnAxVbGkbE9EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-warsztatowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-industry-2022-w26%2526utm_content%253Dgreat_service-prospecting-industry-html5-00-120x240%2526dclid%253D%2525edclid!
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16720323297882931200/p-aj-pl-prog_display-prospecting-great_service-industry-2022-w26-Polish-120x240-637910741498433108-768eb54c-d986-4d12-80b8-f8b4a2dc8393.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808a2f230c23eb54856e25187e61603f56b8ff631a05c7d47b9c7d58df0aec21

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
date
Mon, 06 Feb 2023 12:02:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7953bd373ad35019-WAW
content-type
application/javascript
generate_204
tpc.googlesyndication.com/ Frame 6FF1
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?YQPBZw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
62ac941e1de427dc32054f54
c.bannerflow.net/a/ Frame 6677
67 KB
23 KB
Script
General
Full URL
https://c.bannerflow.net/a/62ac941e1de427dc32054f54?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvsKyu24MamJzllkZIfa0SoYBnF-oOSZHEob3DoaR85WphfonAFMktE-sUSLj1slfISnzG84uiTPHCQEJL2aVk46BcBlGASiKRn00Qiz8hs5gkgXvthPQAJnBrhd1PLxjZ6JWWlZ7imZeNUEyMqWdlVn1_5FosQsSCOXThzD2-8jYmkd4AAyWRhAQKUa7JwZXulT33q2NltX3NC2RqwPRfITf9_o698V0vNQiwrlMFNeMvPrumLV8R30QjtMUOgRaG0-xTX_wd3yFWcnnRnCxkaTKtihHfYUiRV1muB8h9nH82wqO47U4CgQSfvDL2Vm0_JjdvK76vaSVPN8r68bXcWHWwISx1IIGFH9UIa8hmRbvWBjQUP6xf3wxDQsW2kUjmhm4iOpeuMy671HfokTJbI1fGGyXgsac2rxB-ULxCD9nFaIurOwOt6gAi3ZTi-mQ7S3aI0Uccmbv_6BdJVKmfWAw6N8stj9ubcW3aZIYkPjdZjhRHN6lEI31ZG1JD8y8AF4moAly4DL3nbV3TYPqrBvw8kdtYoTUjthZyA1dM977F8Wl7hM05XQZZvhh5KqxwPSUCJWGuOlpagy6pHaMS8_G0-PhVyFRbaHZ8XGt55kxXjUF8BuDBVUPXJ_w06lRb17G-xQhmbrYStwVt0ouWKXckDrcF2ymrP-_WOhN2yfSFa9YSch_pLVVD_UQdwQXlyvYsJDXa56_0MIpyp-KqsND17QoN6azQ0EI-fMd_kkuDT6Daq6bkwbjynuCSdsdwTKcPxJH-Y-O01xj61liM9_nJRYuI1Ls7dbSufDkQEBzNOTee11oA-pdxUo_GdtNF9ALbCHJiUV8pT9tCnAx_ZLQT5MTTm0Z3eSWb978jjb7-ULbo6BubcWnoTk0WSO2F2I2SvlHwQICFpskn2INV45zk24-p9fowrnTKJVMhfRmL8afvMkB0OYgF8HoF1iyeG8rwnHX0MDMuoCW7rgbE4Mb31YSpBGVG3SvljW_Y8PLOaVX_dNB9VnR-YqdLrYasmPGej_3pvAIVq1TMRrq95itm7BgBaKtcVWyhIU5rU4LkJPFm3Ci2lsNpSK_x4YO9gjvzRutPnVICFijSwXO8BlAfV4MsrBSEuFGc7yNz869EhAOFmyWm-uiGzcY9t48yt4wZSYbS1P8FDhlxQXEbxM4u3epyxMPHAUiyq9RMx68qD8nLfP9HJIR0gGkpLcBS18YVDMDS6k60s6i7D%26sai%3DAMfl-YSjYfqoFHLOmXxyhrRbgwDYO4H40NVx7ALYEuPDILMWqwp8GdBb2lf2knDdIpVeDwDC_TCbOcPSwoxXFlstAABqneB9K6YyaESq2t1jj_xEGzif47S2nLLW47R-nBxs5F9A7mhutDyRT24bPZeKTta8RBEZ5rPoGGa3yOXH1jAr6W8NXNwBKtrWhSvVkGCCmKvrK35aGnX9JmGiL5A6gGI%26sig%3DCg0ArKJSzJyOylmBI053EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-warsztatowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-industry-2022-w26%2526utm_content%253Dgreat_service-prospecting-industry-html5-00-120x240%2526dclid%253D%2525edclid!
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16720323297882931200/p-aj-pl-prog_display-prospecting-great_service-industry-2022-w26-Polish-120x240-637910741498433108-768eb54c-d986-4d12-80b8-f8b4a2dc8393.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808a2f230c23eb54856e25187e61603f56b8ff631a05c7d47b9c7d58df0aec21

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
date
Mon, 06 Feb 2023 12:02:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7953bd373ad45019-WAW
content-type
application/javascript
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 70E6
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Feb 2023 12:02:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3D6C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAJIIrBaUG296VFMdlVDkLknlbvTbPU-QZmg-1KO9X9906YEujqSMWCePOkasipWGNnQgOQd2XXFLtJUSEnsxolrVZVEtZmn8sZ9d1KQIQbVl7DNCjPU-Rnk4ufa9JeHQKoDbe9olsKbSKwa4mossdaD1rHVJvlG27sjHg8eFtkJwngrbmraEbaPdqt7wesLbYR_yXYionfIsC3yRCaJe4CPPjJhC13YXy_c9kpenFhT0_7IDvGs7bvodrsHtB_cOx_jeaPtCqQQkyV0R39ZjfVaVl6acmUgMlct8GpxTsAwJBI5skquGo96Tw3xxYgxUyK1_5duQN2YXurIuObfcItOrtNIMhew8bQdo&sai=AMfl-YTScRyNY6rjHC-1Hlo81Axu-hp9AUTvKaZt1q8u1cGg4rYA-pP-arba-_Rs2pBnWSMLrUPng9RU72qh8bY&sig=Cg0ArKJSzAIRWhkaUtWCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Feb 2023 12:02:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3D6C
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
f7426344f747b36ab44695a28b07cd611a27b5082744b612c9d25a3cb26c5376
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11383
x-xss-protection
0
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame B5C7
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 12:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
258564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 12:13:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8504
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4ZmLaezgY97YINOA9u8P1MqguA8AAAAAOAHgBAI&bg=!MjGlMXXNAAaq5O5FiuQ7ACkAdvg8WntFclXRVyv9wA40jZ2OyhfJ3WPUDS52lkNOb3GYfbUJ8PocNgIAAAD_UgAAAAJoAQeZAzUCM05tVQiWmbFsnmtncNcpavwE3h-zc59jN9DhRMGbMeLIookAtH-zxYlO92i2Ffgm8kmNucV34sa2uP19JMOi-Nmebd4snStIdNmOSG3tyXTl_Ee7jT8PMvThzi_QfJfPJ-hdcJ5EsSI6fmAluVR9CPh4D7_uLw17kiXyfIEKJ_RbYymzpbMgAfNNQGQVvAWEo46ig-_59fDNfAyk6rmVIRivYkBV-AZsns1qm4FGTuGZtlLxY0D9mBR2W82PbKhoO99oKymT5UW95heDRz3O3R0hEO7jXBGqavIxZDyz6Q78QX3s-QQ9ImS9okLiIWOgyOQD5qt4BEQb5ip4z20CVQnKsV8B3CvTeckOoQzO8oVyobCtfPbgg3rFEZQyf1P_7yuA_51hkcgtwVAyEFpCW4SYOAKUemtYNopoTCFxrH9RW47NAk-b2tZUGEXnvUk4gX38f20MgtuA2n-EK5ftHVYNOAf4Z1Jgtb5W1ZalTHvgrgGGPARq7snVOF7pzp9LjGFqIOSfCVpCECqsT2pNVioWY0as6Vw4B4s6X9Ijv92AycW8rw56GNM60FESSFLdkdBRnA30ZLzAhcZWoIPIRBpFnrFGgLgkeu7zUfDgvHvOPXtAEjY0O8jgM0bFFz6HKrnCy-O5LEpiUFNOzkWtw0X_8dCIjlcz2w6CmNpJMwmaiNK0dzVptjFuNg92zBmq5A6ptmr6cycksvlVecBY0lTQ2MHARmouDpA5lzKAwOqak3sViCRgbYfbSg7ynP03G2b40Dp1-9XN51W3unsj9qMpPEO-130uS9cn-WFcwG7nZJ-PAuxMP9rzgG6ok-BxVrOuN7PUuJZpVHOfn6yEd6MR_EtU_V_1y4TSO9NCJ_vChSRlrAsWR5SVDk_Q35jLHejqn7lCqUUZU3EEhDolgSMOOb9l5TO-FkvF_enAf6cKA94QpR7AdeDoVb4KHreTc0_zXhUd5NXexKDhEpc48DjL5Uh4hA96X1NazHxlSDF1Rpu598qmBEbRxEiAnO3DHWYbqt08K2EuEJ10EzuZjKkzAlVznYtxLnIxIuqud--MH2K8KfMbJx061I7aKpHiEb6QgQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
document.e04860d31c.js
c.bannerflow.net/accounts/aj-produkter/55f6c9c5163b58e2a8681ac3/published/2434185/2774378/ Frame 6677
9 KB
3 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/aj-produkter/55f6c9c5163b58e2a8681ac3/published/2434185/2774378/document.e04860d31c.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62ac941e1de427dc32054f54?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvsKyu24MamJzllkZIfa0SoYBnF-oOSZHEob3DoaR85WphfonAFMktE-sUSLj1slfISnzG84uiTPHCQEJL2aVk46BcBlGASiKRn00Qiz8hs5gkgXvthPQAJnBrhd1PLxjZ6JWWlZ7imZeNUEyMqWdlVn1_5FosQsSCOXThzD2-8jYmkd4AAyWRhAQKUa7JwZXulT33q2NltX3NC2RqwPRfITf9_o698V0vNQiwrlMFNeMvPrumLV8R30QjtMUOgRaG0-xTX_wd3yFWcnnRnCxkaTKtihHfYUiRV1muB8h9nH82wqO47U4CgQSfvDL2Vm0_JjdvK76vaSVPN8r68bXcWHWwISx1IIGFH9UIa8hmRbvWBjQUP6xf3wxDQsW2kUjmhm4iOpeuMy671HfokTJbI1fGGyXgsac2rxB-ULxCD9nFaIurOwOt6gAi3ZTi-mQ7S3aI0Uccmbv_6BdJVKmfWAw6N8stj9ubcW3aZIYkPjdZjhRHN6lEI31ZG1JD8y8AF4moAly4DL3nbV3TYPqrBvw8kdtYoTUjthZyA1dM977F8Wl7hM05XQZZvhh5KqxwPSUCJWGuOlpagy6pHaMS8_G0-PhVyFRbaHZ8XGt55kxXjUF8BuDBVUPXJ_w06lRb17G-xQhmbrYStwVt0ouWKXckDrcF2ymrP-_WOhN2yfSFa9YSch_pLVVD_UQdwQXlyvYsJDXa56_0MIpyp-KqsND17QoN6azQ0EI-fMd_kkuDT6Daq6bkwbjynuCSdsdwTKcPxJH-Y-O01xj61liM9_nJRYuI1Ls7dbSufDkQEBzNOTee11oA-pdxUo_GdtNF9ALbCHJiUV8pT9tCnAx_ZLQT5MTTm0Z3eSWb978jjb7-ULbo6BubcWnoTk0WSO2F2I2SvlHwQICFpskn2INV45zk24-p9fowrnTKJVMhfRmL8afvMkB0OYgF8HoF1iyeG8rwnHX0MDMuoCW7rgbE4Mb31YSpBGVG3SvljW_Y8PLOaVX_dNB9VnR-YqdLrYasmPGej_3pvAIVq1TMRrq95itm7BgBaKtcVWyhIU5rU4LkJPFm3Ci2lsNpSK_x4YO9gjvzRutPnVICFijSwXO8BlAfV4MsrBSEuFGc7yNz869EhAOFmyWm-uiGzcY9t48yt4wZSYbS1P8FDhlxQXEbxM4u3epyxMPHAUiyq9RMx68qD8nLfP9HJIR0gGkpLcBS18YVDMDS6k60s6i7D%26sai%3DAMfl-YSjYfqoFHLOmXxyhrRbgwDYO4H40NVx7ALYEuPDILMWqwp8GdBb2lf2knDdIpVeDwDC_TCbOcPSwoxXFlstAABqneB9K6YyaESq2t1jj_xEGzif47S2nLLW47R-nBxs5F9A7mhutDyRT24bPZeKTta8RBEZ5rPoGGa3yOXH1jAr6W8NXNwBKtrWhSvVkGCCmKvrK35aGnX9JmGiL5A6gGI%26sig%3DCg0ArKJSzJyOylmBI053EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-warsztatowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-industry-2022-w26%2526utm_content%253Dgreat_service-prospecting-industry-html5-00-120x240%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f965e74419f52d74c985892025101019841566da6d3b82b88aadede72ebfeb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Feb 2023 12:02:50 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
4Ehg0xzy6Wr5fVYUHHbahg==
age
943971
cf-polished
origSize=10198
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 17 Jun 2022 14:48:53 GMT
server
cloudflare
etag
W/"0x8DA50707FA373D8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
96236a7e-a01e-008f-148d-31644c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
7953bd37ab355019-WAW
animated-creative.8f91e75a375dc4814474.js
c.bannerflow.net/scripts/ Frame 6677
144 KB
50 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.8f91e75a375dc4814474.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62ac941e1de427dc32054f54?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvsKyu24MamJzllkZIfa0SoYBnF-oOSZHEob3DoaR85WphfonAFMktE-sUSLj1slfISnzG84uiTPHCQEJL2aVk46BcBlGASiKRn00Qiz8hs5gkgXvthPQAJnBrhd1PLxjZ6JWWlZ7imZeNUEyMqWdlVn1_5FosQsSCOXThzD2-8jYmkd4AAyWRhAQKUa7JwZXulT33q2NltX3NC2RqwPRfITf9_o698V0vNQiwrlMFNeMvPrumLV8R30QjtMUOgRaG0-xTX_wd3yFWcnnRnCxkaTKtihHfYUiRV1muB8h9nH82wqO47U4CgQSfvDL2Vm0_JjdvK76vaSVPN8r68bXcWHWwISx1IIGFH9UIa8hmRbvWBjQUP6xf3wxDQsW2kUjmhm4iOpeuMy671HfokTJbI1fGGyXgsac2rxB-ULxCD9nFaIurOwOt6gAi3ZTi-mQ7S3aI0Uccmbv_6BdJVKmfWAw6N8stj9ubcW3aZIYkPjdZjhRHN6lEI31ZG1JD8y8AF4moAly4DL3nbV3TYPqrBvw8kdtYoTUjthZyA1dM977F8Wl7hM05XQZZvhh5KqxwPSUCJWGuOlpagy6pHaMS8_G0-PhVyFRbaHZ8XGt55kxXjUF8BuDBVUPXJ_w06lRb17G-xQhmbrYStwVt0ouWKXckDrcF2ymrP-_WOhN2yfSFa9YSch_pLVVD_UQdwQXlyvYsJDXa56_0MIpyp-KqsND17QoN6azQ0EI-fMd_kkuDT6Daq6bkwbjynuCSdsdwTKcPxJH-Y-O01xj61liM9_nJRYuI1Ls7dbSufDkQEBzNOTee11oA-pdxUo_GdtNF9ALbCHJiUV8pT9tCnAx_ZLQT5MTTm0Z3eSWb978jjb7-ULbo6BubcWnoTk0WSO2F2I2SvlHwQICFpskn2INV45zk24-p9fowrnTKJVMhfRmL8afvMkB0OYgF8HoF1iyeG8rwnHX0MDMuoCW7rgbE4Mb31YSpBGVG3SvljW_Y8PLOaVX_dNB9VnR-YqdLrYasmPGej_3pvAIVq1TMRrq95itm7BgBaKtcVWyhIU5rU4LkJPFm3Ci2lsNpSK_x4YO9gjvzRutPnVICFijSwXO8BlAfV4MsrBSEuFGc7yNz869EhAOFmyWm-uiGzcY9t48yt4wZSYbS1P8FDhlxQXEbxM4u3epyxMPHAUiyq9RMx68qD8nLfP9HJIR0gGkpLcBS18YVDMDS6k60s6i7D%26sai%3DAMfl-YSjYfqoFHLOmXxyhrRbgwDYO4H40NVx7ALYEuPDILMWqwp8GdBb2lf2knDdIpVeDwDC_TCbOcPSwoxXFlstAABqneB9K6YyaESq2t1jj_xEGzif47S2nLLW47R-nBxs5F9A7mhutDyRT24bPZeKTta8RBEZ5rPoGGa3yOXH1jAr6W8NXNwBKtrWhSvVkGCCmKvrK35aGnX9JmGiL5A6gGI%26sig%3DCg0ArKJSzJyOylmBI053EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-warsztatowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-industry-2022-w26%2526utm_content%253Dgreat_service-prospecting-industry-html5-00-120x240%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fbea945f50eada4896cd18055e943e2c584f262f37bccb8353a657dc725ddc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Feb 2023 12:02:50 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
aXsit+2VM5eiWeIPCiyhJw==
age
20379179
cf-polished
origSize=147393
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 15 Jun 2022 12:42:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
00d67b01-f01e-002b-40c9-806dea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
7953bd37ab365019-WAW
document.e04860d31c.js
c.bannerflow.net/accounts/aj-produkter/55f6c9c5163b58e2a8681ac3/published/2434185/2774378/ Frame EF74
9 KB
2 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/aj-produkter/55f6c9c5163b58e2a8681ac3/published/2434185/2774378/document.e04860d31c.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62ac941e1de427dc32054f54?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss7h5F8tQj6pFhjkVI47WN9WCEJZinP2-y8SFC0zfLO4q7hcYgGbgQcpPwfkn_V804OoATtfIGnS7_LmWkFKQjuzykKk3uAITttWkEmUohSSTqKFJsqCOeyDHBtRLB9AjWwYIrj6wmAp3ddcVY-5VDDDJdEm8wG3b9d0Oa0aViHo7PY7BgEkAAKQaDCQm7BQMN-GEumjboSMIgTkV4qjThtYVQS_rH7Sn1FK_8IcAYojcdPhg1dzgEDOXrvxLGIVegRJy7TrR7GcGpOKFLxdoR_QS0wrjBYOtd6x2vO8AZE604lf8OUTf3Gqmg1mlyDR2djO6Z0gsltdMKrispfC9huIvNe5XKg9iCTnjtoDScvZCfYarViD8ieGkxPvQ5wWZNXJlbwrN42d9hHMuGLpIfL8v6it9mxbjecvm383YIZloZKofQCy0pCytjuERjDiCYM-CBkjLxYIb51fCcEj1p3haITxMK9mP-LblMHupVVA-3UYySdLn2zCCFs-K0EDQvPBIn0a5mLchvAT_4cnMK7Qpx_ktlHop7lOxwI_9t2AIL-ajnaUgCIWMoM7p7lco1GfyUzbDsEC9LAOJvMyY7e2k01F4tGmfJPOzQOuwCWt83hD957DCDP4b9NTEXJEbIOvOBAU4HSN1v3bAb3KW8eFVRe-Uf6OTsbsp1p7MYxMP_6gRAapynkoGIUObbR3PZ-hBzYQ1AkzjlYehydIcm0AjLE9Gab61ZgcKekFpQTheJ7_uabS9SFdBNVBsnQ0CmeVIv3spjj8jaFZzUoeX1hcG8AJlm8PqP_OER_W5TKARbDspE5ncyTsoFCT845YqCS-WiD7ch1oIidE8kXZ2DIgbuP1BHgFMXpF2hLMGGWR_cdmnlS7KIv855m7FpJtCdordusWoFdecUt-FC48qkcgwQ4xeWlhm8MlZMSlWWn_bjFdOgvz8KgrzCZnuA6Desfw7mIpmZH3iUub4-Bpu64TNRZTraX6V2_k6Y40Fcy5Y4-lHB883440aGt7r-B71XPLd8kjY6_jYww6sP-SStOXf_zLUHBurcTwEkobnUZmUV2gFoZ_yCYyJ0xgsyzytZpx8s02R1JvHG8wOV-TkdiAw3-kI0D1eC_Cv95UfsGy1upEHLYAiEJnDiafThIKMn3OvRlatYA0AvAPEDOtJAxXQPdYXxFg0fdgbROlyWHBsnGC3EZEDGAj51jWo-HQFXFJEYXVzgajI4m6ZUy%26sai%3DAMfl-YQFo8kvIVkIYJZBkaAyiS4yhj4vZAHjwD1Ep0wVa8j0Sa0ZuWM-xEa9nEqD4WrA4H-jJJnQymZGCbrvqiq4dPLHauTuvkjJoLaKgiBwzhePvagGlbr8L0hnZ3ra2SUvQOy24pdyB_kuRhsQQweAVtIiZDYh0zshiqq0maHkAhgprVnTragVKBnCFcCSfFGVtMPERq4mBZAa8tBn_24W07U%26sig%3DCg0ArKJSzFnAxVbGkbE9EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-warsztatowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-industry-2022-w26%2526utm_content%253Dgreat_service-prospecting-industry-html5-00-120x240%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f965e74419f52d74c985892025101019841566da6d3b82b88aadede72ebfeb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Feb 2023 12:02:50 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
4Ehg0xzy6Wr5fVYUHHbahg==
age
943971
cf-polished
origSize=10198
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 17 Jun 2022 14:48:53 GMT
server
cloudflare
etag
W/"0x8DA50707FA373D8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
96236a7e-a01e-008f-148d-31644c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
7953bd37cb575019-WAW
animated-creative.8f91e75a375dc4814474.js
c.bannerflow.net/scripts/ Frame EF74
144 KB
49 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.8f91e75a375dc4814474.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62ac941e1de427dc32054f54?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss7h5F8tQj6pFhjkVI47WN9WCEJZinP2-y8SFC0zfLO4q7hcYgGbgQcpPwfkn_V804OoATtfIGnS7_LmWkFKQjuzykKk3uAITttWkEmUohSSTqKFJsqCOeyDHBtRLB9AjWwYIrj6wmAp3ddcVY-5VDDDJdEm8wG3b9d0Oa0aViHo7PY7BgEkAAKQaDCQm7BQMN-GEumjboSMIgTkV4qjThtYVQS_rH7Sn1FK_8IcAYojcdPhg1dzgEDOXrvxLGIVegRJy7TrR7GcGpOKFLxdoR_QS0wrjBYOtd6x2vO8AZE604lf8OUTf3Gqmg1mlyDR2djO6Z0gsltdMKrispfC9huIvNe5XKg9iCTnjtoDScvZCfYarViD8ieGkxPvQ5wWZNXJlbwrN42d9hHMuGLpIfL8v6it9mxbjecvm383YIZloZKofQCy0pCytjuERjDiCYM-CBkjLxYIb51fCcEj1p3haITxMK9mP-LblMHupVVA-3UYySdLn2zCCFs-K0EDQvPBIn0a5mLchvAT_4cnMK7Qpx_ktlHop7lOxwI_9t2AIL-ajnaUgCIWMoM7p7lco1GfyUzbDsEC9LAOJvMyY7e2k01F4tGmfJPOzQOuwCWt83hD957DCDP4b9NTEXJEbIOvOBAU4HSN1v3bAb3KW8eFVRe-Uf6OTsbsp1p7MYxMP_6gRAapynkoGIUObbR3PZ-hBzYQ1AkzjlYehydIcm0AjLE9Gab61ZgcKekFpQTheJ7_uabS9SFdBNVBsnQ0CmeVIv3spjj8jaFZzUoeX1hcG8AJlm8PqP_OER_W5TKARbDspE5ncyTsoFCT845YqCS-WiD7ch1oIidE8kXZ2DIgbuP1BHgFMXpF2hLMGGWR_cdmnlS7KIv855m7FpJtCdordusWoFdecUt-FC48qkcgwQ4xeWlhm8MlZMSlWWn_bjFdOgvz8KgrzCZnuA6Desfw7mIpmZH3iUub4-Bpu64TNRZTraX6V2_k6Y40Fcy5Y4-lHB883440aGt7r-B71XPLd8kjY6_jYww6sP-SStOXf_zLUHBurcTwEkobnUZmUV2gFoZ_yCYyJ0xgsyzytZpx8s02R1JvHG8wOV-TkdiAw3-kI0D1eC_Cv95UfsGy1upEHLYAiEJnDiafThIKMn3OvRlatYA0AvAPEDOtJAxXQPdYXxFg0fdgbROlyWHBsnGC3EZEDGAj51jWo-HQFXFJEYXVzgajI4m6ZUy%26sai%3DAMfl-YQFo8kvIVkIYJZBkaAyiS4yhj4vZAHjwD1Ep0wVa8j0Sa0ZuWM-xEa9nEqD4WrA4H-jJJnQymZGCbrvqiq4dPLHauTuvkjJoLaKgiBwzhePvagGlbr8L0hnZ3ra2SUvQOy24pdyB_kuRhsQQweAVtIiZDYh0zshiqq0maHkAhgprVnTragVKBnCFcCSfFGVtMPERq4mBZAa8tBn_24W07U%26sig%3DCg0ArKJSzFnAxVbGkbE9EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-warsztatowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-industry-2022-w26%2526utm_content%253Dgreat_service-prospecting-industry-html5-00-120x240%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fbea945f50eada4896cd18055e943e2c584f262f37bccb8353a657dc725ddc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Feb 2023 12:02:50 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
aXsit+2VM5eiWeIPCiyhJw==
age
20379179
cf-polished
origSize=147393
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 15 Jun 2022 12:42:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
00d67b01-f01e-002b-40c9-806dea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
7953bd37cb585019-WAW
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3D6C
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com&bust=31071812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Feb 2023 12:02:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7EA7
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
9790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 09:19:40 GMT
expires
Tue, 06 Feb 2024 09:19:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D6A3
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f4.1e100.net
Software
GSE /
Resource Hash
5937e014956864b98b1f3f31a6dff85aad482c7356c13a52c74c0975143a7e0a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Mqy1EFs7P98wOurZ5NM5yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Mqy1EFs7P98wOurZ5NM5yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:50 GMT
expires
Mon, 06 Feb 2023 12:02:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D84
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
9790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 09:19:40 GMT
expires
Tue, 06 Feb 2024 09:19:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7F18
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f4.1e100.net
Software
GSE /
Resource Hash
aea181780a8be307b9f6512c935a5d525dea285e521502e2afa83614819bcdd5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-91wnWCLAeZZivaaYjWBa8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-91wnWCLAeZZivaaYjWBa8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 12:02:50 GMT
expires
Mon, 06 Feb 2023 12:02:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5C7
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTRa2aezgY4XiLMfB-gbowZDoAQAAAAA4AeAEAg&bg=!paalpuLNAAaq5O5FiuQ7ACkAdvg8WntKrxJ_DGx_4rZu-joJGDmlsaL943v0aU1of1E5JJkHINOGCgIAAACWUgAAAANoAQeZAz05yzqPNoYIHOxkw9enskaZ-l9k1x3r7xRdLJdZYAdCktZ87wvy-Qi5o-vy7YznAE2zDwCsyd4tD_VPFdukRUeCY9Xsp3mBE7_FwQhVVkSsV6_7mbJ95rqKnh1hecpjFiOdQgj32Xu6VMH5Nk2NcQTgSOmam8cuQIQpnORD6GldPWp6zuwYN9jy65TSb1IWfonXZ0cKWp7OgDojk7UJBzuCF4qfL5E_HtwZVNQjIzEQJpEe6e1hu1nK_V4FMDyhrVTuH4VlMVykXr2aGRlYqF6OXcVguz88Ap76KBeH5Y54dVRg16eEdbSfD8Vg2we-oblPl580Tz1P9mkm0RrjqD_Zt4jYONDIISsss52ETJHBIkCdxk2QBwvno4X12c0U4JMhg5i_dPhnvKZlqx53TeOZlIgQ74kJa1wEtmiMkLOiugHhVS21Utub9XFH4O9aT7jT3g2sZRROQ4kjLcGc5Gt2h8pIhvPJsFwYe54zC2qCODjIPw990K5SaJ3PvmlZ5zGJIKrRyQw8T0vD0kFa9_-RpCK0ylzOxKGXG5BFDRUZFnOSS8v095czVk_sSL4sa-S8pQD0eTHz3sJq-bi8kDgxcYUuyleJS0bSNgjmfRnvVxP0sxBjCfUSixdQlUQhZOXwxRVaVs9zq4cv-BKaj7jX8GZPMNVbnT18NuLdv1z0hWhrLlxc-HwwP8voM9iPPn4pOaVC1yY2wjx_CMZmciZf0CKfjcbUg2hDzIr2rWcDie-HVuEl4QkHak2xJ28SBZYL34NfwhZtOVwYvfxsHAQ6I5MCPqAAb8ri3ouydvuUiNr4us0Hjzis2gLBfBO7CTQ3F69tFpMAOy_niWet7K1PZJXNUJNhRMrPRScwVOkCUlIlmKIdqNGCI75S-ag_v2-hO1D830IcP3Rp00eNxuZKradA7z9C54gSF2KDhk_wf3Lp5ZTMAdOxqHgMMS9EbkInLTdihC7KQrNcNttsWxBTiQcIsIOtOh9HmOeCMWnrW2czRAePLhWdhuhJV_h5zp8NRPnkOyiiBdcl8xW-wkksX8pAj3atMGezxopL0uogaJrcGW-9jAfa99aecG5mLQpY5lln4JxQRpKu_eSC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame 7EA7
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 12:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
258564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 12:13:26 GMT
truncated
/ Frame 6677
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
84529ab2-2a00-4f97-be3f-76569b66b86f
https://s0.2mdn.net/ Frame 0B31
668 B
0
Script
General
Full URL
blob:https://s0.2mdn.net/84529ab2-2a00-4f97-be3f-76569b66b86f
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8f91e75a375dc4814474.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
truncated
/ Frame EF74
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
1fc3ee13-66af-493e-af2b-4399aaf42812
https://s0.2mdn.net/ Frame 542C
668 B
0
Script
General
Full URL
blob:https://s0.2mdn.net/1fc3ee13-66af-493e-af2b-4399aaf42812
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8f91e75a375dc4814474.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame 6677
6 KB
6 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55f6c79ad5dac3f364722874%2F55f6c9c5163b58e2a8681ac3%2Fe49043ba-c6b1-4677-bae9-8db04394ceaf.woff&t=%20LZabcdeijklnoprstwyz%C4%99%C5%9B%E2%80%93
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16720323297882931200/p-aj-pl-prog_display-prospecting-great_service-industry-2022-w26-Polish-120x240-637910741498433108-768eb54c-d986-4d12-80b8-f8b4a2dc8393.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ba400512d9a0fc2b56931b0b60b667feb896a014273390842bb5508ec1ddb4

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 09:09:26 GMT
server
cloudflare
age
15130404
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=e49043ba-c6b1-4677-bae9-8db04394ceaf-subset.woff
cf-ray
7953bd396d7734c7-WAW
expires
Tue, 15 Aug 2023 09:09:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D6A3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=3098394816906351&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame 3D84
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 12:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
258564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 12:13:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7F18
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=1647929270854148&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

font
c.bannerflow.net/fs/api/v2/ Frame EF74
6 KB
6 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55f6c79ad5dac3f364722874%2F55f6c9c5163b58e2a8681ac3%2Fe49043ba-c6b1-4677-bae9-8db04394ceaf.woff&t=%20LZabcdeijklnoprstwyz%C4%99%C5%9B%E2%80%93
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16720323297882931200/p-aj-pl-prog_display-prospecting-great_service-industry-2022-w26-Polish-120x240-637910741498433108-768eb54c-d986-4d12-80b8-f8b4a2dc8393.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ba400512d9a0fc2b56931b0b60b667feb896a014273390842bb5508ec1ddb4

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 09:09:26 GMT
server
cloudflare
age
15130404
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=e49043ba-c6b1-4677-bae9-8db04394ceaf-subset.woff
cf-ray
7953bd396d7a34c7-WAW
expires
Tue, 15 Aug 2023 09:09:26 GMT
generate_204
tpc.googlesyndication.com/ Frame 7EA7
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?nghXGw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
optimize
c.bannerflow.net/io/api/image/ Frame 47EF
7 KB
7 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Faj-produkter%2F55f6c9c5163b58e2a8681ac3%2Fimages%2Ff21bfe9f-5ff3-4005-a50b-1dcde8514ec2.jpg&w=1268&h=1268&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2f9057d106a4703d8bdbb301f69155a4ef6e1457e0cbeb44043f5397801edfa

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Feb 2023 09:55:46 GMT
api-supported-versions
2.0
server
cloudflare
age
7624
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7953bd39dcaa5019-WAW
content-length
7166
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 47EF
2 KB
2 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Faj-produkter%2F55f6c9c5163b58e2a8681ac3%2Fimages%2F5bb68903-1b6c-4018-b860-16caf529a660.png&w=58&h=48&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4f7644d75613a29b835ab6cacae72b2a3df866e2928785eb9a6964a6ba49c61

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Feb 2023 15:46:38 GMT
api-supported-versions
2.0
server
cloudflare
age
72972
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7953bd39dcae5019-WAW
content-length
1910
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame B1EE
7 KB
7 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Faj-produkter%2F55f6c9c5163b58e2a8681ac3%2Fimages%2Ff21bfe9f-5ff3-4005-a50b-1dcde8514ec2.jpg&w=1268&h=1268&q=85&f=webp&rt=contain
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8f91e75a375dc4814474.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2f9057d106a4703d8bdbb301f69155a4ef6e1457e0cbeb44043f5397801edfa

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Feb 2023 09:55:46 GMT
api-supported-versions
2.0
server
cloudflare
age
7624
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7953bd39dcb25019-WAW
content-length
7166
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame B1EE
2 KB
2 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Faj-produkter%2F55f6c9c5163b58e2a8681ac3%2Fimages%2F5bb68903-1b6c-4018-b860-16caf529a660.png&w=58&h=48&q=85&f=webp&rt=contain
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.8f91e75a375dc4814474.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4f7644d75613a29b835ab6cacae72b2a3df866e2928785eb9a6964a6ba49c61

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Feb 2023 15:46:38 GMT
api-supported-versions
2.0
server
cloudflare
age
72972
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7953bd39ecb55019-WAW
content-length
1910
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
generate_204
tpc.googlesyndication.com/ Frame 3D84
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ktMu5g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
c.bannerflow.net/tr/v2/pixel/ Frame EF74
0
73 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62ac941e1de427dc32054f54?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss7h5F8tQj6pFhjkVI47WN9WCEJZinP2-y8SFC0zfLO4q7hcYgGbgQcpPwfkn_V804OoATtfIGnS7_LmWkFKQjuzykKk3uAITttWkEmUohSSTqKFJsqCOeyDHBtRLB9AjWwYIrj6wmAp3ddcVY-5VDDDJdEm8wG3b9d0Oa0aViHo7PY7BgEkAAKQaDCQm7BQMN-GEumjboSMIgTkV4qjThtYVQS_rH7Sn1FK_8IcAYojcdPhg1dzgEDOXrvxLGIVegRJy7TrR7GcGpOKFLxdoR_QS0wrjBYOtd6x2vO8AZE604lf8OUTf3Gqmg1mlyDR2djO6Z0gsltdMKrispfC9huIvNe5XKg9iCTnjtoDScvZCfYarViD8ieGkxPvQ5wWZNXJlbwrN42d9hHMuGLpIfL8v6it9mxbjecvm383YIZloZKofQCy0pCytjuERjDiCYM-CBkjLxYIb51fCcEj1p3haITxMK9mP-LblMHupVVA-3UYySdLn2zCCFs-K0EDQvPBIn0a5mLchvAT_4cnMK7Qpx_ktlHop7lOxwI_9t2AIL-ajnaUgCIWMoM7p7lco1GfyUzbDsEC9LAOJvMyY7e2k01F4tGmfJPOzQOuwCWt83hD957DCDP4b9NTEXJEbIOvOBAU4HSN1v3bAb3KW8eFVRe-Uf6OTsbsp1p7MYxMP_6gRAapynkoGIUObbR3PZ-hBzYQ1AkzjlYehydIcm0AjLE9Gab61ZgcKekFpQTheJ7_uabS9SFdBNVBsnQ0CmeVIv3spjj8jaFZzUoeX1hcG8AJlm8PqP_OER_W5TKARbDspE5ncyTsoFCT845YqCS-WiD7ch1oIidE8kXZ2DIgbuP1BHgFMXpF2hLMGGWR_cdmnlS7KIv855m7FpJtCdordusWoFdecUt-FC48qkcgwQ4xeWlhm8MlZMSlWWn_bjFdOgvz8KgrzCZnuA6Desfw7mIpmZH3iUub4-Bpu64TNRZTraX6V2_k6Y40Fcy5Y4-lHB883440aGt7r-B71XPLd8kjY6_jYww6sP-SStOXf_zLUHBurcTwEkobnUZmUV2gFoZ_yCYyJ0xgsyzytZpx8s02R1JvHG8wOV-TkdiAw3-kI0D1eC_Cv95UfsGy1upEHLYAiEJnDiafThIKMn3OvRlatYA0AvAPEDOtJAxXQPdYXxFg0fdgbROlyWHBsnGC3EZEDGAj51jWo-HQFXFJEYXVzgajI4m6ZUy%26sai%3DAMfl-YQFo8kvIVkIYJZBkaAyiS4yhj4vZAHjwD1Ep0wVa8j0Sa0ZuWM-xEa9nEqD4WrA4H-jJJnQymZGCbrvqiq4dPLHauTuvkjJoLaKgiBwzhePvagGlbr8L0hnZ3ra2SUvQOy24pdyB_kuRhsQQweAVtIiZDYh0zshiqq0maHkAhgprVnTragVKBnCFcCSfFGVtMPERq4mBZAa8tBn_24W07U%26sig%3DCg0ArKJSzFnAxVbGkbE9EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-warsztatowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-industry-2022-w26%2526utm_content%253Dgreat_service-prospecting-industry-html5-00-120x240%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7953bd3a2d025019-WAW
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
/
c.bannerflow.net/tr/v2/pixel/ Frame 6677
0
33 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62ac941e1de427dc32054f54?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvsKyu24MamJzllkZIfa0SoYBnF-oOSZHEob3DoaR85WphfonAFMktE-sUSLj1slfISnzG84uiTPHCQEJL2aVk46BcBlGASiKRn00Qiz8hs5gkgXvthPQAJnBrhd1PLxjZ6JWWlZ7imZeNUEyMqWdlVn1_5FosQsSCOXThzD2-8jYmkd4AAyWRhAQKUa7JwZXulT33q2NltX3NC2RqwPRfITf9_o698V0vNQiwrlMFNeMvPrumLV8R30QjtMUOgRaG0-xTX_wd3yFWcnnRnCxkaTKtihHfYUiRV1muB8h9nH82wqO47U4CgQSfvDL2Vm0_JjdvK76vaSVPN8r68bXcWHWwISx1IIGFH9UIa8hmRbvWBjQUP6xf3wxDQsW2kUjmhm4iOpeuMy671HfokTJbI1fGGyXgsac2rxB-ULxCD9nFaIurOwOt6gAi3ZTi-mQ7S3aI0Uccmbv_6BdJVKmfWAw6N8stj9ubcW3aZIYkPjdZjhRHN6lEI31ZG1JD8y8AF4moAly4DL3nbV3TYPqrBvw8kdtYoTUjthZyA1dM977F8Wl7hM05XQZZvhh5KqxwPSUCJWGuOlpagy6pHaMS8_G0-PhVyFRbaHZ8XGt55kxXjUF8BuDBVUPXJ_w06lRb17G-xQhmbrYStwVt0ouWKXckDrcF2ymrP-_WOhN2yfSFa9YSch_pLVVD_UQdwQXlyvYsJDXa56_0MIpyp-KqsND17QoN6azQ0EI-fMd_kkuDT6Daq6bkwbjynuCSdsdwTKcPxJH-Y-O01xj61liM9_nJRYuI1Ls7dbSufDkQEBzNOTee11oA-pdxUo_GdtNF9ALbCHJiUV8pT9tCnAx_ZLQT5MTTm0Z3eSWb978jjb7-ULbo6BubcWnoTk0WSO2F2I2SvlHwQICFpskn2INV45zk24-p9fowrnTKJVMhfRmL8afvMkB0OYgF8HoF1iyeG8rwnHX0MDMuoCW7rgbE4Mb31YSpBGVG3SvljW_Y8PLOaVX_dNB9VnR-YqdLrYasmPGej_3pvAIVq1TMRrq95itm7BgBaKtcVWyhIU5rU4LkJPFm3Ci2lsNpSK_x4YO9gjvzRutPnVICFijSwXO8BlAfV4MsrBSEuFGc7yNz869EhAOFmyWm-uiGzcY9t48yt4wZSYbS1P8FDhlxQXEbxM4u3epyxMPHAUiyq9RMx68qD8nLfP9HJIR0gGkpLcBS18YVDMDS6k60s6i7D%26sai%3DAMfl-YSjYfqoFHLOmXxyhrRbgwDYO4H40NVx7ALYEuPDILMWqwp8GdBb2lf2knDdIpVeDwDC_TCbOcPSwoxXFlstAABqneB9K6YyaESq2t1jj_xEGzif47S2nLLW47R-nBxs5F9A7mhutDyRT24bPZeKTta8RBEZ5rPoGGa3yOXH1jAr6W8NXNwBKtrWhSvVkGCCmKvrK35aGnX9JmGiL5A6gGI%26sig%3DCg0ArKJSzJyOylmBI053EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7351505%26adurl%3Dhttps%253A%252F%252Fwww.ajprodukty.pl%252Fkampanie%252Fznakomita-obsluga%252Flepsze-srodowisko-warsztatowe%253Futm_source%253Dbanner%2526utm_medium%253Dcpc%2526utm_campaign%253Dp-aj-pl-prog_display-prospecting-great_service-industry-2022-w26%2526utm_content%253Dgreat_service-prospecting-industry-html5-00-120x240%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 06 Feb 2023 12:02:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7953bd3a4d195019-WAW
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
sodar
pagead2.googlesyndication.com/pagead/ Frame CE1D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=3169183860831099&bg=!z8ylzIjNAAaq5O5FiuQ7ACkAdvg8Wv-KqwpaOe5k18H6KSi3pK1c3HX8afFXJaM2XIyPTkziUphp8AIAAAC-UgAAAANoAQcKAFqyMJO4iTA_bG5WfrSJUgfwimjFLAD1XVyn39pEHIYJe5hCpEVnUswDFaNfQ691xeREa_2TzYqmu4UQYuB2wWV1r4M9aRpxUKQgVB0_on2kTWQmPxXzKMMmYWOZAuqFyqOUBx9kjrhXKyBE2yl-ny1uR9lvqIYGiNJtiFzT5fIZAsnT0GuZmwQMra00oz0sXWjwSpfFLuTJar7pEsTAFwbVEXc2fcSuB3hK9pgYHzbDl3IQac2iDSQGK-OJB329jUkFvWe2qFp20TGR_gPQeQu2DIjTm629sLP93L13LqrfONlXyKCcwN41Jur-BgSm81ZUAL36DhMvGFbaTIyk5cAiBi6eI9SrJwXF0uDyjjQ7Sj4gVmlDirVUEESLOCrkO2zlbo0iZI2U0a7RX2XsTRsqTa7EsMbFHEeGflaKLXlmzDKszUxkMjdgZBRm0nEZbu0quOxc2xq__41LfWRpoxml5Pf_WCzWoM3Yy4aOpjsZTF-3XssaCHF0omlDu_lq7G-pCl5KKUzRmtq8Mh4_wcqYBUAqvOLXv13HFbcjSFeXxO9LxJ4xrWc8jg8rr7rlRkZeciIemK52DRCyd4pal_LWGCq5CDSGtB9Y_Pnqt6fmfmyWWsOfzrH01WVyqHpWtH_N_kpUc-SLScCMPB_tzTvX1SSljSV3qatfPA1RodbdSImt9LaJ2q32TB-xYrxsvglgVmjh3V_3WfA5rFqelRKmAwkFhoOEE_AD4PGj0qrIdatUv1Qv-LtNBwrjzmfKb5SpL7ZXQfFa69eKE5oKFszQfqYcdqBU3S9TmzCuS8NunDuG2g8J4J9anOjqOvV4QNjFgk5vcPJB_KyiZGD5zTcCOmUnw-ixKjyos9i5dFXKcCqIQR1Y8MWGpi7CJfE3S_aV4yxx5YL4wwXrk39u-KeY1ZgLo7-Titg2yJEa9u3PS_HoNxUf9oXrVnhd2HpSa6HxXRBv-zd8LV3coqkpGqfRhV30XzpdkXfISPiFUIYpNmMpPMvqR5L8H4sDEwW9364baN4Y39MUlxV7w7u68Msv-JZ7VtxAzYDZDU7W_KG8C99WCJAAwMmHc4HoFfCGY2N_dhdsAVeutyIPJZHCsYkYeLqEOxhVTg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame A671
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6920437030059&version=m202301230201&ct=76&x=1&cor=14774500761414846000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 70E6
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=3098394816906351&bg=!AwClAETNAAaq5O5FiuQ7ACkAdvg8WgKAQ1SXU2gbrostebrofq4Tzr_tCbILBk9f4kvqMwAbzSFtHwIAAAB1UgAAAAJoAQcKAHn7JxYkSoHqq4W0nvRTGkOBT7bKfWgpJb6ZZaQOtDmoupOptEm9UdCfiYf-IZO-MG4vSwdOXH4H-HjnkWLAYZDSrtkoHF4xD_y4Or1toi8sExH1LBa0s2QxjaNwDHdk3IPDKW9tcvu0Ri0obd5w71PGbABOggWCiVQomQLnaTjPfCgz9UNYSl6_VTOwyzFvfa1SS6gIvMtvcX-i-Ot-hTzI44q1hhOq239aPo16HE5GWedNV1S0RnRKpGdd_VWB6mthN-XZKj8VVEKH-Fmqdd32bv9K02WquaqVqEuRvUPk2tPtnOLaacS9FgYHRPsAtpibnNFWVplCEpViLD-XsMosHb4MktMLbK9q440PRC1trnYDSwVyx-nzgUQdoU-6SMM15ZgSLI6333-tbwzcadKH5e1nj99fZXWeOF0vY4z9dPYFKVhJzOmsWwyzjLUmbC0uuZIqqKrGB9n5gKHrQlbynbUzhMszj8QsQOrF4FHvVCX62uCCseFQx3bNHCIhdYd7Jmu667oSRoE1aq2PUiVfY5PyizHwXIptAX82mOcc8ESpC1E0kjnIBd2ILS1nSmzSZ2YwJ5E7tY-oUiphhLbD0GmlbSdTRs2RJjgjMOaWOc3jKLX_UanFgVFrQeXTlYW6rvTGwQ1hRIHZ7JhUv8l2TEAmo0Jqtn0k1MZHEqO9DCkJP93gwgMTUMhlaW99_rtFcwcD1d9PoQWv-4XUvpVMjLlPHuA0TOd_R7hHt8LOX-adqmizir8jIedg8WMDoC4zhzgJw-KZNO9IoawUs6wUgj-D_n9ewiHccqc_MerVv7PAFQvOAp_IILJxitIlV329MkkkRG8ne2p_Ai-aWLsQwmGaDd2zciRQCEvumTF0eCu1PRhaQMJoS-Z0RcdSNtt-tiY7CtGGR3msbq5fRryiyAWQc9MT68X1Odwuu6R6xBDZ91fKj9bRj2uM7hHj43DNyUvLlnuXmL-SgctQQftrsGK69_Ex7ohCxtaR8BkHobTROXx5LzmfKYC6IY5Tenidx6bZKJuqQEc0uH5BEKXD0hfRx9O8nGDwCOeGVzNYE1ZDa-IFFwVEwjae7z9RN8GECHD7LVojXFYTPM0u5JTSVBO9pHEGmzRdtxUvXU4EbQvSWM4IWyX72EtnAeMicMcizRY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 3D6C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=1647929270854148&bg=!hYalhsLNAAaq5O5FiuQ7ACkAdvg8WlLO7BKzeWJZ74mb9yc8Z_uguozg0dcE45V1j2aEsRwaPFBcswIAAAB1UgAAAARoAQeZAvLcn1UK-k79piVm0TLRhvaiYw2-OX9edO3glMbnEL-8NpRNcAuJY4GA8f-KciEAy4L4h9LEUMuB4TyepNcYbVm1mbNJorHjsIaIhTI69Jnp_9gTU00J4ODSsaB6HAIOZQGeCT796kLAfCIn-6sbjV6nhgWpB4ilOXo6q_rhhviR7UxpNsP3NMbQl_52LF1EoTOTwlSRBal_EasGPQ469sb_p8cj9N4Rjmt7GViijJF3FxO-12DlAkia7_DdbuT7n6O8hjuqKSHP8sekaVUSlXw9dmw3aFHa5Z8L3QobWvAulhhNnpRwGDammhdS7G2PywDXD0QzKhng-WoZEnqqRQnM4ruVP3dNTr34V3ym16ynIURwClH3_IREtmdL_DBLnPRr1HX1wmXpHKVYEcESEh_P1j8H9vSUjHC7dOBcxkxpPXFVZ31bqN8Lk0zvhbWYgFI4vugr2Xd9r8qIoxXd7bjVgOs_7RXhaLLoiWxuyCTSdRiCM9sSi9y__tjoCtOp2U-ock8Jxocs5OwiI570hzh9N2ztIqe1I98z2v6aGbGye-yvTztWZWS4hsRFMkyGuoyk2Fd0H0wCn2Bdy4yxrmz_X5MZsC_Kb1zcITjRvD7JtjN_LhIuZvpuobruiWxFAZHk7kICB8tyYLun_DxJ6wJ9fn5yk97OX4PYMi-dB9M-cOArNy7Wtr6BI-yFu7cQXqVA6_i4G9IRxdcOd1HO4SoTyfiAoWEXx1MGJO4Tdd6JunM7y3IY5Zs9CXJCAaTWP_gCvlLlz0ROHOiuHOgO0-LVkIhS7pIZoD3dVSJY5low3TKzM1m3cqh65SdLE_ikXwRboWp6elRiCebDqS6Ef2nVxp_mkCA5OMYSXa_XjmwokVJFmGjgPPpvtxyn9bDs_ktMkCLwG3W4Wz9Nz5p14i_KL9uC2vfspK_n8k5c9_MZFkI6j1LtEi1phb2YiTLn4ITDsf_TX9gHFFW-0oB3Uv34N7HwgUKPBlyZ-GOWBepYnjdh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E94
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1069546169028&version=m202301230201&ct=76&x=1&cor=15278985849701646000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 12:02:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| FormProxy number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

23 Cookies

Domain/Path Name / Value
.xgcartoon.com/ Name: _ga
Value: amp-Ekz_TzMi-E3eKdSOEYaEBg
.doubleclick.net/ Name: IDE
Value: AHWqTUlUymjresGwZivtGkq8nCIrst9IWS_G4L9wNrog5vf6WETrkG6yony3CnMUKcE
.adnxs.com/ Name: uuid2
Value: 8449532494419880386
.casalemedia.com/ Name: CMPS
Value: 2210
.casalemedia.com/ Name: CMPRO
Value: 2210
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>9E/EK5!@wnfH8K6pQK`!5=E<*L5?%KHf2Gb5.RqV^4vSra0ruYb1bAn$AU(?$p7wl.%nugO%v4VB%nnI)*=MU>
.casalemedia.com/ Name: CMID
Value: Y.DsafARI4Z-7lkhAuPyLwAA
.bidswitch.net/ Name: tuuid
Value: 2de2d6d9-a899-4c2c-911e-e4d7e9e70563
.bidswitch.net/ Name: c
Value: 1675684969
.bidswitch.net/ Name: tuuid_lu
Value: 1675684969
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: HCNfrVXg1Pp0cV5
.yahoo.com/ Name: A3
Value: d=AQABBGns4GMCEKbQU5QHY9unZWlxOMzXhdAFEgEBAQE94mPqYwAAAAAA_eMAAA&S=AQAAAnhVJJ9TYugYhT95nsLYQHc
.adform.net/ Name: uid
Value: 8629194703123065150
.w55c.net/ Name: matchgoogle
Value: 5
.blismedia.com/ Name: b
Value: 63E0EC6AEE95230072B62A65BLIS
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~29uc
.quantserve.com/ Name: d
Value: EC0BCQGdKIEA
.quantserve.com/ Name: mc
Value: 63e0ec6a-22a81-0fa24-08b27
.turn.com/ Name: uid
Value: 2581686942524770556
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bab71406-4083-48c7-afa3-8894f62d376d-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: anntmIoZdUQcR2Hp9vcggZatOj6jALqEH8iGAU15CCSqBgTqRdZaR8qrtqjefYnTahQkFRcA73aFiyG5u4nUFWMfKyd
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bab71406-4083-48c7-afa3-8894f62d376d-003%22%7D

1 Console Messages

Source Level URL
Text
security warning URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

628eb90f9a924f9a90736e1045ec519e.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
adservice.google.com
adservice.google.pl
amp.analytics-debugger.com
c.bannerflow.net
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
static-a.xgcartoon.com
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.xgcartoon.com
x.bidswitch.net
104.16.13.64
104.18.24.173
104.22.47.147
104.26.11.132
142.250.185.166
142.250.185.226
142.250.186.110
142.250.186.131
142.250.201.195
142.250.74.194
142.251.208.161
142.251.208.164
142.251.39.33
142.251.39.34
142.251.39.66
172.217.16.194
172.217.18.10
172.217.18.2
172.217.20.1
18.156.0.31
185.80.39.216
213.19.147.45
23.35.209.30
3.67.159.22
3.73.242.58
34.96.105.8
35.186.253.211
35.244.159.8
37.157.6.242
37.252.171.22
37.252.172.123
46.228.164.11
51.89.9.253
52.49.58.80
63.215.202.137
84.17.37.43
91.228.74.200
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03e92208d6d8172e560d3cdaaad8ba850fbd17921939d158c652f9bec8df9ab7
05dc159632ec2bc6be6e78d0d55244258455dae31d674006e3c0ec17d65ff680
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0aab3d6b4165ca27cf899946ebfdf34ac07c682c31e354d2e81076d7e0cdbe5a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
0cb83c0b0d8f10740688280803f5a997386809252ec87153022f679795c55165
0cf368db569da57a52fd1255e32b17195d690418f24d396b3db03ecbad7b24f9
102b09a0796101da4548cf35ad65bba1373f47a5bcbc02d7af0bc0b8ba489494
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b29d2c9bccf7eb796d9fdc56952c75ab369f04daf70d339a52919843a93dd7
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1bce3aa5fd9d3a2952d25f1e5072ea8aa70047087a21f98397666e09e675f7e1
1ce14301b2157149ea815c904d0c3725c883dcc908a41ac00007f2578702b631
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
21d1e0b14a5678fe471c01aedb53ad0b3da587e2de8264aca76d83a6a89a2ab0
25bf5a07c544e52b2a6ea1e716d15b8ff097bfad88dbd2c100a558ca6591d340
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
39f965e74419f52d74c985892025101019841566da6d3b82b88aadede72ebfeb
3f20a0adf62be7f92a22040b1ec7d87a0abd2fb70a6c259d8051204c9ab8a20c
42e20e0c0e4eb56c5b784c0ac5daeea097edacaa3546f63758e3aa8f21eef4f8
43dcb7935b1277a8767f6c4b23f6ff033c7fb34524882d697563d51bf05ca3e4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee96d9fe23d20661ddee664329c384bcab263b74e6d1fe7a0860b3328e956bc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5150b4d518589c03fe78e7a9e55bb207932dac64003695a295a28ceaec0e81e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563fb8e7a59cda9efd56480289f8e0a4ba70deb631ea06eec65faf07e8bc5dd3
57f3586a5880fd6109046314707c41879ac8fed9db9ca8345a4047b09c16592e
5937e014956864b98b1f3f31a6dff85aad482c7356c13a52c74c0975143a7e0a
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6952653f6e0903fbed7571ab5041f504a813f4133e2182090104d6e9f4f4109d
7ab7c9af43dd94efa0cf5362d9ab7902728051251a3875b39d7abab35258a16e
7caca509e42e6620d4ca14e3162359383a89e9393a6356896a3de0f4850c278f
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
802c35105734abda669ad7a7cbc29be47eea463803dee720b67d31bc4842c7dc
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
808a2f230c23eb54856e25187e61603f56b8ff631a05c7d47b9c7d58df0aec21
809e41bc24681852f0c56d295fcc1a15bea9eda0154ef6dcc9ea424d243f2f7c
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8b6426fd4497967f0b242654b64085722f1132745f6fb6b075ea58b58162a5ff
8c4782746496d13d1a037741305f1d07a00ac457b2cbd431fc01a6a14e94802c
905c2830b45011539e920dada33dbdb2e111c22458b80e820b9aeb5039645abf
9344135be84140c03e7c35de775354e7b4d743da0c9edbc6e480b4c0d17947fd
966683af3f6ee4dea56ffd113e6fd17c234eb2e89c9cd7d733c810053f7e415e
970760d10a35e0bb7b43241f4fd83d0fed73167952d285909a076054b7d44031
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2f9057d106a4703d8bdbb301f69155a4ef6e1457e0cbeb44043f5397801edfa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52f430bb84cd89ab3df9d6875807c4874b69f90cf8c01bbf417cdd347a6de4f
aa13c83deaaffe4ecf22cd5949b9c29841848b91b6215b9f221af054c4cd7c6e
aea181780a8be307b9f6512c935a5d525dea285e521502e2afa83614819bcdd5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0ba400512d9a0fc2b56931b0b60b667feb896a014273390842bb5508ec1ddb4
b0e0a2a6b0da4532308b86d9989da4ad3a1c6f00d81a6f3e62d9add193a09122
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4f7644d75613a29b835ab6cacae72b2a3df866e2928785eb9a6964a6ba49c61
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
beada79c6ecbd7f51dd299c32bf47ac12c9d79c4f9c83fe1e57f90466f918ee7
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cb6731124d8b36e7fe0cd3a1bb09a3980ebc59fb4bbde274f1ad7e1b6acc22ef
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
db5772ff3da5e05c2637185ce2b88dd9c6cf815dcce60e017fc4ad5dd72273dc
e160d8dab634140d27db76690c2f5754343034d4f051e89432b85fc23b2a958c
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e20d44c1b4c43a629f47d6a0f7f393d4f7dbcea8b6c42593d8842641465ae2f9
e35e60e835bf5ab3690fd90ff51d64ae41a6b28c0b314c871ceb67014345f6c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb1bdcb1c8460c8059269ceb223b709105c98f919a641419db7d703aa642827d
ed0293e1640f7af7551ec7175f78ffda8da9e8b834189732fbcc3aa0fa41450d
edfb70e62af38264bf0fe9e05a38843948031728636b8e777ff9139f98fda031
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7426344f747b36ab44695a28b07cd611a27b5082744b612c9d25a3cb26c5376
f9fbea945f50eada4896cd18055e943e2c584f262f37bccb8353a657dc725ddc
fdb5e0585b3f270c1c7acc5f708c7871e79ea339d4cc30af4503d1f107ad6404