urlscan.io logo urlscan.io
SecurityTrails logo

oir.mobi Open in urlscan Pro
51.77.35.176  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://oir.mobi/
Effective URL: https://oir.mobi/
Submission: On December 09 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 15 countries across 66 domains to perform 276 HTTP transactions. The main IP is 51.77.35.176, located in Warsaw, Poland and belongs to OVH, FR. The main domain is oir.mobi.
TLS certificate: Issued by R3 on November 28th 2023. Valid for: 3 months.
This is the only time oir.mobi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 60 51.77.35.176 16276 (OVH)
5 172.217.16.202 15169 (GOOGLE)
10 25 77.88.55.60 208398 (TELETECH)
4 104.17.24.14 13335 (CLOUDFLAR...)
17 172.217.18.2 15169 (GOOGLE)
5 21 93.158.134.119 208398 (TELETECH)
6 142.250.186.99 15169 (GOOGLE)
1 15 142.250.185.226 15169 (GOOGLE)
12 178.154.131.215 208398 (TELETECH)
27 213.180.204.90 208398 (TELETECH)
4 87.250.247.183 208398 (TELETECH)
3 213.180.204.36 208398 (TELETECH)
1 87.250.251.15 208398 (TELETECH)
1 1 87.250.254.45 208398 (TELETECH)
1 185.70.202.12 6762 (SEABONE-N...)
1 1 35.177.4.157 16509 (AMAZON-02)
3 3 142.132.138.215 24940 (HETZNER-AS)
1 1 193.3.184.217 50214 (QWARTA)
3 4 188.42.34.65 7979 (SERVERS-COM)
1 2 54.73.144.235 16509 (AMAZON-02)
1 52.45.175.185 14618 (AMAZON-AES)
14 142.250.186.98 15169 (GOOGLE)
1 95.163.41.56 47764 (VK-AS)
1 1 144.126.246.116 14061 (DIGITALOC...)
1 35.157.229.177 16509 (AMAZON-02)
1 82.145.213.8 39832 (NO-OPERA)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 1 194.226.130.229 52016 (ADFACT)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
2 37.18.16.23 205675 (HYBRID-AS)
2 2 185.15.175.131 43226 (SAFEDATA ...)
1 1 84.38.189.213 49505 (SELECTEL)
1 52.211.32.112 16509 (AMAZON-02)
1 1 195.201.198.232 24940 (HETZNER-AS)
2 2 217.199.220.44 61400 (NETRACK-AS)
2 2 217.66.147.36 29209 (SPBMTS-AS...)
3 3 217.66.147.39 29209 (SPBMTS-AS...)
2 2 213.87.44.187 13174 (MTSNET Mo...)
1 1 178.170.192.140 208677 (CLOUDRU-AS)
1 1 217.65.2.150 29076 (CITYTELEC...)
1 2 167.235.186.124 24940 (HETZNER-AS)
1 1 91.192.150.14 42481 (BEGUN-AS)
2 2 193.232.148.142 48061 (UMA-TECH-AS)
1 104.26.14.69 13335 (CLOUDFLAR...)
1 1 31.220.27.155 39572 (ADVANCEDH...)
1 2 77.244.216.90 49505 (SELECTEL)
1 2 95.217.109.66 24940 (HETZNER-AS)
1 1 88.212.201.198 39134 (UNITEDNET)
2 81.222.128.213 20597 (ELTEL-AS)
2 3 31.172.81.172 44066 (DE-FIRSTC...)
1 188.40.68.29 24940 (HETZNER-AS)
2 2 188.42.105.220 7979 (SERVERS-COM)
2 2 176.9.8.252 24940 (HETZNER-AS)
2 2 89.108.120.68 197695 (AS-REG)
1 1 188.72.107.205 208677 (CLOUDRU-AS)
1 1 178.170.196.176 208677 (CLOUDRU-AS)
4 142.250.185.131 15169 (GOOGLE)
20 216.58.206.33 15169 (GOOGLE)
2 172.217.23.106 15169 (GOOGLE)
5 142.250.184.226 15169 (GOOGLE)
1 13.107.246.45 8075 (MICROSOFT...)
1 23.35.236.188 16625 (AKAMAI-AS)
3 142.250.185.100 15169 (GOOGLE)
6 209.85.200.120 15169 (GOOGLE)
1 64.233.167.154 15169 (GOOGLE)
1 91.228.74.168 16509 (AMAZON-02)
3 3 52.28.254.225 16509 (AMAZON-02)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
2 2 35.204.158.49 396982 (GOOGLE-CL...)
1 15.197.193.217 16509 (AMAZON-02)
1 18.169.174.187 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 142.250.185.238 15169 (GOOGLE)
2 74.125.100.199 15169 (GOOGLE)
1 3 23.212.110.136 20940 (AKAMAI-ASN1)
3 185.89.211.12 29990 (ASN-APPNEX)
1 1 151.101.66.49 54113 (FASTLY)
1 1 54.77.159.200 16509 (AMAZON-02)
1 178.250.1.9 44788 (ASN-CRITE...)
2 2 37.157.2.230 198622 (ADFORM)
1 1 51.89.9.252 16276 (OVH)
1 142.250.185.130 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
276 52
60    51.77.35.176 (Warsaw, Poland)

ASN16276 (OVH, FR)
oir.mobi
5    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net
fonts.googleapis.com
25    77.88.55.60 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: yandex.ru
yandex.ru
4    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
17    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
pagead2.googlesyndication.com
21    93.158.134.119 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
6    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
15    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
12    178.154.131.215 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: static.yandex.net
yastatic.net
27    213.180.204.90 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: bs.yandex.ru
an.yandex.ru
4    87.250.247.183 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: avatars.mds.yandex.net
avatars.mds.yandex.net
3    213.180.204.36 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: favicon.yandex.net
favicon.yandex.net
1    87.250.251.15 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: log.strm.yandex.ru
log.strm.yandex.ru
1    87.250.254.45 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: rtc-strm.yandex.ru
strm.yandex.ru
1    185.70.202.12 (Italy)

ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT)
ext-strm-itt10.strm.yandex.net
1    35.177.4.157 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com
px.arcspire.io
3    142.132.138.215 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.138.132.142.clients.your-server.de
acint.net
1    193.3.184.217 (Russian Federation)

ASN50214 (QWARTA, RU)
ssp-rtb.sape.ru
4    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    54.73.144.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-144-235.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
14    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    95.163.41.56 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: r.mail.ru
ad.mail.ru
1    144.126.246.116 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
yandex.digital-services.solutions
1    35.157.229.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-229-177.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    194.226.130.229 (Russian Federation)

ASN52016 (ADFACT, RU)
cm.tns-counter.ru
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    37.18.16.23 (Russian Federation)

ASN205675 (HYBRID-AS, DE)
dm.hybrid.ai
2    185.15.175.131 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
1    84.38.189.213 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
dsp.mpartner.digital
1    52.211.32.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-32-112.eu-west-1.compute.amazonaws.com
euw-ice.360yield.com
1    195.201.198.232 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.232.198.201.195.clients.your-server.de
exchange.buzzoola.com
2    217.199.220.44 (Russian Federation)

ASN61400 (NETRACK-AS, RU)
PTR: s4.kimberlite.io
kimberlite.io
2    217.66.147.36 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-36-147-66-217.spbmts.ru
sm.rtb.mts.ru
3    217.66.147.39 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-39-147-66-217.spbmts.ru
vma.mts.ru
2    213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
1    178.170.192.140 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)
mts-dsp-sync.rutarget.ru
1    217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
2    167.235.186.124 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.124.186.235.167.clients.your-server.de
nr.bidderstack.com
1    91.192.150.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru
profile.ssp.rambler.ru
2    193.232.148.142 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.sender.ltmse.com
px.adhigh.net
1    104.26.14.69 (None, )

ASN13335 (CLOUDFLARENET, US)
rtb-eu-warsaw.intent.ai
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    77.244.216.90 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
shopnetic.com
2    95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de
sonar.semantiqo.com
1    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
2    81.222.128.213 (Kazan', Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru
ssp.adriver.ru
3    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    188.40.68.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.68.40.188.clients.your-server.de
sync.dmp.otm-r.com
2    188.42.105.220 (Luxembourg)

ASN7979 (SERVERS-COM, US)
sync.gonet-ads.com
2    176.9.8.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-21.community.moscow
sync.upravel.com
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
1    188.72.107.205 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)
PTR: fr05.segmento.ru
yandex-dmp-sync.rutarget.ru
1    178.170.196.176 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)
PTR: fr13.segmento.ru
yandex-sync.rutarget.ru
4    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
www.gstatic.com
20    216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f1.1e100.net
tpc.googlesyndication.com
2    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f10.1e100.net
imasdk.googleapis.com
5    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
www.googleadservices.com
1    13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
cdn.adnxs.com
3    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
6    209.85.200.120 (United States)

ASN15169 (GOOGLE, US)
PTR: jl-in-f120.1e100.net
csi.gstatic.com
1    64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net
bid.g.doubleclick.net
1    91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    52.28.254.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-225.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    18.169.174.187 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-174-187.eu-west-2.compute.amazonaws.com
ag.innovid.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
1    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
gcdn.2mdn.net
2    74.125.100.199 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s45-in-f7.1e100.net
r2---sn-5hne6nz6.c.2mdn.net
3    23.212.110.136 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-110-136.deploy.static.akamaitechnologies.com
www.bing.com
3    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    54.77.159.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-159-200.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    37.157.2.230 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
ade.googlesyndication.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
60 yandex.ru
yandex.ru — Cisco Umbrella Rank: 2221
mc.yandex.ru — Cisco Umbrella Rank: 4182
an.yandex.ru — Cisco Umbrella Rank: 5624
log.strm.yandex.ru — Cisco Umbrella Rank: 18995
strm.yandex.ru — Cisco Umbrella Rank: 16681
ysa-static.passport.yandex.ru Failed
311 KB
60 oir.mobi
oir.mobi
5 MB
38 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
ade.googlesyndication.com — Cisco Umbrella Rank: 293
454 KB
31 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
177 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
184 KB
15 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8902
5 KB
12 yastatic.net
yastatic.net — Cisco Umbrella Rank: 7053
463 KB
8 yandex.net
avatars.mds.yandex.net — Cisco Umbrella Rank: 8323
favicon.yandex.net — Cisco Umbrella Rank: 11065
ext-strm-itt10.strm.yandex.net — Cisco Umbrella Rank: 265778
728 KB
7 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 35373
vma.mts.ru — Cisco Umbrella Rank: 38278
tech.rtb.mts.ru — Cisco Umbrella Rank: 41213
5 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
139 KB
4 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1605
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997
29 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1601
3 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
15 KB
3 bing.com
www.bing.com — Cisco Umbrella Rank: 60
24 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r2---sn-5hne6nz6.c.2mdn.net — Cisco Umbrella Rank: 352741
4 MB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
3 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
192 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3569
2 KB
3 rutarget.ru
mts-dsp-sync.rutarget.ru — Cisco Umbrella Rank: 70348
yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 73748
yandex-sync.rutarget.ru — Cisco Umbrella Rank: 74165
1 KB
3 acint.net
acint.net — Cisco Umbrella Rank: 22820
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 13957
1 KB
2 upravel.com
sync.upravel.com — Cisco Umbrella Rank: 39531
1 KB
2 gonet-ads.com
sync.gonet-ads.com — Cisco Umbrella Rank: 27586
578 B
2 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 28099
402 B
2 semantiqo.com
sonar.semantiqo.com — Cisco Umbrella Rank: 71966
974 B
2 shopnetic.com
shopnetic.com — Cisco Umbrella Rank: 65820
545 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 19855
811 B
2 bidderstack.com
nr.bidderstack.com — Cisco Umbrella Rank: 41428
566 B
2 kimberlite.io
kimberlite.io — Cisco Umbrella Rank: 31118
1 KB
2 digitaltarget.ru
dmg.digitaltarget.ru — Cisco Umbrella Rank: 23862
1 KB
2 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 33009
516 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24651
534 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
443 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
363 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
759 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
587 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 6100
669 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1771
296 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
149 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
463 B
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4453
38 KB
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 25004
69 B
1 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 12199
332 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 9014
203 B
1 intent.ai
rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 69865
816 B
1 rambler.ru
profile.ssp.rambler.ru — Cisco Umbrella Rank: 49143
228 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 40078
262 B
1 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 21833
178 B
1 360yield.com
euw-ice.360yield.com — Cisco Umbrella Rank: 12955
199 B
1 mpartner.digital
dsp.mpartner.digital — Cisco Umbrella Rank: 56852
374 B
1 tns-counter.ru
cm.tns-counter.ru — Cisco Umbrella Rank: 71171
386 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1750
202 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
466 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
146 B
1 digital-services.solutions
yandex.digital-services.solutions — Cisco Umbrella Rank: 37161
274 B
1 mail.ru
ad.mail.ru — Cisco Umbrella Rank: 11550
548 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 35324
241 B
1 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 26803
698 B
1 arcspire.io
px.arcspire.io — Cisco Umbrella Rank: 68345
317 B
0 whiteboxdigital.ru Failed
mitdmp.whiteboxdigital.ru Failed
276 66
Domain Requested by
60 oir.mobi 1 redirects oir.mobi
27 an.yandex.ru yandex.ru
oir.mobi
25 yandex.ru 10 redirects oir.mobi
yandex.ru
yastatic.net
20 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
17 pagead2.googlesyndication.com oir.mobi
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
15 mc.yandex.com 3 redirects oir.mobi
mc.yandex.ru
15 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
14 cm.g.doubleclick.net oir.mobi
googleads.g.doubleclick.net
12 yastatic.net yandex.ru
yastatic.net
oir.mobi
6 csi.gstatic.com imasdk.googleapis.com
6 fonts.gstatic.com fonts.googleapis.com
6 mc.yandex.ru 2 redirects oir.mobi
yastatic.net
5 fonts.googleapis.com oir.mobi
googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
4 ads.betweendigital.com 3 redirects oir.mobi
4 avatars.mds.yandex.net oir.mobi
4 cdnjs.cloudflare.com oir.mobi
cdnjs.cloudflare.com
3 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
3 www.bing.com 1 redirects googleads.g.doubleclick.net
3 pm.w55c.net 3 redirects
3 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 sync.bumlam.com 2 redirects oir.mobi
3 vma.mts.ru 3 redirects
3 acint.net 3 redirects
3 favicon.yandex.net oir.mobi
2 c1.adform.net 2 redirects
2 www.googleadservices.com oir.mobi
2 r2---sn-5hne6nz6.c.2mdn.net oir.mobi
2 um.simpli.fi 2 redirects
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 x01.aidata.io 2 redirects
2 sync.upravel.com 2 redirects
2 sync.gonet-ads.com 2 redirects
2 ssp.adriver.ru oir.mobi
2 sonar.semantiqo.com 1 redirects oir.mobi
2 shopnetic.com 1 redirects oir.mobi
2 px.adhigh.net 2 redirects
2 nr.bidderstack.com 1 redirects
2 tech.rtb.mts.ru 2 redirects
2 sm.rtb.mts.ru 2 redirects
2 kimberlite.io 2 redirects
2 dmg.digitaltarget.ru 2 redirects
2 dm.hybrid.ai oir.mobi
2 cr.frontend.weborama.fr 1 redirects oir.mobi
2 dpm.demdex.net 1 redirects oir.mobi
1 googleads4.g.doubleclick.net
1 ade.googlesyndication.com
1 onetag-sys.com 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 gcdn.2mdn.net 1 redirects
1 ius.ctnsnet.com 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 s.tribalfusion.com oir.mobi
1 a.tribalfusion.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net imasdk.googleapis.com
1 cdn.adnxs.com googleads.g.doubleclick.net
1 adsdk.microsoft.com googleads.g.doubleclick.net
1 yandex-sync.rutarget.ru 1 redirects
1 yandex-dmp-sync.rutarget.ru 1 redirects
1 sync.dmp.otm-r.com oir.mobi
1 counter.yadro.ru 1 redirects
1 s.uuidksinc.net 1 redirects
1 rtb-eu-warsaw.intent.ai oir.mobi
1 profile.ssp.rambler.ru 1 redirects
1 match.new-programmatic.com 1 redirects
1 mts-dsp-sync.rutarget.ru 1 redirects
1 exchange.buzzoola.com 1 redirects
1 euw-ice.360yield.com oir.mobi
1 dsp.mpartner.digital 1 redirects
1 cm.tns-counter.ru 1 redirects
1 sync.adkernel.com oir.mobi
1 t.adx.opera.com oir.mobi
1 x.bidswitch.net oir.mobi
1 yandex.digital-services.solutions 1 redirects
1 ad.mail.ru oir.mobi
1 im.bluevoox.com oir.mobi
1 ssp-rtb.sape.ru 1 redirects
1 px.arcspire.io 1 redirects
1 ext-strm-itt10.strm.yandex.net oir.mobi
1 strm.yandex.ru 1 redirects
1 log.strm.yandex.ru yastatic.net
0 mitdmp.whiteboxdigital.ru Failed oir.mobi
0 ysa-static.passport.yandex.ru Failed oir.mobi
276 88

This site contains links to these domains. Also see Links.

Domain
pikuli.top
dogs.oir.mobi
Subject Issuer Validity Valid
oir.mobi
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-10-26 -
2024-04-24		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-07-10 -
2024-01-07		 6 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.avatars.yandex.net
GlobalSign RSA OV SSL CA 2018		 2023-09-11 -
2024-04-12		 7 months crt.sh
favicon.yandex.net
GlobalSign ECC OV SSL CA 2018		 2023-10-19 -
2024-03-19		 5 months crt.sh
log.strm.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2023-09-16 -
2024-02-13		 5 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2023-09-14 -
2024-09-13		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
intent.ai
GTS CA 1P5		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2023-03-07 -
2024-04-07		 a year crt.sh
*.bumlam.com
R3		 2023-10-16 -
2024-01-14		 3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G4		 2023-06-19 -
2024-07-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-10-11 -
2024-04-08		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.innovid.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-04-14		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05		 2023-10-18 -
2024-06-27		 8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-11-14 -
2024-01-23		 2 months crt.sh

This page contains 20 frames:

Primary Page: https://oir.mobi/
Frame ID: 2CDDE6070145234682C17B5C80AB7B87
Requests: 119 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 3218BD0DAE1741E1579EEA5F8DC9F926
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&adk=1812271804&adf=3025194257&lmt=1702108934&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Foir.mobi%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108934265&bpp=3&bdt=1015&idt=619&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7928445878926&frm=20&pv=2&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=637
Frame ID: A1888BCC8FDB66D0BA7C6D9CCBB7BD30
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 31CF68114C4EF3DA4BBD0024AC955783
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Frame ID: 9288CA5CFE66637EF24DD63FF267A987
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=2110872751&pi=t.aa~a.391652048~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280&nras=3&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=14
Frame ID: 6DF594DBD4AAC681D61E322458A90475
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Frame ID: 1C25B6CB08E54C2F6AEFC901C3E51580
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=2073156596&pi=t.aa~a.270127160~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280%2C497x280&nras=5&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=2269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=18
Frame ID: 48D0A4EF27E1A052E7A497A61AD4A473
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=200&adk=2450812730&adf=3215368764&pi=t.aa~a.391904162~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x200&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280%2C497x280%2C497x280&nras=6&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=19
Frame ID: 10AF34DD0D7826E78B9BDD93A9027979
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: BA1AE070698905B65361039424940B1B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 54ABAC4DF9ED7B5E9CED5F06B80B356C
Requests: 29 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1D16B9BB40FDB2E08D2BAC3D78C7D251
Requests: 7 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 1CF42B313B626150A3ECFA9FF46700D1
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C81DF3E05A8CA95F3C5E7DB5941208B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 990A79F3CD3D2A389E9CC98716A6AFF0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: B2324824746EA167D0974ABB29E54DA7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 99897EBAA567C3C8AFB01955B0080B5E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A29A7B5F68494878B5DB4373208C2897
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1CA7A7C88BA2D8A4122F1BFB0F6EAAF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F36946D40790E0318568AE2C08BD411
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OIR.mobi - сток - скачать картинки на рабочий стол. Обои на телефон

Page URL History Show full URLs

  1. http://oir.mobi/ HTTP 301
    https://oir.mobi/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

276
Requests

81 %
HTTPS

0 %
IPv6

66
Domains

88
Subdomains

52
IPs

15
Countries

12301 kB
Transfer

16712 kB
Size

84
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://oir.mobi/ HTTP 301
    https://oir.mobi/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10212.8_IMXeJsWT04MJ5rqrix2sAhTwoQGAdAXzexvyX7SJ_UF_NQVpfmPeRxqG2S5_QL.RGAILc6j8aNYJwRZHKbTHHXWoTA%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10212.mnGoLFSCu53pm6Zv3c57l_6iN5IWSlWXuYUDb44tKDsWP43c2fc8U7ogXNNr6byDmEFQkIPyNMO3prxU0tb7gTQj0uKgi0pnsfiyOQSqBrn7ZtC5gTSp72GxzDMB2Fsc8vRj768ffDKjEiJ8sCTBkYdCxEuVIDM1izI2Rccl44jQvY81igHxlEJAVEelBwzLAdT9TQGQqYMRz9pqBWS8JlX3Yhw9-_sjQ2twnslLsug%2C.Phf5mh3CL9lVssVbc5QMLXPIdvs%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10212.ZbzOMSb61kAL8JLrK6qY5xS29uUJMQwTGiLdcST6CZywlwibX3OXHE6Iw5_wHcjri65Eo4C3CPzwsO58ePIJJcIx58tD2Umbc_G2qVXXEWiczcWopFblQeOx6BLrWc8a3eoJhCCzkr_dof7lJQYpnAkJU00jstyq224o00bVP7Y1grhFHKOsP_yaKZ0VAxLp1PnVzfhzsn7sd83e2xXB1A%2C%2C.9f9OuAsW3i-292cZKJq3T8fZMxY%2C
Request Chain 80
  • https://mc.yandex.com/watch/51579212?wmode=7&page-url=https%3A%2F%2Foir.mobi%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A861%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1331440757206%3Ahid%3A540026713%3Az%3A60%3Ai%3A20231209090214%3Aet%3A1702108934%3Ac%3A1%3Arn%3A843075844%3Arqn%3A1%3Au%3A1702108934929577500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C94%2C98%2C1%2C188%2C0%2C%2C493%2C4%2C%2C%2C%2C1228%3Aco%3A0%3Acpf%3A1%3Ans%3A1702108932869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702108935%3At%3AOIR.mobi%20-%20%D1%81%D1%82%D0%BE%D0%BA%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB.%20%D0%9E%D0%B1%D0%BE%D0%B8%20%D0%BD%D0%B0%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/51579212/1?wmode=7&page-url=https%3A%2F%2Foir.mobi%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A861%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1331440757206%3Ahid%3A540026713%3Az%3A60%3Ai%3A20231209090214%3Aet%3A1702108934%3Ac%3A1%3Arn%3A843075844%3Arqn%3A1%3Au%3A1702108934929577500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C94%2C98%2C1%2C188%2C0%2C%2C493%2C4%2C%2C%2C%2C1228%3Aco%3A0%3Acpf%3A1%3Ans%3A1702108932869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702108935%3At%3AOIR.mobi%20-%20%D1%81%D1%82%D0%BE%D0%BA%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB.%20%D0%9E%D0%B1%D0%BE%D0%B8%20%D0%BD%D0%B0%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Request Chain 99
  • https://mc.yandex.ru/watch/39370120?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934 HTTP 302
  • https://mc.yandex.ru/watch/39370120/1?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934
Request Chain 101
  • https://strm.yandex.ru/vh-canvas-converted/vod-content/422371330114943489/0cd1872c-2279-4189-9481-edf36939df3b/webm/VP8_240_426_500.webm?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934 HTTP 302
  • https://ext-strm-itt10.strm.yandex.net/vh-canvas-converted/vod-content/422371330114943489/0cd1872c-2279-4189-9481-edf36939df3b/webm/VP8_240_426_500.webm?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934&noredir=1&lid=1529
Request Chain 109
  • https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
  • https://an.yandex.ru/mapuid/arcspireis/c4b185eaeb485312881a42
Request Chain 110
  • https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=2903420A081F74652000D90A02F8FAE2&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
  • https://an.yandex.ru/mapuid/sapeis/0100007F071F74655E105E1A022A1954
Request Chain 111
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1&rts=8652532877544122312 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/845d3fc3-d67a-5257-b9bf-608fdccb7f88
Request Chain 112
  • https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=93642606882B502D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=93642606882B502D
Request Chain 113
  • https://yandex.ru/an/mapuid/betweenx/ HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E692A1DE9BE53A8F HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E692A1DE9BE53A8F&crf=1&rts=-932525568820568088
Request Chain 114
  • https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
  • https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D1E8B7D81265A8E2
Request Chain 115
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 116
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 117
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 118
  • https://yandex.ru/an/mapuid/mailweb/ HTTP 302
  • https://ad.mail.ru/cm.gif?p=155&id=2D0808CF2A189C64
Request Chain 119
  • https://yandex.ru/an/mapuid/minimobww/ HTTP 302
  • https://yandex.digital-services.solutions/api/sync?demand=YANV2EU&userid=D93CC277A4695803&expires=1&usergroup=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=469&user_id=D93CC277A4695803&expires=1&user_group=1
Request Chain 120
  • https://yandex.ru/an/mapuid/operacom/ HTTP 302
  • https://t.adx.opera.com/sync?vendor=60143&uid=1C6D042AD0DD99F4
Request Chain 122
  • https://yandex.ru/an/mapuid/xapadsssp/ HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=8754C7A625357E1E
Request Chain 124
  • https://cm.tns-counter.ru/yacm HTTP 302
  • https://an.yandex.ru/mapuid/mediascope/54630d496c6a04adb1ff86e57583df533ec3a5ea680d7f714d7b68d119a1a146
Request Chain 125
  • https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F{WEBO_CID} HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1108125624
Request Chain 128
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1702108934 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1702108935760&i=1702108934 HTTP 307
  • https://an.yandex.ru/mapuid/dmpamberdata/hNZvfxhy0ez5BQn7TrkP
Request Chain 129
  • https://dsp.mpartner.digital/dmp/syncsspdmp?sspid=4 HTTP 301
  • https://an.yandex.ru/mapuid/mediasurferis/kELIUATkLZehJQuSoKQceUjpirzzJyqk
Request Chain 131
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
  • https://an.yandex.ru/mapuid/buzzooladspis/33a5f3e9-f5a7-45b5-4883-e8af277fba30
Request Chain 132
  • https://kimberlite.io/rtb/sync/yandex HTTP 307
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZXQfB6WnaT4 HTTP 301
  • https://vma.mts.ru/match/second?ssp=59&exu=ZXQfB6WnaT4 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=9d4b356c-47f8-42c8-baa4-b91b59889bf3&return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D3%2526ssp%253Dsegmento%2526id%253D%2524%257BRUTARGET_VISITOR_ID%257D HTTP 302
  • https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D HTTP 302
  • https://vma.mts.ru/em?next=59&em=3&ssp=segmento&id=xmhqMMA00t5o HTTP 301
  • https://kimberlite.io/rtb/sync/mts?u=ef5239ef-cfec-4ab4-91d8-b34000b93023 HTTP 307
  • https://an.yandex.ru/mapuid/soltadspis/ZXQfB6WnaT4
Request Chain 133
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/
Request Chain 135
  • https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id} HTTP 302
  • https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1
Request Chain 136
  • https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
  • https://an.yandex.ru/mapuid/ramblerssp/
Request Chain 137
  • https://px.adhigh.net/p/cm/yandexssp HTTP 302
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
  • https://an.yandex.ru/mapuid/getintentis/8BXx1wR6W5y.AikABlGMTZk40Q
Request Chain 139
  • https://s.uuidksinc.net/match/501 HTTP 302
  • https://an.yandex.ru/mapuid/kadamis/LQr7pdi94RV7gWSaulti
Request Chain 140
  • https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex HTTP 302
  • https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1
Request Chain 141
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
  • https://vma.mts.ru/match/second?ssp=55 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=ef5239ef-cfec-4ab4-91d8-b34000b93023&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fef5239ef-cfec-4ab4-91d8-b34000b93023 HTTP 302
  • https://an.yandex.ru/mapuid/mtsdspis/ef5239ef-cfec-4ab4-91d8-b34000b93023
Request Chain 142
  • https://sonar.semantiqo.com/dmp/scr.php HTTP 302
  • https://counter.yadro.ru/id127/reff-id.gif?sid=9bf4141e0d254e87a98069c2a8a21d16 HTTP 302
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=9bf4141e0d254e87a98069c2a8a21d16
Request Chain 146
  • https://sync.bumlam.com/?src=yandex2 HTTP 302
  • https://sync.bumlam.com/?src=yandex2&s_data=CAIQARiIvtCrBqIBEETrFT6WaRHuhuAAJZDAZHw* HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/44eb153e-9669-11ee-86e0-002590c0647c
Request Chain 148
  • https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
  • https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 HTTP 302
  • https://an.yandex.ru/mapuid/gonetisnew/NzM4MzI5M2NhNTYzYjVlMg
Request Chain 149
  • https://sync.upravel.com/yandex/sync HTTP 302
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
  • https://an.yandex.ru/mapuid/upravelis/6a8a06a8-3496-4034-bfae-ad670a9c283c
Request Chain 150
  • https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
  • https://an.yandex.ru/mapuid/dmpaidatame/a%2BVcOWZAE9Go7RWKslUH9g?sign=1049403318
Request Chain 151
  • https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/dmpsegmento/opKou4nklg6W?sign=2822324777
Request Chain 152
  • https://yandex-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/rutargetis/nsWqe5-GuLCX
Request Chain 211
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJZG0ZGjB1i5kE3mWfKDwW0&google_cver=1&google_push=AXcoOmRLMntdgpEz7TK-beGcL-iQHeDACmpdkkZeTOcQMj8OxbGjavNYcBMk-yPpBTnyH3g2IB5Q_9VbnckiwUnUOc3to-VRzNF5A5sow6HNcDL2nLNwepYRWW_37gO8tdYBJP49VxJ2PCT5ScgKM9ZV4TJr00Y HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJZG0ZGjB1i5kE3mWfKDwW0&google_cver=1&google_push=AXcoOmRLMntdgpEz7TK-beGcL-iQHeDACmpdkkZeTOcQMj8OxbGjavNYcBMk-yPpBTnyH3g2IB5Q_9VbnckiwUnUOc3to-VRzNF5A5sow6HNcDL2nLNwepYRWW_37gO8tdYBJP49VxJ2PCT5ScgKM9ZV4TJr00Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXVHbzl4ZGIxUmJTaFc1&google_gid=CAESEJZG0ZGjB1i5kE3mWfKDwW0&google_cver=1&google_push=AXcoOmRLMntdgpEz7TK-beGcL-iQHeDACmpdkkZeTOcQMj8OxbGjavNYcBMk-yPpBTnyH3g2IB5Q_9VbnckiwUnUOc3to-VRzNF5A5sow6HNcDL2nLNwepYRWW_37gO8tdYBJP49VxJ2PCT5ScgKM9ZV4TJr00Y
Request Chain 212
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENAVN0AXIYWyanPtnJ4orJQ&google_cver=1&google_push=AXcoOmR2pEtPz1uQmpiaDROTbEh4EGPrZjzv7bA8P1dH2BurMoJNi68leZhAupfoSW5JM-N44sqnWKZcaHJs30t2-LXuhLb9yzW9YvSxWpkTxb6NRgA3PhNngyvcA5Wa_aZJW1f4IAoaGyHuvm76q6baHN1LhvI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR2pEtPz1uQmpiaDROTbEh4EGPrZjzv7bA8P1dH2BurMoJNi68leZhAupfoSW5JM-N44sqnWKZcaHJs30t2-LXuhLb9yzW9YvSxWpkTxb6NRgA3PhNngyvcA5Wa_aZJW1f4IAoaGyHuvm76q6baHN1LhvI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENAVN0AXIYWyanPtnJ4orJQ&google_cver=1&google_push=AXcoOmR2pEtPz1uQmpiaDROTbEh4EGPrZjzv7bA8P1dH2BurMoJNi68leZhAupfoSW5JM-N44sqnWKZcaHJs30t2-LXuhLb9yzW9YvSxWpkTxb6NRgA3PhNngyvcA5Wa_aZJW1f4IAoaGyHuvm76q6baHN1LhvI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR2pEtPz1uQmpiaDROTbEh4EGPrZjzv7bA8P1dH2BurMoJNi68leZhAupfoSW5JM-N44sqnWKZcaHJs30t2-LXuhLb9yzW9YvSxWpkTxb6NRgA3PhNngyvcA5Wa_aZJW1f4IAoaGyHuvm76q6baHN1LhvI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 213
  • https://um.simpli.fi/gp_match?google_gid=CAESEDTl8NSjIMRPblUzr1SLA2Q&google_cver=1&google_push=AXcoOmRsMi6YT0nViE5osQhm9-JYM_tl17WhYZXGLvsIngM__0NdaFH_8CY5_WraoErs4KTVV8L-XFd_UNYn--6X8wSeLCgMdPiUT43LH5OP31IElPNrd64H564404sJuRpEMyabXVlxrvGs5E3Shmi6xJkXPig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF43A856C83248BD8AD0872D506CA7D3&google_push=AXcoOmRsMi6YT0nViE5osQhm9-JYM_tl17WhYZXGLvsIngM__0NdaFH_8CY5_WraoErs4KTVV8L-XFd_UNYn--6X8wSeLCgMdPiUT43LH5OP31IElPNrd64H564404sJuRpEMyabXVlxrvGs5E3Shmi6xJkXPig
Request Chain 216
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJ86ONC0qNaT48RUxqVCLHs&google_cver=1&google_push=AXcoOmQspSjSgGXZpOsvyzlYxWQ8wAyM81Zd7KeXYL73gq673hL844wy_8lqDw_8bhjmt1UugzFFyT6aic2QQANcNnC4msXTBXYBLqDNim997H5QaxelVCnVbo4V6sCDOlCxHd9qogkSnJg1Y-FsJo9_eWTtUnwB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQspSjSgGXZpOsvyzlYxWQ8wAyM81Zd7KeXYL73gq673hL844wy_8lqDw_8bhjmt1UugzFFyT6aic2QQANcNnC4msXTBXYBLqDNim997H5QaxelVCnVbo4V6sCDOlCxHd9qogkSnJg1Y-FsJo9_eWTtUnwB&google_hm=aXab_pWeQjS7WRwa3rUNC7E
Request Chain 224
  • https://gcdn.2mdn.net/videoplayback/id/d29f08b200543711/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733644936/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/414C952A45E5962BA9B52A3EA53AB62652CC9ACD.0ADB7ABA3AC2974028C956B097098293ADC9F8D6/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-5hne6nz6.c.2mdn.net/videoplayback/id/d29f08b200543711/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733644936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1087FE8CBE61C35BF6FE72B4C4C54515847E243F.31E96D39DB52D85CD116063D4AEB61FBD15A8804/key/cms1/cms_redirect/yes/mh/M7/mip/146.70.85.177/mm/42/mn/sn-5hne6nz6/ms/onc/mt/1702022439/mv/m/mvi/2/pl/24/file/file.mp4
Request Chain 226
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CoYABBx90ZZXtLrCD5LcP14uFgA6u6O3tc4mB-oOpEsCNtwEQASDkn8snYOnkyYXYGqABiMWEggPIAQmpAkh7egEDqpA-qAMByAPLBKoEuQFP0B3c_LnmJKBWXasCfH0tMCZ_-W3QoupXCdqu2vpVk1yNr6aV-gvRyakwn1AZNIc9bJY_3wL97gtJlt1BRF5nDOP2AWLuM4YsgFE0BjfLY9USBlxPUzaW4PmDYkoMVDPby1km2RMThuAqR8wetZKqriDKqEYYXN5-GtKd1j8L1dUzHvaTNsHHIZaF0gzJqJ_rXyvDcKK-0Fax1dLC7uA2eIPMiaI9hpi83cTBZtVdg6iXUD8G2iqmYMAE0dnKnL8EiAWHk-WTTaAGLoAH4Lr7fagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcDEJA10ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlitxezz8YGDA5oJTWh0dHBzOi8vZHVibmlja2kucmVuYXVsdC5wbC9zYW1vY2hvZHktbm93ZS9zYW1vY2hvZHktb3NvYm93ZS9hdXN0cmFsL2F1c3RyYWwvgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNzYxNTU3MDU2NjMzMTI4NRgA&sigh=s-qD4bHHAaE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNIIIRMqC0AU16ZTqmly7ZOfrN_G_xcAO6aiAzqLo9GkUGg6WaKTLLVH734uUPTQlDrsgfezEoyBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228251321029201571183%22,%22debug_reporting%22:true,%22destination%22:%22https://renault.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22809575048%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222870989429728874961%22}&andc=true
Request Chain 231
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=001c6f92-f4d2-48ef-b246-ec41615ee9ae&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=829c3629-f081-4ee0-b0b8-4de0decd2777&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D2f221a7bb4464af0b422d67b9e6dbf50%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=4116189828411310295 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2f221a7bb4464af0b422d67b9e6dbf50&SNR=1&GV=2&med=10
Request Chain 239
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOOIILRAv09O70PoSH6hNQw&google_cver=1&google_push=AXcoOmQWhpuP9Zrhn7NaBdrzjUD0qMR6NVj3SJLsrBmDEZcd4cgEv4N5h-ZLjKc831tW3M2z7ItLS7EDrQEsVMHJNYCTV0XS17zIMHA6nuHT5TOJVP8lqWwqS9qwwgZWsPMAv50h-RzfN0-rsQAgH-xREJMHw9k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXVHbzl4ZGIxUmJTaFc1&google_gid=CAESEOOIILRAv09O70PoSH6hNQw&google_cver=1&google_push=AXcoOmQWhpuP9Zrhn7NaBdrzjUD0qMR6NVj3SJLsrBmDEZcd4cgEv4N5h-ZLjKc831tW3M2z7ItLS7EDrQEsVMHJNYCTV0XS17zIMHA6nuHT5TOJVP8lqWwqS9qwwgZWsPMAv50h-RzfN0-rsQAgH-xREJMHw9k
Request Chain 240
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOd_A_cZoM4SGfT_sXZoOQM&google_cver=1&google_push=AXcoOmRANAD_0PywOC31-rsR3yAT5H_Y_b_9ZcOf7EmnGxkRMs-GBY7otdDki6nhm-5Y6MH1gekTTfa4mN3H63Z2ncA4G0H_0Tvz-LetiVWtayYvKRXXcmYEAm2l2xe9014RimTRV8jqGsnqYCGErEX55dz1cg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOd_A_cZoM4SGfT_sXZoOQM&google_push=AXcoOmRANAD_0PywOC31-rsR3yAT5H_Y_b_9ZcOf7EmnGxkRMs-GBY7otdDki6nhm-5Y6MH1gekTTfa4mN3H63Z2ncA4G0H_0Tvz-LetiVWtayYvKRXXcmYEAm2l2xe9014RimTRV8jqGsnqYCGErEX55dz1cg
Request Chain 241
  • https://um.simpli.fi/gp_match?google_gid=CAESEEk7IOLROY3mkiHd9iImXds&google_cver=1&google_push=AXcoOmT-DGTIB5xMX6cxMq6TGPrbalqIlDl8JtmeKfkSdWVAvJmYGOnIrXYJxG_S2kZCloWaBtl-Gxnmg2Utrpp-pd4C_i6St5nl8VOODxKH7bTkEiz1Ki7C_xft0o5T8ZjYhWztTXf-TyCwan1zWhHp2j2lP10 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF43A856C83248BD8AD0872D506CA7D3&google_push=AXcoOmT-DGTIB5xMX6cxMq6TGPrbalqIlDl8JtmeKfkSdWVAvJmYGOnIrXYJxG_S2kZCloWaBtl-Gxnmg2Utrpp-pd4C_i6St5nl8VOODxKH7bTkEiz1Ki7C_xft0o5T8ZjYhWztTXf-TyCwan1zWhHp2j2lP10
Request Chain 242
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEGn2keJwaUBmNn9HEzS33k&google_cver=1&google_push=AXcoOmR_9snLJ86fGoDkYbJaB3MAfMtO-k1Zf2miT1_Zx_J4AoD1z0Z3WlnZwpWPBR96KloFpX0nwyErMaLMzgY0HtrSI0WTN9rV98cJoRVufNdDCT4eZCqbqB96IZne5cIjhSzdajSIUm-XRT34OWBHlobTx7w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR_9snLJ86fGoDkYbJaB3MAfMtO-k1Zf2miT1_Zx_J4AoD1z0Z3WlnZwpWPBR96KloFpX0nwyErMaLMzgY0HtrSI0WTN9rV98cJoRVufNdDCT4eZCqbqB96IZne5cIjhSzdajSIUm-XRT34OWBHlobTx7w&google_hm=eS14MklxaHFSRTJwSHZKQXdGRVRLaG1RNGNhZkNnLjVlaX5B
Request Chain 244
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEmNq8RKCYaGVA9q62WtfJY&google_cver=1&google_push=AXcoOmRHe-KuwiVqkVYWhiecCpyM3MWMhAv3q7NAKkEMgrUSImcZDcl11RHWzTzQ9rhIPLZ2Z1VCCd-D5RP7XaOIRs9hIDD2cnYA4n97FFjEJmwrTpSIsCbLxiQVqDQANl6fbu4wSoNF46QHGNKsTks86SgB02I HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEmNq8RKCYaGVA9q62WtfJY&google_cver=1&google_push=AXcoOmRHe-KuwiVqkVYWhiecCpyM3MWMhAv3q7NAKkEMgrUSImcZDcl11RHWzTzQ9rhIPLZ2Z1VCCd-D5RP7XaOIRs9hIDD2cnYA4n97FFjEJmwrTpSIsCbLxiQVqDQANl6fbu4wSoNF46QHGNKsTks86SgB02I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA0MTExMjYyOTA2MDM0MjkyNg&google_push=AXcoOmRHe-KuwiVqkVYWhiecCpyM3MWMhAv3q7NAKkEMgrUSImcZDcl11RHWzTzQ9rhIPLZ2Z1VCCd-D5RP7XaOIRs9hIDD2cnYA4n97FFjEJmwrTpSIsCbLxiQVqDQANl6fbu4wSoNF46QHGNKsTks86SgB02I
Request Chain 245
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEL_67N4Rsr-VusZbqF8gxTc&google_cver=1&google_push=AXcoOmRYjlIVmUe59nd3uadmVgki1EPHQDU-idzmWOVA5KEK1n880MWJ76hxttpNE0ZaYSUzWXX3k5y0lovmduEKBo4wyt_dehPhfVkHuFRVOSJzeYBos-gahIX0cmarbZ0tGBQxt50X-PPgg-kpaZHpavRoXQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRYjlIVmUe59nd3uadmVgki1EPHQDU-idzmWOVA5KEK1n880MWJ76hxttpNE0ZaYSUzWXX3k5y0lovmduEKBo4wyt_dehPhfVkHuFRVOSJzeYBos-gahIX0cmarbZ0tGBQxt50X-PPgg-kpaZHpavRoXQ

276 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oir.mobi/
Redirect Chain
  • http://oir.mobi/
  • https://oir.mobi/
36 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
81bb98d4a0bc6fd7dca9614cae0dd9a18a0c204f09da2110fb2b7f7970ec71f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
7787
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 08:02:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sat, 09 Dec 2023 08:02:13 GMT
Location
https://oir.mobi/
Server
nginx
Strict-Transport-Security
max-age=63072000
styles.css
oir.mobi/templates/lustful-firefly-utf8/style/ 		27 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/templates/lustful-firefly-utf8/style/styles.css
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
81b205e6a0b490a0ba2688cd5f6e3c03f2fd17e282ea818a7aa2e89e52265f5c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:32:10 GMT
server
nginx
etag
W/"615af44a-6a77"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
engine.css
oir.mobi/templates/lustful-firefly-utf8/style/ 		91 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/templates/lustful-firefly-utf8/style/engine.css
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
027b7d7a9c8ca105320a7fe0a0abf87d66de50d44e790dd30256254c6a03e8c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 09 Jun 2020 14:40:56 GMT
server
nginx
etag
W/"5edf9f78-16b1e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,cyrillic
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 08:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 06:34:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 08:02:13 GMT
context.js
yandex.ru/ads/system/ 		342 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
147a7bc94dda95411d3b13b428129b5a112846e96e8e6a38a3c1dace5c39e0f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1702108934169698-11818097473309012045-balancer-l7leveler-kubr-yp-sas-24-BAL-5639
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 09 Dec 2023 09:02:14 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		1 KB
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
972331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
394
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-559"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPfDPZp2TOsVQctN9xN01Y6fSs1qjIN%2FYG5sN8JQwhLvyGJgnv%2B0gLm7q%2FDFRyloS6Aw5vN6bL46UWoFFmRS0wY%2F2z9VC0aS9BJv311iBbEBzG8hI9Vi1iYPElBzwBXzEoTOkBQG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832bb9834e2e5c5c-FRA
expires
Thu, 28 Nov 2024 08:02:13 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		2 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
960621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
657
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-956"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHkQo6EUVmo3qrUuoZBwhiiq0mmBIVPYW5bhrJGKMAibj2jQ8qu1D92bOHb0xV%2FTXMvJAUC4v4I89HxaScbVw4OwVSdoGv4ESJGqz1D98y9HLy4kaBbHuhXimwR7tPAqSgrkZ%2BV0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832bb9834e2f5c5c-FRA
expires
Thu, 28 Nov 2024 08:02:13 GMT
entry.c8c4fc3036b9c78514f0.css
oir.mobi/dist/ 		1 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/dist/entry.c8c4fc3036b9c78514f0.css
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
06ddef982836b918541b610989e273047eabbbfb0b67afc2900b4df6699abba0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Sat, 02 Mar 2019 15:34:46 GMT
server
nginx
etag
W/"5c7aa296-498"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7615570566331285
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
874b14195ac3af37abf3e3d130aff9b797f0bb56dbe1fe82579854462ee882b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51957
x-xss-protection
0
server
cafe
etag
8146781017305841438
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:14 GMT
src.php
oir.mobi/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2020-01/thumbs/1579586525_1-p-narisovannie-litsa-devushek-1.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
155de2f33f92499a65d9400ee2d22b04ba9b1f837f14f592a84bc3ca54be2010
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
3939
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2020-12/thumbs/1606942939_13-p-chernii-gelik-40.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
2e454a4d7a8741141736b27a7eb4dacecff15d3aac442533696c6eb8813e73a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
5174
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2021-03/thumbs/1616374854_25-p-anime-art-devushka-na-avu-32.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
977db94c729df853ef606b19b3b7d8ab4df8f8c6e6bd8a7a8a5edf234e1bdcf9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
4285
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2020-01/thumbs/1579613030_1-p-zhenshchini-spinoi-u-morya-1.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
36f95aa2a76da6d772c4fe548a8bb1edd069b9ab87d90c1c8704ec9767f6918c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
3942
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2019-12/thumbs/1576671450_1-1.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b7c2612e05c6cd333836d9398b00f108936e534c99571500f38eb0ff8ab90a64
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
4718
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2021-04/1619166135_50-oir_mobi-p-domashnyaya-belka-zhivotnie-krasivo-foto-58.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
03924b0277bd9dadbf9b23e2a934dc9ed3b8a341a6e938a675e4506253fb7dbe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
4575
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2019-12/thumbs/1576027885_1-3.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7d511b3f05adad555db0604053bfc41cf2c4a1087ee2f02d1800a022af7d7ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
4829
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2020-01/1579665598_1-p-almaznie-mechi-mainkrafta-1.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8b9f23b825e597461cc3fba46fe2f98d63068cc910f9ae4cbabd6c67c5487b79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
3129
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2019-11/thumbs/1574915086_dlinnye-chernye-volosy-147.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b21054be553b7280ba08c1a7bfe4a15dcf58df05222720931725abc1361fa1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
4544
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2020-04/thumbs/1586451720_38-p-negri-52.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8e256ea8ede7c639ba943a43c960b44937258abe75c4e31c26b46561025a2b40
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
4356
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2021-05/thumbs/1622046623_60-oir_mobi-p-letnii-vecher-priroda-krasivo-foto-65.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
38f5cb82910c51861c505fb4d497ddc2be198bb1d25a94a806974a52b298f931
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
5102
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2019-12/thumbs/1576027706_1-1.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
950e669503ea0ba379b1864d59cb226bd553e4ecca5c7612aee805cead427559
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
3684
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2020-04/1585914298_31-p-posteri-k-rik-i-morti-58.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d920d67aacf754a02cd6914c898b7aaf5772a4ef8014ceaead5f563405d66f20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
3147
expires
Tue, 19 Dec 2023 08:02:13 GMT
src.php
oir.mobi/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/src.php?src=https://oir.mobi/uploads/posts/2020-01/thumbs/1578315176_3-4.jpg&w=100&h=100
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b8ffaeb4b75f963480c6d97a3cdca6f5bce9ad7baccb80ea938a80ae5657bcf7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 09 Dec 2023 08:02:13 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=864000, must-revalidate
accept-ranges
none
content-length
5250
expires
Tue, 19 Dec 2023 08:02:13 GMT
1616439467_45-p-belii-fon-chistii-dlya-fotoshopa-58.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616439467_45-p-belii-fon-chistii-dlya-fotoshopa-58.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7225e1625f71d4ee78959dfc9f65d6dd1434a99fe0e52ccfedcb9813da95a31
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Mon, 22 Mar 2021 18:56:31 GMT
server
nginx
etag
"6058e85f-407f"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
16511
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616530369_22-p-chisto-chernii-fon-25.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616530369_22-p-chisto-chernii-fon-25.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
af6a92c9491000145270d3426de49054973db74accd6d2d05c9e60aec2986e23
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Tue, 23 Mar 2021 20:12:04 GMT
server
nginx
etag
"605a4b94-457c"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
17788
expires
Thu, 31 Dec 2037 23:55:55 GMT
1618544203_32-oir_mobi-p-krasivie-zhivie-tsveti-tsveti-krasivo-foto-34.jpg
oir.mobi/uploads/posts/2021-04/thumbs/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-04/thumbs/1618544203_32-oir_mobi-p-krasivie-zhivie-tsveti-tsveti-krasivo-foto-34.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ae5210d5fd5720e90c16b23256979ebcf412fa079527249be73cdb9b2ff6a9ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Fri, 16 Apr 2021 03:35:33 GMT
server
nginx
etag
"60790605-1c07b"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
114811
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616374854_25-p-anime-art-devushka-na-avu-32.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616374854_25-p-anime-art-devushka-na-avu-32.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ad824274f0386af658ff46f7bbf671f47a94f6b58c62ce8c43f359691943000e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Mon, 22 Mar 2021 00:59:44 GMT
server
nginx
etag
"6057ec00-18c95"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
101525
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616973124_11-p-fon-dlya-rabochego-stola-zhivie-oboi-12.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616973124_11-p-fon-dlya-rabochego-stola-zhivie-oboi-12.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
55a874ede0056180157076616b16e067e73c6ab24aeee8d650b31529bec75ee8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sun, 28 Mar 2021 23:11:35 GMT
server
nginx
etag
"60610d27-26a61"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
158305
expires
Thu, 31 Dec 2037 23:55:55 GMT
1618316602_15-oir_mobi-p-samie-krasivie-rozi-tsveti-krasivo-foto-16.jpg
oir.mobi/uploads/posts/2021-04/thumbs/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-04/thumbs/1618316602_15-oir_mobi-p-samie-krasivie-rozi-tsveti-krasivo-foto-16.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
975cee13fb7bf50a9943336ebf6c05cab726cfbbbaa91b77c63e1cfd5257fb92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Tue, 13 Apr 2021 12:22:12 GMT
server
nginx
etag
"60758cf4-13eff"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
81663
expires
Thu, 31 Dec 2037 23:55:55 GMT
1579613030_1-p-zhenshchini-spinoi-u-morya-1.jpg
oir.mobi/uploads/posts/2020-01/thumbs/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2020-01/thumbs/1579613030_1-p-zhenshchini-spinoi-u-morya-1.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
447539f40d87e06a811c72d580e3a3f9b22191815936be0d9d7a8180f4b9b3f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Tue, 21 Jan 2020 13:22:51 GMT
server
nginx
etag
"5e26fb2b-17395"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
95125
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616527053_18-p-shkolnii-fon-21.png
oir.mobi/uploads/posts/2021-03/ 		417 KB
417 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/1616527053_18-p-shkolnii-fon-21.png
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0b471c88246e94ac65e70d670b8a474b8af3056c018aa8be2ec668bbbc93cc39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Tue, 23 Mar 2021 19:17:18 GMT
server
nginx
etag
"605a3ebe-68305"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
426757
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616993022_16-p-fon-dlya-teksta-s-ramkoi-20.png
oir.mobi/uploads/posts/2021-03/thumbs/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616993022_16-p-fon-dlya-teksta-s-ramkoi-20.png
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
1d28dec83b172991e04954c5415e727a80895070d6ec2fb3a052f7f0a0606d03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Mon, 29 Mar 2021 04:42:26 GMT
server
nginx
etag
"60615ab2-1ce6f"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
118383
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616699300_58-p-zhdun-krasivo-61.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616699300_58-p-zhdun-krasivo-61.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
198a94a76e607758440ffb8cc4a2fbb64f4159b79337c15c3e6f125d2236d016
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Thu, 25 Mar 2021 19:06:53 GMT
server
nginx
etag
"605cdf4d-bb4d"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
47949
expires
Thu, 31 Dec 2037 23:55:55 GMT
1578316251_1-2.jpg
oir.mobi/uploads/posts/2020-01/thumbs/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2020-01/thumbs/1578316251_1-2.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
04522f521840dc6edb4201648cb0f292393411fa4fc37a1a41be809f0218ae9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Mon, 06 Jan 2020 13:09:17 GMT
server
nginx
etag
"5e13317d-1f029"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
127017
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616551131_31-p-polnostyu-chernii-fon-34.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616551131_31-p-polnostyu-chernii-fon-34.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
afa9c0be53d2fb2839241a2ebafce04bce3480df9736a55141745d7e0a30e25f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Wed, 24 Mar 2021 01:58:32 GMT
server
nginx
etag
"605a9cc8-7f72"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
32626
expires
Thu, 31 Dec 2037 23:55:55 GMT
1618506778_9-oir_mobi-p-samie-nezhnie-tsveti-tsveti-krasivo-foto-9.jpg
oir.mobi/uploads/posts/2021-04/thumbs/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-04/thumbs/1618506778_9-oir_mobi-p-samie-nezhnie-tsveti-tsveti-krasivo-foto-9.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
50cd53439c9dfe3310b7b9cdc65fcc634e20faeb8ae28ebe6221b009294a08c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Thu, 15 Apr 2021 17:11:56 GMT
server
nginx
etag
"607873dc-1ab42"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
109378
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616564900_20-p-fon-kazakhskii-ornament-20.png
oir.mobi/uploads/posts/2021-03/thumbs/ 		328 KB
329 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616564900_20-p-fon-kazakhskii-ornament-20.png
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d7731154eeecc9f8248b7e02478a67cf6fb03f5a76dfdd61897725b964d5b129
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Wed, 24 Mar 2021 05:48:01 GMT
server
nginx
etag
"605ad291-521da"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
336346
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616114021_54-p-ochen-krasivii-manikyur-57.jpg
oir.mobi/uploads/posts/2021-03/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/1616114021_54-p-ochen-krasivii-manikyur-57.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
97360f85078f698bf0cbef51c524801cba10b1ddfd018447dced8abde3a5d934
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Fri, 19 Mar 2021 00:32:56 GMT
server
nginx
etag
"6053f138-1f268"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
127592
expires
Thu, 31 Dec 2037 23:55:55 GMT
1622046623_60-oir_mobi-p-letnii-vecher-priroda-krasivo-foto-65.jpg
oir.mobi/uploads/posts/2021-05/thumbs/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-05/thumbs/1622046623_60-oir_mobi-p-letnii-vecher-priroda-krasivo-foto-65.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
4910781e4d5d643737775bc6f4b2f83c299dcd2f6f62f8dd79eff5a1389ed8a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Wed, 26 May 2021 16:28:43 GMT
server
nginx
etag
"60ae773b-1a3f8"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
107512
expires
Thu, 31 Dec 2037 23:55:55 GMT
1661394377_30-oir-mobi-p-fon-uchun-rasmlar-instagram-58.jpg
oir.mobi/uploads/posts/2022-08/thumbs/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2022-08/thumbs/1661394377_30-oir-mobi-p-fon-uchun-rasmlar-instagram-58.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
4a515ed9afeaec617d37e1ad21d950486a74b4e070233b689ea9c4c88417a005
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Thu, 25 Aug 2022 02:24:59 GMT
server
nginx
etag
"6306dd7b-2c9f9"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
182777
expires
Thu, 31 Dec 2037 23:55:55 GMT
1606942939_13-p-chernii-gelik-40.jpg
oir.mobi/uploads/posts/2020-12/thumbs/ 		249 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2020-12/thumbs/1606942939_13-p-chernii-gelik-40.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
806410955231fff791cc4c111430dbbfcdd644b8f1c0d92cff6da2b180c732db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Wed, 02 Dec 2020 21:01:41 GMT
server
nginx
etag
"5fc800b5-3e570"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
255344
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616995869_7-p-traurnii-fon-7.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616995869_7-p-traurnii-fon-7.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
026477252fddb27ce4adf2e110bc7c3ffc62e43fe543596bf70c6f31a2659b87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Mon, 29 Mar 2021 05:30:39 GMT
server
nginx
etag
"606165ff-d14c"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
53580
expires
Thu, 31 Dec 2037 23:55:55 GMT
1630452571_44-oir-mobi-p-tsveti-dlya-virezaniya-tsveti-krasivo-foto-50.jpg
oir.mobi/uploads/posts/2021-09/thumbs/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-09/thumbs/1630452571_44-oir-mobi-p-tsveti-dlya-virezaniya-tsveti-krasivo-foto-50.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
af9df3413c1bb91c75c2ecaf48e48580ab2d17026d8d82a48dcad10973e5d925
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Tue, 31 Aug 2021 23:28:57 GMT
server
nginx
etag
"612ebb39-2162d"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
136749
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616537178_43-p-shkolnii-fon-dlya-prezentatsii-48.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616537178_43-p-shkolnii-fon-dlya-prezentatsii-48.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
7ba972f06726b121b8e467bcc6015587b5b7569cc16f1dba947de0a33d12bc45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Tue, 23 Mar 2021 22:04:41 GMT
server
nginx
etag
"605a65f9-269c2"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
158146
expires
Thu, 31 Dec 2037 23:55:55 GMT
1618531664_56-oir_mobi-p-tsveti-lyubimoi-zhenshchine-krasivie-tsvet-60.jpg
oir.mobi/uploads/posts/2021-04/ 		210 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-04/1618531664_56-oir_mobi-p-tsveti-lyubimoi-zhenshchine-krasivie-tsvet-60.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
fe6ca2b41a95517feda736a6699fb311f3df3f1e2e169b172838d26a58e0c0c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Fri, 16 Apr 2021 00:07:02 GMT
server
nginx
etag
"6078d526-349be"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
215486
expires
Thu, 31 Dec 2037 23:55:55 GMT
1619166135_50-oir_mobi-p-domashnyaya-belka-zhivotnie-krasivo-foto-58.jpg
oir.mobi/uploads/posts/2021-04/ 		213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-04/1619166135_50-oir_mobi-p-domashnyaya-belka-zhivotnie-krasivo-foto-58.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
911fd300b609f9e226fa83983d7c40e7db64fa370c5b9cd4da462b60c53e2098
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Fri, 23 Apr 2021 08:21:55 GMT
server
nginx
etag
"608283a3-355e4"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
218596
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616685690_23-p-estetika-krasivo-26.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		265 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616685690_23-p-estetika-krasivo-26.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6e0710e0318cb3bfe2cee9fd0595f4321b99a860060c2c06b186494506031f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Thu, 25 Mar 2021 15:21:20 GMT
server
nginx
etag
"605caa70-4224c"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
270924
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616971113_5-p-temnii-fon-dlya-rabochego-stola-6.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616971113_5-p-temnii-fon-dlya-rabochego-stola-6.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ae70eddd24be531b8cc6b05e8f3b57a4860194a64a83d8d74bb0dbd573d34460
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sun, 28 Mar 2021 22:38:09 GMT
server
nginx
etag
"60610551-13e11"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
81425
expires
Thu, 31 Dec 2037 23:55:55 GMT
1618257014_39-p-ogromnii-buket-roz-tsveti-krasivo-foto-40.jpg
oir.mobi/uploads/posts/2021-04/ 		237 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-04/1618257014_39-p-ogromnii-buket-roz-tsveti-krasivo-foto-40.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
46b120cfffe0f08004776832a9c93ba4535501bc095342a66cb1956f273b95a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Mon, 12 Apr 2021 19:49:14 GMT
server
nginx
etag
"6074a43a-3b225"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
242213
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616116009_35-p-nyudovii-manikyur-na-mindalevidnikh-nogtya-37.jpg
oir.mobi/uploads/posts/2021-03/thumbs/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/thumbs/1616116009_35-p-nyudovii-manikyur-na-mindalevidnikh-nogtya-37.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e5b95f2beb97218d47f5c9567dc6e5b4458b44f1822db77135c0b304c6327fd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Fri, 19 Mar 2021 01:06:40 GMT
server
nginx
etag
"6053f920-230f9"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
143609
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616562662_27-p-chernii-kvadrat-fon-36.jpg
oir.mobi/uploads/posts/2021-03/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/1616562662_27-p-chernii-kvadrat-fon-36.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d80a0be6589a8d2a8da3372d349f58d65f415f3fde7462bf90789e34d198da0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Wed, 24 Mar 2021 05:10:50 GMT
server
nginx
etag
"605ac9da-6408"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
25608
expires
Thu, 31 Dec 2037 23:55:55 GMT
1616358871_54-p-milie-anime-64.png
oir.mobi/uploads/posts/2021-03/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-03/1616358871_54-p-milie-anime-64.png
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
43dfec3575d3a4f35c202cdacf93464785937721088e4ae2f2cc8aa57382cba1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sun, 21 Mar 2021 20:34:04 GMT
server
nginx
etag
"6057adbc-1051ad"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1069485
expires
Thu, 31 Dec 2037 23:55:55 GMT
1617573829_22-p-krasivie-zhenskie-strizhki-22.jpg
oir.mobi/uploads/posts/2021-04/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/uploads/posts/2021-04/1617573829_22-p-krasivie-zhenskie-strizhki-22.jpg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
09b8d2495c8aa3760aa8b0f03ed5da49d595b6b2fa33576953ddeb4937125589
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sun, 04 Apr 2021 22:03:22 GMT
server
nginx
etag
"606a37aa-21b3b"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
138043
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
oir.mobi/engine/classes/js/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/engine/classes/js/jquery.js?v=2b2c6
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 05 Feb 2019 23:00:00 GMT
server
nginx
etag
W/"5c5a1570-14e4e"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jqueryui.js
oir.mobi/engine/classes/js/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/engine/classes/js/jqueryui.js?v=2b2c6
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f0253a9ee6c26c1c960191a7f349ced5600d94d5fe6e7bfc3dcc9125a963e99
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 05 Feb 2019 23:00:00 GMT
server
nginx
etag
W/"5c5a1570-1785a"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
dle_js.js
oir.mobi/engine/classes/js/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/engine/classes/js/dle_js.js?v=2b2c6
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
c2704054e9d4d8a66cffd4907225cc63852900c037cfbedbbeeddc7d34b294b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Sat, 01 Feb 2020 01:27:32 GMT
server
nginx
etag
W/"5e34d404-8986"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazyload.js
oir.mobi/engine/classes/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/engine/classes/js/lazyload.js?v=2b2c6
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
a3e10819e11ca5aa607b1b881725bba0aab5171c47e683a00fe93b2a7af3711d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Mon, 11 Feb 2019 23:00:00 GMT
server
nginx
etag
W/"5c61fe70-980"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
libs.js
oir.mobi/templates/lustful-firefly-utf8/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/templates/lustful-firefly-utf8/js/libs.js
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ede4720b86f5352554939ef84c5d8cc4d4b8e6c7d8a20378c079df0c3c51eed0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 08:01:11 GMT
server
nginx
etag
W/"6051b747-131b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.min.js
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2689860
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9564
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-ab69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jk2idkDsiFdMhgMI%2BgqjxNdEe2%2B8Txwx3grq%2Bu0fnEQcAfaIIE6YfCC0JrBrI5RuYkym7UN71QlSjDsqYWimJ5sBvBL%2BchUDWeRqgQpKfiQdQlFlsDG1PHZYnccV%2B2gXzTWonO7e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832bb9834e305c5c-FRA
expires
Thu, 28 Nov 2024 08:02:13 GMT
entry.c8c4fc3036b9c78514f0.js
oir.mobi/dist/ 		2 KB
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/dist/entry.c8c4fc3036b9c78514f0.js
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
95f3ee34eb020119b508d680c3034048ffb7c2e5418671ce197a9cba1c04ec1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Sat, 02 Mar 2019 14:53:16 GMT
server
nginx
etag
W/"5c7a98dc-65d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
tag.js
mc.yandex.ru/metrika/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
579ff09d0cfe834581eb571dc5c49e854639c28af3c199857914d7cea9ba732b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 08 Dec 2023 08:26:31 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6572d337-1139b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70555
expires
Sat, 09 Dec 2023 09:02:14 GMT
logo.png
oir.mobi/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/logo.png
Requested by
Host: oir.mobi
URL: https://oir.mobi/templates/lustful-firefly-utf8/style/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
71caff91afbfa3c24a8339e5a2eb9d48d1499a54e370f5758e8b63c898c528b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/templates/lustful-firefly-utf8/style/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sun, 13 Oct 2019 20:33:08 GMT
server
nginx
etag
"5da38a04-76d"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1901
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
oir.mobi/templates/lustful-firefly-utf8/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/templates/lustful-firefly-utf8/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: oir.mobi
URL: https://oir.mobi/templates/lustful-firefly-utf8/style/engine.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://oir.mobi/templates/lustful-firefly-utf8/style/engine.css
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
last-modified
Sat, 08 Dec 2018 21:09:33 GMT
server
nginx
etag
"5c0c330d-12d68"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
77160
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:53:52 GMT
x-content-type-options
nosniff
age
58102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26640
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 15:53:52 GMT
ProximaNova-Regular.ttf
oir.mobi/dist/assets/ 		128 KB
128 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oir.mobi/dist/assets/ProximaNova-Regular.ttf
Requested by
Host: oir.mobi
URL: https://oir.mobi/dist/entry.c8c4fc3036b9c78514f0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
c28997e16f0bf987fb031b9f7bf5d5fbadb58fdfee8ad36eb67cc0a6aaca3b2c

Request headers

Referer
https://oir.mobi/dist/entry.c8c4fc3036b9c78514f0.css
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
last-modified
Sat, 02 Mar 2019 14:24:11 GMT
server
nginx
etag
"5c7a920b-1fe4c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
130636
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:32:10 GMT
x-content-type-options
nosniff
age
12604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:32:10 GMT
ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ajax-loader.gif
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
798675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3208
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-1052"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRui6lNyIjXuXI8VetOeUd%2FI1IqoGDI6B2ueOJw4LejpL11B%2BEEZDJaJZucAFwVZFzU5CPYBPi18NRuwSPwEh6qTLNLJhSExdYTYdl%2F9SvmMKJxCtvO7fSU8k79ZHpBcLtwsT9u9"}],"group":"cf-nel","max_age":604800}
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832bb983eea45c5c-FRA
expires
Thu, 28 Nov 2024 08:02:13 GMT
prev.png
oir.mobi/dist/assets// 		196 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/dist/assets//prev.png
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aec5efae3ce587fa856a91853a45e37c11e20bc2a82d276628b2ea6d1f7f82b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 02 Mar 2019 14:24:11 GMT
server
nginx
etag
"5c7a920b-c4"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
196
expires
Thu, 31 Dec 2037 23:55:55 GMT
next.png
oir.mobi/dist/assets// 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oir.mobi/dist/assets//next.png
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.77.35.176 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
eb8df707bddb2433438b1246002ea9c2ed3ba57d731ca8ade66f79ca926f2e82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:13 GMT
strict-transport-security
max-age=63072000
last-modified
Sat, 02 Mar 2019 14:24:11 GMT
server
nginx
etag
"5c7a920b-3b0a"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
15114
expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7615570566331285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
0c318686ad9df72e23ae660f476ad2d21b36bbe5e2f5a8f15e5f2f3ee2f442ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137722
x-xss-protection
0
server
cafe
etag
10350606745270783560
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:14 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 3218 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7615570566331285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
45244
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 19:28:10 GMT
etag
5585625838579639069
expires
Fri, 22 Dec 2023 19:28:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10212.8_IMXeJsWT04MJ5rqrix2sAhTwoQGAdAXzexvyX7SJ_UF_NQVpfmPeRxqG2S5_QL.RGAILc6j8aNYJwRZHKbTHHXWoTA%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10212.mnGoLFSCu53pm6Zv3c57l_6iN5IWSlWXuYUDb44tKDsWP43c2fc8U7ogXNNr6byDmEFQkIPyNMO3prxU0tb7gTQj0uKgi0pnsfiyOQSqBrn7ZtC5gTSp72GxzDMB2Fsc8vRj768ffD...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10212.ZbzOMSb61kAL8JLrK6qY5xS29uUJMQwTGiLdcST6CZywlwibX3OXHE6Iw5_wHcjri65Eo4C3CPzwsO58ePIJJcIx58tD2Umbc_G2qVXXEWicz...
43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10212.ZbzOMSb61kAL8JLrK6qY5xS29uUJMQwTGiLdcST6CZywlwibX3OXHE6Iw5_wHcjri65Eo4C3CPzwsO58ePIJJcIx58tD2Umbc_G2qVXXEWiczcWopFblQeOx6BLrWc8a3eoJhCCzkr_dof7lJQYpnAkJU00jstyq224o00bVP7Y1grhFHKOsP_yaKZ0VAxLp1PnVzfhzsn7sd83e2xXB1A%2C%2C.9f9OuAsW3i-292cZKJq3T8fZMxY%2C
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10212.ZbzOMSb61kAL8JLrK6qY5xS29uUJMQwTGiLdcST6CZywlwibX3OXHE6Iw5_wHcjri65Eo4C3CPzwsO58ePIJJcIx58tD2Umbc_G2qVXXEWiczcWopFblQeOx6BLrWc8a3eoJhCCzkr_dof7lJQYpnAkJU00jstyq224o00bVP7Y1grhFHKOsP_yaKZ0VAxLp1PnVzfhzsn7sd83e2xXB1A%2C%2C.9f9OuAsW3i-292cZKJq3T8fZMxY%2C
date
Sat, 09 Dec 2023 08:02:14 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 08 Dec 2023 08:26:31 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6572d337-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 09 Dec 2023 09:02:14 GMT
ac79c1fc3f4859b7f5ad.js
yastatic.net/partner-code-bundles/925414/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/925414/ac79c1fc3f4859b7f5ad.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
7de14293a00f3a08ca677a236acb46a444c5d750d41c6f1a865f7d206a041ea4
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4788
last-modified
Fri, 08 Dec 2023 15:30:09 GMT
server
nginx/1.17.9
etag
"c5a9119a659639a0a48087c790a00e73"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 08 Dec 2053 14:36:57 GMT
95568e19e7b545bb4320.js
yastatic.net/partner-code-bundles/925414/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/925414/95568e19e7b545bb4320.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
35791a0a568287fd20da5facf5eb7bbfd717719be54b020874cb71e2985f6d79
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7945
last-modified
Fri, 08 Dec 2023 15:30:09 GMT
server
nginx/1.17.9
etag
"2a9241dc2707f8ca6e0c58a96acee926"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 08 Dec 2053 14:36:57 GMT
385866b9b5a01ce8598e.js
yastatic.net/partner-code-bundles/925414/ 		118 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/925414/385866b9b5a01ce8598e.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
35ef6a5812cd5efdd975b0d93543348b65e352ad79c69441136f880a99545dc4
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24546
last-modified
Fri, 08 Dec 2023 15:30:08 GMT
server
nginx/1.17.9
etag
"19571a7377b7928c0926e050406a3861"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 08 Dec 2053 14:36:57 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 08 Dec 2053 14:37:03 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
cd06ea8184ba6d67
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 13:50:15 GMT
e7c97ee5f3e0e48c880c.js
yastatic.net/partner-code-bundles/925414/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/925414/e7c97ee5f3e0e48c880c.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
0bbba55316cd58f431f68be99551249796b217070c3c5590d3cc15cd63f35612
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
14831
last-modified
Fri, 08 Dec 2023 15:30:09 GMT
server
nginx/1.17.9
etag
"d17346a9c625d38da1404606421f031d"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 08 Dec 2053 14:36:57 GMT
45b38d32d1ac376c1534.js
yastatic.net/partner-code-bundles/925414/ 		599 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/925414/45b38d32d1ac376c1534.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
d4a7135dd00586b0f9a153709d8c2fe94e1cfa781bc8049bd780d71d2888f9c0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
117485
last-modified
Fri, 08 Dec 2023 15:30:08 GMT
server
nginx/1.17.9
etag
"e99d3cab7568a025d5e99120cc7612ee"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 08 Dec 2053 14:36:57 GMT
479133
yandex.ru/ads/meta/ 		113 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/479133?target-ref=https%3A%2F%2Foir.mobi%2F&pcode-test-ids=913081%2C0%2C69%3B912526%2C0%2C34%3B921588%2C0%2C94%3B909920%2C0%2C5%3B912471%2C0%2C59%3B924429%2C0%2C63%3B901185%2C0%2C45%3B908761%2C0%2C33%3B920052%2C0%2C47%3B919406%2C0%2C5%3B917139%2C0%2C11%3B882586%2C0%2C2%3B917804%2C0%2C34%3B892905%2C0%2C87%3B910946%2C0%2C31%3B924942%2C0%2C39%3B910553%2C0%2C46%3B914206%2C0%2C54%3B924474%2C0%2C49%3B852182%2C0%2C13%3B924340%2C0%2C20&pcode-flags-map=eJy1Wdty2zgS%2FRc921neL3mDSFDCmrcFQdtKKoVSYiXjLV%2B2HCczk1T%2BfbsBUBJkD7ROZvPgSDRxADS6zzkNf5%2Bdk0EOy%2B5CklLWZE5rWXVcslbOSdtSPnv99vvs6%2Frmy2b2eib4SGcns8fN50d2Bd%2BTJAyjdPbj3ckOpuddORZikF0rezIO1ImQ%2BnkUaoSSDWReU1l0YyskpyXjtBCwEtL3bozAi6JguwqYUjZjLRjv6hrQWoEfKJcXRBRLWkrBGiq7qhqocOOGgZfudsep4CvcVUvFRcfPJOW8c8cnjZMozbcIMHtxBkFedaOQQ93BD%2FaGyjlsuCSc0cENlmZ%2B5Csw3AFi9JyqTe62e85K2knzewvO9%2BCfhZeHeeodwZuPVQWho00vVrJmDTsEfTHieU9Y%2BfevsBrh88%2Bitpirf%2FNK%2FwLzl87necz%2FXwR%2B9vQx2ReczGVN24VYWoOgWLP9YZmXeWm0HUZbRQKCEyiVczaMpNa8gqxELwXlLTwpBzclZH6QeD8Bqh4MpKKy4qRxU5eaQ9MD58gzA7wBhAUTCiTTniAEYA8KlYwl62TBKRHs%2FEipZ5EX%2BPF2%2BdMhiQ5IaBCEC6ShinGYqFiO7ZmsCKstxNg%2B8SwK0mAHSITAMx1eghi6AGGvwLpFzShQd00XEE3WVp28WDLF6O05hSl08mN8juw%2B9rJsj3fbEpKQzDEEpEQkNsCDkde46As6745FM%2FWiHQsvKOxxHETXyPOG9NvonpN6tE88OaibLInDZCc0tACIQhCdNA2pa%2Fcy0iyKoqej1Uh5wcRSCsjFl2BMZ9eMAnQNgvFUkmJreB74XqKGDxBVaSS3xHQVq56i7PfdBeW0qlgBh1msLLDNH%2F%2Bx4azSJWU5VVpPFiCxvWBQFboQMNVUuGvWnrn3mOe50blJzluq7MlUPHj0rnXlvgeeQCH0RVfSX8QYgBeAOtqhJhhmOLeetLAzgHMjZEkWbBEULeBCVgTy%2BVKS1jk48BN%2FR6ZwzBhWyP0BJrYG4puJb4%2BNPOOHJk9lvFQxcNekce5DfqmBSgO0A5RjyyoGG2ctkFlFCurGyAJjmjDikEmQpEtZdwtWuMYlfhYmem6gC2CiRs5XU%2B1jgYE6zZkz4Akkd%2BBb%2B4Z4c0jFVhjvhRo5QArQVg4HEvJkPblvKq3A%2BuzaiYcqiIJkSh9gW6Sk7kWlWZ5o8sHDr8DmtWW90vqC9Xbobt3j52fKM2pJ0XwKGJCS886NkkdGqxClplAJgNA4xyRZlOhw7oVtwcETlXQ4E5173VkS%2BeF%2B%2FBQ3gSIAyB5eCy5YHfhiBMsPjgOtf0GhQp1hTX0vSuNJfHWmiZG35nhAieC0xZJ342LpZJvU9ydxqMmblTpRqVhjf9j32cfN44ffmvXDp%2Bu72Ws%2F9k5mt%2Ffvr282w4f1zfXdp9nr4IeFGkMZ6NpvkKH%2FNdKRgtXo5bxGE1IzWwTfzm7X1zevHr7A2v5c311t%2FoDP%2F7i%2BXX%2FafLYefVrfqidX3zZ3%2BvX11%2BvHe%2F3x9tXel6u7a%2FMUkbcI8OBh%2Fe3m%2Fttv5tffHvT%2FXx7Wr%2B42v39%2B8sK%2F1%2Fe312rou%2Be32GpGbShf4M%2BSESnIYnCeXxgEJrlUWVA4e2DmQimGe2AceoZVQchLWhGgKi047djMqZPh0tgPjUdVvanqLlGqoN2lha5I8IcMuOMITOrFW2onZYMEt1CUw8qKPHO8YRh88N%2BH0elV%2FvH9aZQG6WkWh%2BvTDyH45ve5H3xcb%2Bz4ZnGcGwWw6ny%2FekQ3FktdQ3U3qH1oR8DpP4Hwj9QQlGiUTTVklHsrVca0OQHyZFK4FQyBLCj0Sc7rDnIciAL8n6DPRIOfstMggl170Slq1%2F734OB7ePA9Ut%2FJaRBDY5MGMH4%2FbJmXJ762OBUDlS1Jr5JTd9rjwuln%2FDiKo72qRavIGkwtDItOcydA7Ee5BqgGSIkOGgp26R4RhoYmTRVBDWB7guxMlCvHGwzwhVBY7eiGivLJseizUOqk7nKOiF2WBHGmV7EkvFSeSS9ggAoTpFg6R0MxJ8lW8he9kJCerHfmDg4yoVK%2BAnffYRf24rWDB03CZ4D6cQ4qAMwg3Kvfjd%2FdQDVY1NrX27O%2FzXMkvjQ4yeHkIi9MTpIwBy0KYysLMyCp3AI1XVGBfdYv4YY6anv1ila%2BgHNz2%2BosTk1hcNp0mGlAW3Mn2WaQGMY2VMOk%2BlPXIKG2ZUOwZYAKcfcJvpflR6hM9XUFtuGdIjTsJjhbLOETbK%2BmldCNOQGZODJZYlxgS0eOMccKdu8Txpj83xU6WB1FsVh7ZDi8LDz0654Xx97%2BwUxNb9cDCBdzcGtEIs9eHjn4dxZskOR6MwihrkbRkQ8qSRvFDuqRtbb1zY29thCcnLZiygXjHjkFSwI0DyYbv7qdde6lvjFJ6mVFiWjPsdbMTe8Cpc%2BK8tswgXFebm8I%2BoNnVU31w9Ay%2Fg%2FHBTSXhsmUlpxeQO5T3cG6hwWeZ%2FROe%2Fmt2KnuG8kL70WwzXPjhEEM6n9y9A2YyfRQrFURwoMjtWEpSLFuDg3KOa4EGkxBF852G9Yf791zb6%2FoYRtP0uqZFUVxNnX%2BhJ5bL5tLcruL9EMvs9vwkkAn1%2BDt%2BZNQdy30NLuLQyxZ9fZlU9ugQRwk1o2BgCyExNndEhy9IICONzb3Q1Zj3aJi4RWogPJTK6Bahw5b5ifZnU%2FCiYuqWL0VD1X3g%2FvusSL1QA82GaU6cqQcyrPzg%2FKE%2FjwCcbA79ig4RpC4xe1VnTKprGZiNeWQe4e%2Bn8V7%2BN0oIOMoBBxRTZPuts65l6XGsR9ibMdv79J0F6bfQzWtqV1S6kr6peANuZxoa9C8Z0E%2BDzcsu7Eu9eW46go1OU%2B3QOpeYj%2FKkDNs0e5aa7Gw1eb%2B7uZP%2BXXz8HgNjZ%2F8en21uT%2BgJi8O9mc2cvB0CquDP5zmKeNNsEa8u9rcMEN28q6ZAmOBfLxZf%2F7tFBZrZ2ceeZYP2FuagiqRiFvdUVh4Hx5tXfFTP8z3Na98gx29jqzemtrkpOzq0eCCzDIwoslxyGXH2RsgrZeCYrb3ZNXgjZAyLlzYQx82VwdbzMzfESbXc8FK0AqgBcFad4%2Bb5UHuxc9VtSpldG1zaHkPyOlJkL3ciPehYOoATffI7vSBtsTcCJqG2WaAfU3ao5ZJlYD8inqEpqDh5IhT8MEHhX%2FlFNwjo8DbndLkTyZBHoDeyyOyHEXmNlqZYnXdBPXtPqM48E0Lqy59nuFqMGUH0%2BCTH%2B9%2B%2FBdr0hz3&pcode-active-testids=919406%2C0%2C5&pcode-icookie=GDwYM0eP9nhkmGVxwjBrEjKUFnqIDkcarF0WfGWWqjRK8nodmyQO2Zp5qNUBX1h9pp40EfH6%2BXrT6q8VnWEgTboKQUM%3D&duid=MTcwMjEwODkzNDkyOTU3NzUwMA%3D%3D&imp-id=1&enable-flat-highlight=1&charset=utf-8&comboblock-unencoded-vast=1&test-tag=407918813904898&ad-session-id=8872441702108934438&target-id=6298308&tga-with-creatives=1&top-ancestor=https%3A%2F%2Foir.mobi&top-ancestor-undetermined=0&pcode-version=925414&pcodever=925414&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1560%2C%22h%22%3A0%2C%22width%22%3A1560%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A20%2C%22top%22%3A115%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=1520&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChLmNJEkuQ-oycO4rRtB_GZY4y2sfgG_T22p6ZRt1G-LkhibNLIU3dat67qk-7os6wb_JU7tpWlroKcBrpgJvo7q-Zfl3Q9--I1GzEwMHY-JmCfk2H4QCTlz8SKhHdrBjEAFDRSJPwThlm4Dx2B1amc0uM7olgH8oywD7m5s3D-ZnfYw5n7e2gZutzpmp_6m2dEyDVTJ7oDeR99kdWZH7UwDxH_ShOLaSOhPe21v-ZMk5k2H74ZsOxxevPnDs6dnk8QdZqf_DNZ3Nm_43jf-mu-b-9OsjtZpX5J68l87wN-J3i0ke3fYLWlmu2H8h9ZpBrwf92uaulQS3h29oxpwdofSGchujWpg__noMR7FuPsVTTOwvjurfk3yTO71xQL9nTA_42uL1lZzXMyv02qtbutp4j6KdWVdQphXQ238g_6LPBan0SOaeATD5TnaAN66uEIVweDhbX6wHIckBtmJIyEvBCkzCNzFTt6CYPCJNv9nTzeuLj3dfKvMhD5HOrz57LlcboifHJ3_8TlSwbgHd7i-6okbzoD3B_FfH1E3K1tTqO050mAQ_96KOiAfIegfNZzm3pYBwsPAEYpXMoAzCI526MXRxwD-Bwk9t9YgaqoprQvcCr2clAoyaRna088rdQ476kA2qHSO1JxRKGbrrVZSOsROAuK86R3kfObAcGrzKFPRCYB36A8-wFN0IuwGdXFa5C1FZwFmYHdoDSymKVgWrGaRcc-vFSwLRrPwrIt-s10MxaaYb2LhdrqC0YdhANtKYnaoCvorMEeAKzmzYzS7RG_24-OvXGEHwh6Iqug8oD5wGE-cYx05ptwsxUAJ2bjKxlU2rrJxlY2rbFxl4wpejCskEanOHTibiy91B8F39l_RzueDyW04oku8aDcmRKoSr_yK1Ptwg7Fsh1xJTNdrtUlRhL6XPG0OoS9A6K9Twlb-IUAQa2IOADbcSRTEEDBZ3oDgDVVnAj-OL3syyok-yndwGXqgZMMOmYxw2Pbwpd66t7tDYm-4U-rMYPLtxLnZizgsizpZ67CXTtz9NSReTWZT75FIKG7ckyWkrewVgVs4cAoHduHAKhyYhQOjcKAXToS0wZM3RDjxvzaJRELpK0JKWpuXN4AnG1IPEx85kdncMWyK9Kkyk1hzbSl_sPH-tUm_DZn0QYUwQKaOuz-c_L-xDVYTb2RpBPLdYSZA-yGXtmxEiHfZzmIJiyIuumqSNAgDXbQU8qb0QzuD3eCqTGdFV0sWEH2pFPFQu6prqPmqa7jlXxXFykZPlGL9V7EClcU8vNQuIfzkTs_XrkAj07rrByoktfZ6MbPWX1mMBNdQf_QSRe2_ReCS-PJRKTToCV6i_j7qBnB6CKj5AyXBdJRfKfASPMDm1kXvt3BOWKGhZn2e6C1alOh_wQdwnaV3KYsHYDwHvAE2xzzISKF5eB5Gg1rY2qDfx4Bfuuf63g3V8QTlmmBT8oIW-5C_VD3CYsLgkQfY-wQCB-AToA%3D%3D&uniformat=true&callback=Ya%5B2434993323112%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
78e2d27db2e35fa1d9b49e223f8ca9b179135dc1fda500214d5f8fbd68df784c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Dec 2023 08:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr
true
x-yandex-req-id
1702108934492237-9383689135404481785-balancer-l7leveler-kubr-yp-sas-24-BAL-1567
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:14 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:14 GMT
1
mc.yandex.com/watch/51579212/
Redirect Chain
  • https://mc.yandex.com/watch/51579212?wmode=7&page-url=https%3A%2F%2Foir.mobi%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A861%3Afu%3A0%3Aen%3Autf-8%3Ala...
  • https://mc.yandex.com/watch/51579212/1?wmode=7&page-url=https%3A%2F%2Foir.mobi%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A861%3Afu%3A0%3Aen%3Autf-8%3A...
439 B
531 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/51579212/1?wmode=7&page-url=https%3A%2F%2Foir.mobi%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A861%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1331440757206%3Ahid%3A540026713%3Az%3A60%3Ai%3A20231209090214%3Aet%3A1702108934%3Ac%3A1%3Arn%3A843075844%3Arqn%3A1%3Au%3A1702108934929577500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C94%2C98%2C1%2C188%2C0%2C%2C493%2C4%2C%2C%2C%2C1228%3Aco%3A0%3Acpf%3A1%3Ans%3A1702108932869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702108935%3At%3AOIR.mobi%20-%20%D1%81%D1%82%D0%BE%D0%BA%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB.%20%D0%9E%D0%B1%D0%BE%D0%B8%20%D0%BD%D0%B0%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
b87f1a2df2f2ec9d705976694e06123afc5b4583a8cea170102b8626fc7c85b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 09-Dec-2023 08:02:14 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:14 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:14 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 09-Dec-2023 08:02:14 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/51579212/1?wmode=7&page-url=https%3A%2F%2Foir.mobi%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A861%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1331440757206%3Ahid%3A540026713%3Az%3A60%3Ai%3A20231209090214%3Aet%3A1702108934%3Ac%3A1%3Arn%3A843075844%3Arqn%3A1%3Au%3A1702108934929577500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C94%2C98%2C1%2C188%2C0%2C%2C493%2C4%2C%2C%2C%2C1228%3Aco%3A0%3Acpf%3A1%3Ans%3A1702108932869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702108935%3At%3AOIR.mobi%20-%20%D1%81%D1%82%D0%BE%D0%BA%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB.%20%D0%9E%D0%B1%D0%BE%D0%B8%20%D0%BD%D0%B0%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:14 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A188 		305 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&adk=1812271804&adf=3025194257&lmt=1702108934&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Foir.mobi%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108934265&bpp=3&bdt=1015&idt=619&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7928445878926&frm=20&pv=2&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=637
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
08244961394be050ebf9854c5d3a7e1ec84f21cfb826002791c82ce658889276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
74628
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:02:15 GMT
expires
Sat, 09 Dec 2023 08:02:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1
mc.yandex.com/watch/51579212/ 		43 B
86 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/51579212/1?page-url=https%3A%2F%2Foir.mobi%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1702108934_64a8b397526714e4ce9634ffe686dee2da090677931bef7acdb83deba60e5b10&browser-info=pa%3A1%3Aar%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A1%3Als%3A1331440757206%3Ahid%3A540026713%3Az%3A60%3Ai%3A20231209090214%3Aet%3A1702108935%3Ac%3A1%3Arn%3A534210265%3Arqn%3A2%3Au%3A1702108934929577500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1702108932869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702108935&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%228872441702108934438%22%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:14 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 09-Dec-2023 08:02:14 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:14 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://oir.mobi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://oir.mobi
access-control-max-age
1728000
content-encoding
gzip
date
Sat, 09 Dec 2023 08:02:15 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT
479133
mc.yandex.com/watch/ 		408 B
516 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/479133?wmode=7&page-url=https%3A%2F%2Foir.mobi%2F&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A2%3Adp%3A1%3Als%3A44560836501%3Ahid%3A540026713%3Az%3A60%3Ai%3A20231209090215%3Aet%3A1702108935%3Ac%3A1%3Arn%3A647232756%3Au%3A1702108934929577500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1702108932869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702108935%3At%3AOIR.mobi%20-%20%D1%81%D1%82%D0%BE%D0%BA%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB.%20%D0%9E%D0%B1%D0%BE%D0%B8%20%D0%BD%D0%B0%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD&t=mc(p-1)clc(0-0-0)aw(1)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
9b744f084cad32c03abe3f411b1a2f2e4c3b06169f76bc2dc2fa6a71849ba530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 09-Dec-2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
408
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:15 GMT
479133
yandex.ru/ads/meta/ 		125 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/479133?target-ref=https%3A%2F%2Foir.mobi%2F&pcode-test-ids=913081%2C0%2C69%3B912526%2C0%2C34%3B921588%2C0%2C94%3B909920%2C0%2C5%3B912471%2C0%2C59%3B924429%2C0%2C63%3B901185%2C0%2C45%3B908761%2C0%2C33%3B920052%2C0%2C47%3B919406%2C0%2C5%3B917139%2C0%2C11%3B882586%2C0%2C2%3B917804%2C0%2C34%3B892905%2C0%2C87%3B910946%2C0%2C31%3B924942%2C0%2C39%3B910553%2C0%2C46%3B914206%2C0%2C54%3B924474%2C0%2C49%3B852182%2C0%2C13%3B924340%2C0%2C20&pcode-flags-map=eJy1Wdty2zgS%2FRc921neL3mDSFDCmrcFQdtKKoVSYiXjLV%2B2HCczk1T%2BfbsBUBJkD7ROZvPgSDRxADS6zzkNf5%2Bdk0EOy%2B5CklLWZE5rWXVcslbOSdtSPnv99vvs6%2Frmy2b2eib4SGcns8fN50d2Bd%2BTJAyjdPbj3ckOpuddORZikF0rezIO1ImQ%2BnkUaoSSDWReU1l0YyskpyXjtBCwEtL3bozAi6JguwqYUjZjLRjv6hrQWoEfKJcXRBRLWkrBGiq7qhqocOOGgZfudsep4CvcVUvFRcfPJOW8c8cnjZMozbcIMHtxBkFedaOQQ93BD%2FaGyjlsuCSc0cENlmZ%2B5Csw3AFi9JyqTe62e85K2knzewvO9%2BCfhZeHeeodwZuPVQWho00vVrJmDTsEfTHieU9Y%2BfevsBrh88%2Bitpirf%2FNK%2FwLzl87necz%2FXwR%2B9vQx2ReczGVN24VYWoOgWLP9YZmXeWm0HUZbRQKCEyiVczaMpNa8gqxELwXlLTwpBzclZH6QeD8Bqh4MpKKy4qRxU5eaQ9MD58gzA7wBhAUTCiTTniAEYA8KlYwl62TBKRHs%2FEipZ5EX%2BPF2%2BdMhiQ5IaBCEC6ShinGYqFiO7ZmsCKstxNg%2B8SwK0mAHSITAMx1eghi6AGGvwLpFzShQd00XEE3WVp28WDLF6O05hSl08mN8juw%2B9rJsj3fbEpKQzDEEpEQkNsCDkde46As6745FM%2FWiHQsvKOxxHETXyPOG9NvonpN6tE88OaibLInDZCc0tACIQhCdNA2pa%2Fcy0iyKoqej1Uh5wcRSCsjFl2BMZ9eMAnQNgvFUkmJreB74XqKGDxBVaSS3xHQVq56i7PfdBeW0qlgBh1msLLDNH%2F%2Bx4azSJWU5VVpPFiCxvWBQFboQMNVUuGvWnrn3mOe50blJzluq7MlUPHj0rnXlvgeeQCH0RVfSX8QYgBeAOtqhJhhmOLeetLAzgHMjZEkWbBEULeBCVgTy%2BVKS1jk48BN%2FR6ZwzBhWyP0BJrYG4puJb4%2BNPOOHJk9lvFQxcNekce5DfqmBSgO0A5RjyyoGG2ctkFlFCurGyAJjmjDikEmQpEtZdwtWuMYlfhYmem6gC2CiRs5XU%2B1jgYE6zZkz4Akkd%2BBb%2B4Z4c0jFVhjvhRo5QArQVg4HEvJkPblvKq3A%2BuzaiYcqiIJkSh9gW6Sk7kWlWZ5o8sHDr8DmtWW90vqC9Xbobt3j52fKM2pJ0XwKGJCS886NkkdGqxClplAJgNA4xyRZlOhw7oVtwcETlXQ4E5173VkS%2BeF%2B%2FBQ3gSIAyB5eCy5YHfhiBMsPjgOtf0GhQp1hTX0vSuNJfHWmiZG35nhAieC0xZJ342LpZJvU9ydxqMmblTpRqVhjf9j32cfN44ffmvXDp%2Bu72Ws%2F9k5mt%2Ffvr282w4f1zfXdp9nr4IeFGkMZ6NpvkKH%2FNdKRgtXo5bxGE1IzWwTfzm7X1zevHr7A2v5c311t%2FoDP%2F7i%2BXX%2FafLYefVrfqidX3zZ3%2BvX11%2BvHe%2F3x9tXel6u7a%2FMUkbcI8OBh%2Fe3m%2Fttv5tffHvT%2FXx7Wr%2B42v39%2B8sK%2F1%2Fe312rou%2Be32GpGbShf4M%2BSESnIYnCeXxgEJrlUWVA4e2DmQimGe2AceoZVQchLWhGgKi047djMqZPh0tgPjUdVvanqLlGqoN2lha5I8IcMuOMITOrFW2onZYMEt1CUw8qKPHO8YRh88N%2BH0elV%2FvH9aZQG6WkWh%2BvTDyH45ve5H3xcb%2Bz4ZnGcGwWw6ny%2FekQ3FktdQ3U3qH1oR8DpP4Hwj9QQlGiUTTVklHsrVca0OQHyZFK4FQyBLCj0Sc7rDnIciAL8n6DPRIOfstMggl170Slq1%2F734OB7ePA9Ut%2FJaRBDY5MGMH4%2FbJmXJ762OBUDlS1Jr5JTd9rjwuln%2FDiKo72qRavIGkwtDItOcydA7Ee5BqgGSIkOGgp26R4RhoYmTRVBDWB7guxMlCvHGwzwhVBY7eiGivLJseizUOqk7nKOiF2WBHGmV7EkvFSeSS9ggAoTpFg6R0MxJ8lW8he9kJCerHfmDg4yoVK%2BAnffYRf24rWDB03CZ4D6cQ4qAMwg3Kvfjd%2FdQDVY1NrX27O%2FzXMkvjQ4yeHkIi9MTpIwBy0KYysLMyCp3AI1XVGBfdYv4YY6anv1ila%2BgHNz2%2BosTk1hcNp0mGlAW3Mn2WaQGMY2VMOk%2BlPXIKG2ZUOwZYAKcfcJvpflR6hM9XUFtuGdIjTsJjhbLOETbK%2BmldCNOQGZODJZYlxgS0eOMccKdu8Txpj83xU6WB1FsVh7ZDi8LDz0654Xx97%2BwUxNb9cDCBdzcGtEIs9eHjn4dxZskOR6MwihrkbRkQ8qSRvFDuqRtbb1zY29thCcnLZiygXjHjkFSwI0DyYbv7qdde6lvjFJ6mVFiWjPsdbMTe8Cpc%2BK8tswgXFebm8I%2BoNnVU31w9Ay%2Fg%2FHBTSXhsmUlpxeQO5T3cG6hwWeZ%2FROe%2Fmt2KnuG8kL70WwzXPjhEEM6n9y9A2YyfRQrFURwoMjtWEpSLFuDg3KOa4EGkxBF852G9Yf791zb6%2FoYRtP0uqZFUVxNnX%2BhJ5bL5tLcruL9EMvs9vwkkAn1%2BDt%2BZNQdy30NLuLQyxZ9fZlU9ugQRwk1o2BgCyExNndEhy9IICONzb3Q1Zj3aJi4RWogPJTK6Bahw5b5ifZnU%2FCiYuqWL0VD1X3g%2FvusSL1QA82GaU6cqQcyrPzg%2FKE%2FjwCcbA79ig4RpC4xe1VnTKprGZiNeWQe4e%2Bn8V7%2BN0oIOMoBBxRTZPuts65l6XGsR9ibMdv79J0F6bfQzWtqV1S6kr6peANuZxoa9C8Z0E%2BDzcsu7Eu9eW46go1OU%2B3QOpeYj%2FKkDNs0e5aa7Gw1eb%2B7uZP%2BXXz8HgNjZ%2F8en21uT%2BgJi8O9mc2cvB0CquDP5zmKeNNsEa8u9rcMEN28q6ZAmOBfLxZf%2F7tFBZrZ2ceeZYP2FuagiqRiFvdUVh4Hx5tXfFTP8z3Na98gx29jqzemtrkpOzq0eCCzDIwoslxyGXH2RsgrZeCYrb3ZNXgjZAyLlzYQx82VwdbzMzfESbXc8FK0AqgBcFad4%2Bb5UHuxc9VtSpldG1zaHkPyOlJkL3ciPehYOoATffI7vSBtsTcCJqG2WaAfU3ao5ZJlYD8inqEpqDh5IhT8MEHhX%2FlFNwjo8DbndLkTyZBHoDeyyOyHEXmNlqZYnXdBPXtPqM48E0Lqy59nuFqMGUH0%2BCTH%2B9%2B%2FBdr0hz3&pcode-active-testids=919406%2C0%2C5&pcode-icookie=GDwYM0eP9nhkmGVxwjBrEjKUFnqIDkcarF0WfGWWqjRK8nodmyQO2Zp5qNUBX1h9pp40EfH6%2BXrT6q8VnWEgTboKQUM%3D&duid=MTcwMjEwODkzNDkyOTU3NzUwMA%3D%3D&imp-id=14&enable-flat-highlight=1&charset=utf-8&comboblock-unencoded-vast=1&test-tag=407918813904898&ad-session-id=8872441702108934438&target-id=1156149&tga-with-creatives=1&top-ancestor=https%3A%2F%2Foir.mobi&top-ancestor-undetermined=0&pcode-version=925414&pcodever=925414&skip-token=yabs.NzIwNTc2MDc3MjI3MjE5NDY%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A497%2C%22h%22%3A0%2C%22width%22%3A497%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A34%2C%22top%22%3A1048%2C%22ad_no%22%3A1%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A1%7D&grab-orig-len=1520&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChLmNJEkuQ-oycO4rRtB_GZY4y2sfgG_T22p6ZRt1G-LkhibNLIU3dat67qk-7os6wb_JU7tpWlroKcBrpgJvo7q-Zfl3Q9--I1GzEwMHY-JmCfk2H4QCTlz8SKhHdrBjEAFDRSJPwThlm4Dx2B1amc0uM7olgH8oywD7m5s3D-ZnfYw5n7e2gZutzpmp_6m2dEyDVTJ7oDeR99kdWZH7UwDxH_ShOLaSOhPe21v-ZMk5k2H74ZsOxxevPnDs6dnk8QdZqf_DNZ3Nm_43jf-mu-b-9OsjtZpX5J68l87wN-J3i0ke3fYLWlmu2H8h9ZpBrwf92uaulQS3h29oxpwdofSGchujWpg__noMR7FuPsVTTOwvjurfk3yTO71xQL9nTA_42uL1lZzXMyv02qtbutp4j6KdWVdQphXQ238g_6LPBan0SOaeATD5TnaAN66uEIVweDhbX6wHIckBtmJIyEvBCkzCNzFTt6CYPCJNv9nTzeuLj3dfKvMhD5HOrz57LlcboifHJ3_8TlSwbgHd7i-6okbzoD3B_FfH1E3K1tTqO050mAQ_96KOiAfIegfNZzm3pYBwsPAEYpXMoAzCI526MXRxwD-Bwk9t9YgaqoprQvcCr2clAoyaRna088rdQ476kA2qHSO1JxRKGbrrVZSOsROAuK86R3kfObAcGrzKFPRCYB36A8-wFN0IuwGdXFa5C1FZwFmYHdoDSymKVgWrGaRcc-vFSwLRrPwrIt-s10MxaaYb2LhdrqC0YdhANtKYnaoCvorMEeAKzmzYzS7RG_24-OvXGEHwh6Iqug8oD5wGE-cYx05ptwsxUAJ2bjKxlU2rrJxlY2rbFxl4wpejCskEanOHTibiy91B8F39l_RzueDyW04oku8aDcmRKoSr_yK1Ptwg7Fsh1xJTNdrtUlRhL6XPG0OoS9A6K9Twlb-IUAQa2IOADbcSRTEEDBZ3oDgDVVnAj-OL3syyok-yndwGXqgZMMOmYxw2Pbwpd66t7tDYm-4U-rMYPLtxLnZizgsizpZ67CXTtz9NSReTWZT75FIKG7ckyWkrewVgVs4cAoHduHAKhyYhQOjcKAXToS0wZM3RDjxvzaJRELpK0JKWpuXN4AnG1IPEx85kdncMWyK9Kkyk1hzbSl_sPH-tUm_DZn0QYUwQKaOuz-c_L-xDVYTb2RpBPLdYSZA-yGXtmxEiHfZzmIJiyIuumqSNAgDXbQU8qb0QzuD3eCqTGdFV0sWEH2pFPFQu6prqPmqa7jlXxXFykZPlGL9V7EClcU8vNQuIfzkTs_XrkAj07rrByoktfZ6MbPWX1mMBNdQf_QSRe2_ReCS-PJRKTToCV6i_j7qBnB6CKj5AyXBdJRfKfASPMDm1kXvt3BOWKGhZn2e6C1alOh_wQdwnaV3KYsHYDwHvAE2xzzISKF5eB5Gg1rY2qDfx4Bfuuf63g3V8QTlmmBT8oIW-5C_VD3CYsLgkQfY-wQCB-AToA%3D%3D&uniformat=true&callback=Ya%5B3917858277833%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
76101230df18a0b28c174f9c05473b1cba7f8adaa536addf42976edcf8c31afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr
true
x-yandex-req-id
1702108935083523-9725156206056639702-balancer-l7leveler-kubr-yp-sas-24-BAL-8699
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:15 GMT
orig
avatars.mds.yandex.net/get-vh/6213324/2a00000181d31f18b8bb099b55ea9cda8f20/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-vh/6213324/2a00000181d31f18b8bb099b55ea9cda8f20/orig
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.247.183 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
ecb72db76b72224091ffbc94e9aa7c316d5ba1610f3b4e9d4c2d47ad32e606f7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
last-modified
Wed, 06 Jul 2022 10:47:19 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type
image/jpeg
cache-control
max-age=86400,immutable
timing-allow-origin
*
content-length
20112
x-request-id
6fcf37f2dbbc2faf
x180
avatars.mds.yandex.net/get-direct/3986499/wwOQGOF0ltuKOD-_QVxhjg/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/3986499/wwOQGOF0ltuKOD-_QVxhjg/x180
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.247.183 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
f2f1cd7cf8d10c0b49fc5d3ab3b0eee9e30145016ff86cb7b38c85e31ee2d2cd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
last-modified
Tue, 28 Jun 2022 20:30:58 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
content-length
4326
x-request-id
e0a91c060ea6e2e9
yandex.ru
favicon.yandex.net/favicon/ 		756 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/yandex.ru?size=32&stub=2
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.180.204.36 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
favicon.yandex.net
Software
/
Resource Hash
dd321da9fbfb2751ef37064414b32f455ae4e64bfdcfc7c89f9681b163dca0fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
a2873f5bc7f3b453a134.js
yastatic.net/partner-code-bundles/925414/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/925414/a2873f5bc7f3b453a134.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
74b1857e267adbb29c31ea2689433853a1f079b969f1c63d6f241cf95b4b33e5
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
3028
last-modified
Fri, 08 Dec 2023 15:30:09 GMT
server
nginx/1.17.9
etag
"f40dbc2bf908688ada5ae629eb2253d9"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 08 Dec 2053 14:37:17 GMT
9c03449d445595bd397b.js
yastatic.net/partner-code-bundles/925414/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/925414/9c03449d445595bd397b.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
4d4e30a25a5d3036f167c1805dbf08dbcb4950a0570a6220d72401ac753fe107
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
5673
last-modified
Fri, 08 Dec 2023 15:30:09 GMT
server
nginx/1.17.9
etag
"f498a05f5302da2be82d3112a77b0b3f"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 08 Dec 2053 14:37:39 GMT
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 31CF 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
content-length
6262
content-type
text/html
date
Sat, 09 Dec 2023 08:02:15 GMT
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Mon, 08 Dec 2053 14:37:03 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server
nginx/1.17.9
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
loader.bundle.js
yastatic.net/vas-bundles/924429/bundles-es2017/ 		835 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/vas-bundles/924429/bundles-es2017/loader.bundle.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/925414/e7c97ee5f3e0e48c880c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
5de793f9e0e3da35559f70e59936eb6aca8cc8e9d5c84e620db7944e057f0644
Security Headers
Name Value
Strict-Transport-Security max-age=946708560; includeSubDomains;

Request headers

Referer
https://oir.mobi/
Origin
https://oir.mobi
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
br
strict-transport-security
max-age=946708560; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
211605
last-modified
Thu, 07 Dec 2023 13:01:06 GMT
server
nginx/1.17.9
etag
"6a42098ce27ede3138c5da1287a93b24"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 08 Dec 2053 14:37:12 GMT
1
mc.yandex.com/watch/479133/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/479133/1?page-url=https%3A%2F%2Foir.mobi%2F&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1702108935_e1d1e3d021f784039d36521be4f398b70af5ceb9e9cb246659f9780b71271cd8&browser-info=pa%3A1%3Aar%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A861%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A2%3Adp%3A1%3Als%3A44560836501%3Ahid%3A540026713%3Az%3A60%3Ai%3A20231209090215%3Aet%3A1702108935%3Ac%3A1%3Arn%3A649818030%3Arqn%3A1%3Au%3A1702108934929577500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C94%2C98%2C1%2C188%2C0%2C%2C493%2C4%2C%2C%2C%2C1228%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1702108932869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702108935&t=mc(p-2-h-1)clc(0-0-0)rqnt(1)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%228872441702108934438%22%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 09-Dec-2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:15 GMT
479133
mc.yandex.com/watch/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/479133?page-url=https%3A%2F%2Foir.mobi%2F&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1702108935_e1d1e3d021f784039d36521be4f398b70af5ceb9e9cb246659f9780b71271cd8&browser-info=pv%3A1%3Aar%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A2%3Adp%3A1%3Als%3A44560836501%3Ahid%3A540026713%3Az%3A60%3Ai%3A20231209090215%3Aet%3A1702108935%3Ac%3A1%3Arn%3A388164551%3Arqn%3A2%3Au%3A1702108934929577500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1702108932869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702108935%3At%3AOIR.mobi%20-%20%D1%81%D1%82%D0%BE%D0%BA%20-%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB.%20%D0%9E%D0%B1%D0%BE%D0%B8%20%D0%BD%D0%B0%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD&t=mc(p-2-h-1)clc(0-0-0)rqnt(2)aw(1)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 09-Dec-2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:15 GMT
1V5XeWNo0Ki200000000U9nJP0lFtvKsjudLSB8Y9qjzxy9KIpRvabG68F24YOHA7zZa5plNdvqXbH4edZbPaV5Z7L2y5CIhlGeaMXahW6GdY0y4J0mp6IUkWt0MCiwIWx1MClR6GUJtCafSuMSu2kQVPMG6Ybnb1AcvoyWWmy3mbt4M4mF3N2QGo5Ac1QmC36kPe...
yandex.ru/an/rtbcount/ 		43 B
389 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/rtbcount/1V5XeWNo0Ki200000000U9nJP0lFtvKsjudLSB8Y9qjzxy9KIpRvabG68F24YOHA7zZa5plNdvqXbH4edZbPaV5Z7L2y5CIhlGeaMXahW6GdY0y4J0mp6IUkWt0MCiwIWx1MClR6GUJtCafSuMSu2kQVPMG6Ybnb1AcvoyWWmy3mbt4M4mF3N2QGo5Ac1QmC36kPee3iiqp_WU0Lay0LBkCRG2Smx7oR8SVFmyRmbmbaH2ipK2L3BxCYa9pA3D8ybva9P2sGL01Rkv5PRUC4ZnrsYjKdcM6-lWfMUHTC_cHsSEA7E9g5_Q89cBM2PU9TjXqi_s60yG0BqmMMEMz-ptxtyDXvyPii41zzi7_8ybLAPfkyx5NxjomWVorWvJp9-bM51onzWRMXeQcXWV4cArjysiCx_ZOjNrb1fdMmDR1CO6jRj_VowpNB3xBEOBjoE7W1svPLsnzkklIcEtub6ypC0smU9zYO7x7nXgMvMQNdU_kP9NhdcRzaWzd-4ywQoDwifi4oM_ET_InsDaiZKnD3amtiJ3lO6K-mYpzWNxxqmhzl-tVigF_1phE00-Yr5Hopzh9iuEZToxY3W_4M1qROFkLWO6Ymx-K4UMag9oYS5t0sCA_WNCkuWLFi12VZ1Kx65voC7pWPVt0o0W2O-hLg?pcode-active-testids=919406%2C0%2C5
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/925414/45b38d32d1ac376c1534.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1702108935210200-17498339520269471931-balancer-l7leveler-kubr-yp-sas-24-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:15 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://oir.mobi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://oir.mobi
access-control-max-age
1728000
content-encoding
gzip
date
Sat, 09 Dec 2023 08:02:15 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT
1
mc.yandex.ru/watch/39370120/
Redirect Chain
  • https://mc.yandex.ru/watch/39370120?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934
  • https://mc.yandex.ru/watch/39370120/1?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934
43 B
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/39370120/1?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 09-Dec-2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:15 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 09-Dec-2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/39370120/1?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:15 GMT
log
log.strm.yandex.ru/ 		0
200 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.strm.yandex.ru/log?VAS=924429&event=PrioritiseMediaFiles
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/924429/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.251.15 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
log.strm.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://oir.mobi
date
Sat, 09 Dec 2023 08:02:15 GMT
access-control-expose-headers
Date
access-control-allow-credentials
true
timing-allow-origin
https://oir.mobi
content-length
0
x-request-id
1702108935570301-4507061339413329346
VP8_240_426_500.webm
ext-strm-itt10.strm.yandex.net/vh-canvas-converted/vod-content/422371330114943489/0cd1872c-2279-4189-9481-edf36939df3b/webm/
Redirect Chain
  • https://strm.yandex.ru/vh-canvas-converted/vod-content/422371330114943489/0cd1872c-2279-4189-9481-edf36939df3b/webm/VP8_240_426_500.webm?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1...
  • https://ext-strm-itt10.strm.yandex.net/vh-canvas-converted/vod-content/422371330114943489/0cd1872c-2279-4189-9481-edf36939df3b/webm/VP8_240_426_500.webm?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860b...
603 KB
605 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://ext-strm-itt10.strm.yandex.net/vh-canvas-converted/vod-content/422371330114943489/0cd1872c-2279-4189-9481-edf36939df3b/webm/VP8_240_426_500.webm?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934&noredir=1&lid=1529
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
185.70.202.12 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx /
Resource Hash
a1e6e4e8279dfccb3c4a03e22e876af2c0a24761cf094ebd442f78b72f679d47

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-server-time-ms
1702108936146
date
Sat, 09 Dec 2023 08:02:16 GMT
x-amz-version-id
null
x-estimated-bandwidth
820792
nel
{"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
Content-Range
bytes 0-617528/617529
x_h
strm-ams10.strm.yandex.net
x-strm-request-id
a97182a95abf4cb3
x-connection-id
1584579942
Content-Length
617529
x-request-id
a97182a95abf4cb3
x-estimated-rtt
63019
last-modified
Wed, 06 Jul 2022 10:47:29 GMT
server
nginx
etag
"5b05c86c6f7155043c3077bd82c43917"
x-strm-log-split
1
content-type
video/webm
report-to
{"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
access-control-expose-headers
Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
cache-control
max-age=300
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
expires
Sat, 09 Dec 2023 08:07:16 GMT

Redirect headers

date
Sat, 09 Dec 2023 08:02:15 GMT
nel
{"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
x-strm-request-id
5647c9f9115390af
x_h
strm-anycast-ru-net-production-17.sas.yp-c.yandex.net
content-length
0
x-request-id
5647c9f9115390af
server
nginx
x-strm-log-split
0
report-to
{"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
location
https://ext-strm-itt10.strm.yandex.net/vh-canvas-converted/vod-content/422371330114943489/0cd1872c-2279-4189-9481-edf36939df3b/webm/VP8_240_426_500.webm?vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934&noredir=1&lid=1529
access-control-expose-headers
Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
cache-control
no-cache
access-control-allow-credentials
true
x-plg
host=strm-plgo-production-115.klg.yp-c.yandex.net; version=13053006
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
expires
Thu, 01 Jan 1970 00:00:01 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://oir.mobi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://oir.mobi
access-control-max-age
1728000
content-encoding
gzip
date
Sat, 09 Dec 2023 08:02:15 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT
wx600
avatars.mds.yandex.net/get-direct/4569562/4Ev2Lf2sjTI6El2sXcMoMA/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/4569562/4Ev2Lf2sjTI6El2sXcMoMA/wx600
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.247.183 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
16a23880d984b69b9eae6a9fe2d2b40b9a85e5d7113be1a1c341afe840cb1d07

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
last-modified
Tue, 31 Oct 2023 08:08:40 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
content-length
61594
x-request-id
37fa9221ae82d2dc
expedition.delivery
favicon.yandex.net/favicon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/expedition.delivery?size=32&stub=2
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.180.204.36 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
favicon.yandex.net
Software
/
Resource Hash
c078d3990f6ecbbf68c73536e712788065d0ca73fda5a242a9fbb566811c2368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
479133
yandex.ru/ads/meta/ 		490 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/479133?target-ref=https%3A%2F%2Foir.mobi%2F&pcode-test-ids=913081%2C0%2C69%3B912526%2C0%2C34%3B921588%2C0%2C94%3B909920%2C0%2C5%3B912471%2C0%2C59%3B924429%2C0%2C63%3B901185%2C0%2C45%3B908761%2C0%2C33%3B920052%2C0%2C47%3B919406%2C0%2C5%3B917139%2C0%2C11%3B882586%2C0%2C2%3B917804%2C0%2C34%3B892905%2C0%2C87%3B910946%2C0%2C31%3B924942%2C0%2C39%3B910553%2C0%2C46%3B914206%2C0%2C54%3B924474%2C0%2C49%3B852182%2C0%2C13%3B924340%2C0%2C20&pcode-flags-map=eJy1Wdty2zgS%2FRc921neL3mDSFDCmrcFQdtKKoVSYiXjLV%2B2HCczk1T%2BfbsBUBJkD7ROZvPgSDRxADS6zzkNf5%2Bdk0EOy%2B5CklLWZE5rWXVcslbOSdtSPnv99vvs6%2Frmy2b2eib4SGcns8fN50d2Bd%2BTJAyjdPbj3ckOpuddORZikF0rezIO1ImQ%2BnkUaoSSDWReU1l0YyskpyXjtBCwEtL3bozAi6JguwqYUjZjLRjv6hrQWoEfKJcXRBRLWkrBGiq7qhqocOOGgZfudsep4CvcVUvFRcfPJOW8c8cnjZMozbcIMHtxBkFedaOQQ93BD%2FaGyjlsuCSc0cENlmZ%2B5Csw3AFi9JyqTe62e85K2knzewvO9%2BCfhZeHeeodwZuPVQWho00vVrJmDTsEfTHieU9Y%2BfevsBrh88%2Bitpirf%2FNK%2FwLzl87necz%2FXwR%2B9vQx2ReczGVN24VYWoOgWLP9YZmXeWm0HUZbRQKCEyiVczaMpNa8gqxELwXlLTwpBzclZH6QeD8Bqh4MpKKy4qRxU5eaQ9MD58gzA7wBhAUTCiTTniAEYA8KlYwl62TBKRHs%2FEipZ5EX%2BPF2%2BdMhiQ5IaBCEC6ShinGYqFiO7ZmsCKstxNg%2B8SwK0mAHSITAMx1eghi6AGGvwLpFzShQd00XEE3WVp28WDLF6O05hSl08mN8juw%2B9rJsj3fbEpKQzDEEpEQkNsCDkde46As6745FM%2FWiHQsvKOxxHETXyPOG9NvonpN6tE88OaibLInDZCc0tACIQhCdNA2pa%2Fcy0iyKoqej1Uh5wcRSCsjFl2BMZ9eMAnQNgvFUkmJreB74XqKGDxBVaSS3xHQVq56i7PfdBeW0qlgBh1msLLDNH%2F%2Bx4azSJWU5VVpPFiCxvWBQFboQMNVUuGvWnrn3mOe50blJzluq7MlUPHj0rnXlvgeeQCH0RVfSX8QYgBeAOtqhJhhmOLeetLAzgHMjZEkWbBEULeBCVgTy%2BVKS1jk48BN%2FR6ZwzBhWyP0BJrYG4puJb4%2BNPOOHJk9lvFQxcNekce5DfqmBSgO0A5RjyyoGG2ctkFlFCurGyAJjmjDikEmQpEtZdwtWuMYlfhYmem6gC2CiRs5XU%2B1jgYE6zZkz4Akkd%2BBb%2B4Z4c0jFVhjvhRo5QArQVg4HEvJkPblvKq3A%2BuzaiYcqiIJkSh9gW6Sk7kWlWZ5o8sHDr8DmtWW90vqC9Xbobt3j52fKM2pJ0XwKGJCS886NkkdGqxClplAJgNA4xyRZlOhw7oVtwcETlXQ4E5173VkS%2BeF%2B%2FBQ3gSIAyB5eCy5YHfhiBMsPjgOtf0GhQp1hTX0vSuNJfHWmiZG35nhAieC0xZJ342LpZJvU9ydxqMmblTpRqVhjf9j32cfN44ffmvXDp%2Bu72Ws%2F9k5mt%2Ffvr282w4f1zfXdp9nr4IeFGkMZ6NpvkKH%2FNdKRgtXo5bxGE1IzWwTfzm7X1zevHr7A2v5c311t%2FoDP%2F7i%2BXX%2FafLYefVrfqidX3zZ3%2BvX11%2BvHe%2F3x9tXel6u7a%2FMUkbcI8OBh%2Fe3m%2Fttv5tffHvT%2FXx7Wr%2B42v39%2B8sK%2F1%2Fe312rou%2Be32GpGbShf4M%2BSESnIYnCeXxgEJrlUWVA4e2DmQimGe2AceoZVQchLWhGgKi047djMqZPh0tgPjUdVvanqLlGqoN2lha5I8IcMuOMITOrFW2onZYMEt1CUw8qKPHO8YRh88N%2BH0elV%2FvH9aZQG6WkWh%2BvTDyH45ve5H3xcb%2Bz4ZnGcGwWw6ny%2FekQ3FktdQ3U3qH1oR8DpP4Hwj9QQlGiUTTVklHsrVca0OQHyZFK4FQyBLCj0Sc7rDnIciAL8n6DPRIOfstMggl170Slq1%2F734OB7ePA9Ut%2FJaRBDY5MGMH4%2FbJmXJ762OBUDlS1Jr5JTd9rjwuln%2FDiKo72qRavIGkwtDItOcydA7Ee5BqgGSIkOGgp26R4RhoYmTRVBDWB7guxMlCvHGwzwhVBY7eiGivLJseizUOqk7nKOiF2WBHGmV7EkvFSeSS9ggAoTpFg6R0MxJ8lW8he9kJCerHfmDg4yoVK%2BAnffYRf24rWDB03CZ4D6cQ4qAMwg3Kvfjd%2FdQDVY1NrX27O%2FzXMkvjQ4yeHkIi9MTpIwBy0KYysLMyCp3AI1XVGBfdYv4YY6anv1ila%2BgHNz2%2BosTk1hcNp0mGlAW3Mn2WaQGMY2VMOk%2BlPXIKG2ZUOwZYAKcfcJvpflR6hM9XUFtuGdIjTsJjhbLOETbK%2BmldCNOQGZODJZYlxgS0eOMccKdu8Txpj83xU6WB1FsVh7ZDi8LDz0654Xx97%2BwUxNb9cDCBdzcGtEIs9eHjn4dxZskOR6MwihrkbRkQ8qSRvFDuqRtbb1zY29thCcnLZiygXjHjkFSwI0DyYbv7qdde6lvjFJ6mVFiWjPsdbMTe8Cpc%2BK8tswgXFebm8I%2BoNnVU31w9Ay%2Fg%2FHBTSXhsmUlpxeQO5T3cG6hwWeZ%2FROe%2Fmt2KnuG8kL70WwzXPjhEEM6n9y9A2YyfRQrFURwoMjtWEpSLFuDg3KOa4EGkxBF852G9Yf791zb6%2FoYRtP0uqZFUVxNnX%2BhJ5bL5tLcruL9EMvs9vwkkAn1%2BDt%2BZNQdy30NLuLQyxZ9fZlU9ugQRwk1o2BgCyExNndEhy9IICONzb3Q1Zj3aJi4RWogPJTK6Bahw5b5ifZnU%2FCiYuqWL0VD1X3g%2FvusSL1QA82GaU6cqQcyrPzg%2FKE%2FjwCcbA79ig4RpC4xe1VnTKprGZiNeWQe4e%2Bn8V7%2BN0oIOMoBBxRTZPuts65l6XGsR9ibMdv79J0F6bfQzWtqV1S6kr6peANuZxoa9C8Z0E%2BDzcsu7Eu9eW46go1OU%2B3QOpeYj%2FKkDNs0e5aa7Gw1eb%2B7uZP%2BXXz8HgNjZ%2F8en21uT%2BgJi8O9mc2cvB0CquDP5zmKeNNsEa8u9rcMEN28q6ZAmOBfLxZf%2F7tFBZrZ2ceeZYP2FuagiqRiFvdUVh4Hx5tXfFTP8z3Na98gx29jqzemtrkpOzq0eCCzDIwoslxyGXH2RsgrZeCYrb3ZNXgjZAyLlzYQx82VwdbzMzfESbXc8FK0AqgBcFad4%2Bb5UHuxc9VtSpldG1zaHkPyOlJkL3ciPehYOoATffI7vSBtsTcCJqG2WaAfU3ao5ZJlYD8inqEpqDh5IhT8MEHhX%2FlFNwjo8DbndLkTyZBHoDeyyOyHEXmNlqZYnXdBPXtPqM48E0Lqy59nuFqMGUH0%2BCTH%2B9%2B%2FBdr0hz3&pcode-active-testids=919406%2C0%2C5&pcode-icookie=GDwYM0eP9nhkmGVxwjBrEjKUFnqIDkcarF0WfGWWqjRK8nodmyQO2Zp5qNUBX1h9pp40EfH6%2BXrT6q8VnWEgTboKQUM%3D&duid=MTcwMjEwODkzNDkyOTU3NzUwMA%3D%3D&imp-id=15&enable-flat-highlight=1&charset=utf-8&comboblock-unencoded-vast=1&test-tag=407918813904898&ad-session-id=8872441702108934438&target-id=38069885&tga-with-creatives=1&top-ancestor=https%3A%2F%2Foir.mobi&top-ancestor-undetermined=0&pcode-version=925414&pcodever=925414&skip-token=yabs.NzIwNTc2MDc3MjI3MjE5NDYKNzIwNTc2MDcxMDQyNjIwOTI%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A497%2C%22h%22%3A0%2C%22width%22%3A497%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A551%2C%22top%22%3A1737%2C%22ad_no%22%3A2%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A2%7D&grab-orig-len=1520&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChLmNJEkuQ-oycO4rRtB_GZY4y2sfgG_T22p6ZRt1G-LkhibNLIU3dat67qk-7os6wb_JU7tpWlroKcBrpgJvo7q-Zfl3Q9--I1GzEwMHY-JmCfk2H4QCTlz8SKhHdrBjEAFDRSJPwThlm4Dx2B1amc0uM7olgH8oywD7m5s3D-ZnfYw5n7e2gZutzpmp_6m2dEyDVTJ7oDeR99kdWZH7UwDxH_ShOLaSOhPe21v-ZMk5k2H74ZsOxxevPnDs6dnk8QdZqf_DNZ3Nm_43jf-mu-b-9OsjtZpX5J68l87wN-J3i0ke3fYLWlmu2H8h9ZpBrwf92uaulQS3h29oxpwdofSGchujWpg__noMR7FuPsVTTOwvjurfk3yTO71xQL9nTA_42uL1lZzXMyv02qtbutp4j6KdWVdQphXQ238g_6LPBan0SOaeATD5TnaAN66uEIVweDhbX6wHIckBtmJIyEvBCkzCNzFTt6CYPCJNv9nTzeuLj3dfKvMhD5HOrz57LlcboifHJ3_8TlSwbgHd7i-6okbzoD3B_FfH1E3K1tTqO050mAQ_96KOiAfIegfNZzm3pYBwsPAEYpXMoAzCI526MXRxwD-Bwk9t9YgaqoprQvcCr2clAoyaRna088rdQ476kA2qHSO1JxRKGbrrVZSOsROAuK86R3kfObAcGrzKFPRCYB36A8-wFN0IuwGdXFa5C1FZwFmYHdoDSymKVgWrGaRcc-vFSwLRrPwrIt-s10MxaaYb2LhdrqC0YdhANtKYnaoCvorMEeAKzmzYzS7RG_24-OvXGEHwh6Iqug8oD5wGE-cYx05ptwsxUAJ2bjKxlU2rrJxlY2rbFxl4wpejCskEanOHTibiy91B8F39l_RzueDyW04oku8aDcmRKoSr_yK1Ptwg7Fsh1xJTNdrtUlRhL6XPG0OoS9A6K9Twlb-IUAQa2IOADbcSRTEEDBZ3oDgDVVnAj-OL3syyok-yndwGXqgZMMOmYxw2Pbwpd66t7tDYm-4U-rMYPLtxLnZizgsizpZ67CXTtz9NSReTWZT75FIKG7ckyWkrewVgVs4cAoHduHAKhyYhQOjcKAXToS0wZM3RDjxvzaJRELpK0JKWpuXN4AnG1IPEx85kdncMWyK9Kkyk1hzbSl_sPH-tUm_DZn0QYUwQKaOuz-c_L-xDVYTb2RpBPLdYSZA-yGXtmxEiHfZzmIJiyIuumqSNAgDXbQU8qb0QzuD3eCqTGdFV0sWEH2pFPFQu6prqPmqa7jlXxXFykZPlGL9V7EClcU8vNQuIfzkTs_XrkAj07rrByoktfZ6MbPWX1mMBNdQf_QSRe2_ReCS-PJRKTToCV6i_j7qBnB6CKj5AyXBdJRfKfASPMDm1kXvt3BOWKGhZn2e6C1alOh_wQdwnaV3KYsHYDwHvAE2xzzISKF5eB5Gg1rY2qDfx4Bfuuf63g3V8QTlmmBT8oIW-5C_VD3CYsLgkQfY-wQCB-AToA%3D%3D&uniformat=true&callback=Ya%5B9730171231147%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
5a95852e0935033395bc6b3404544d1271d30ecd160b5b6d9d599f2810842861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1702108935389144-3639806256293369330-balancer-l7leveler-kubr-yp-sas-24-BAL-7376
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
None
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:15 GMT
479133
yandex.ru/ads/meta/ 		117 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/479133?target-ref=https%3A%2F%2Foir.mobi%2F&pcode-test-ids=913081%2C0%2C69%3B912526%2C0%2C34%3B921588%2C0%2C94%3B909920%2C0%2C5%3B912471%2C0%2C59%3B924429%2C0%2C63%3B901185%2C0%2C45%3B908761%2C0%2C33%3B920052%2C0%2C47%3B919406%2C0%2C5%3B917139%2C0%2C11%3B882586%2C0%2C2%3B917804%2C0%2C34%3B892905%2C0%2C87%3B910946%2C0%2C31%3B924942%2C0%2C39%3B910553%2C0%2C46%3B914206%2C0%2C54%3B924474%2C0%2C49%3B852182%2C0%2C13%3B924340%2C0%2C20&pcode-flags-map=eJy1Wdty2zgS%2FRc921neL3mDSFDCmrcFQdtKKoVSYiXjLV%2B2HCczk1T%2BfbsBUBJkD7ROZvPgSDRxADS6zzkNf5%2Bdk0EOy%2B5CklLWZE5rWXVcslbOSdtSPnv99vvs6%2Frmy2b2eib4SGcns8fN50d2Bd%2BTJAyjdPbj3ckOpuddORZikF0rezIO1ImQ%2BnkUaoSSDWReU1l0YyskpyXjtBCwEtL3bozAi6JguwqYUjZjLRjv6hrQWoEfKJcXRBRLWkrBGiq7qhqocOOGgZfudsep4CvcVUvFRcfPJOW8c8cnjZMozbcIMHtxBkFedaOQQ93BD%2FaGyjlsuCSc0cENlmZ%2B5Csw3AFi9JyqTe62e85K2knzewvO9%2BCfhZeHeeodwZuPVQWho00vVrJmDTsEfTHieU9Y%2BfevsBrh88%2Bitpirf%2FNK%2FwLzl87necz%2FXwR%2B9vQx2ReczGVN24VYWoOgWLP9YZmXeWm0HUZbRQKCEyiVczaMpNa8gqxELwXlLTwpBzclZH6QeD8Bqh4MpKKy4qRxU5eaQ9MD58gzA7wBhAUTCiTTniAEYA8KlYwl62TBKRHs%2FEipZ5EX%2BPF2%2BdMhiQ5IaBCEC6ShinGYqFiO7ZmsCKstxNg%2B8SwK0mAHSITAMx1eghi6AGGvwLpFzShQd00XEE3WVp28WDLF6O05hSl08mN8juw%2B9rJsj3fbEpKQzDEEpEQkNsCDkde46As6745FM%2FWiHQsvKOxxHETXyPOG9NvonpN6tE88OaibLInDZCc0tACIQhCdNA2pa%2Fcy0iyKoqej1Uh5wcRSCsjFl2BMZ9eMAnQNgvFUkmJreB74XqKGDxBVaSS3xHQVq56i7PfdBeW0qlgBh1msLLDNH%2F%2Bx4azSJWU5VVpPFiCxvWBQFboQMNVUuGvWnrn3mOe50blJzluq7MlUPHj0rnXlvgeeQCH0RVfSX8QYgBeAOtqhJhhmOLeetLAzgHMjZEkWbBEULeBCVgTy%2BVKS1jk48BN%2FR6ZwzBhWyP0BJrYG4puJb4%2BNPOOHJk9lvFQxcNekce5DfqmBSgO0A5RjyyoGG2ctkFlFCurGyAJjmjDikEmQpEtZdwtWuMYlfhYmem6gC2CiRs5XU%2B1jgYE6zZkz4Akkd%2BBb%2B4Z4c0jFVhjvhRo5QArQVg4HEvJkPblvKq3A%2BuzaiYcqiIJkSh9gW6Sk7kWlWZ5o8sHDr8DmtWW90vqC9Xbobt3j52fKM2pJ0XwKGJCS886NkkdGqxClplAJgNA4xyRZlOhw7oVtwcETlXQ4E5173VkS%2BeF%2B%2FBQ3gSIAyB5eCy5YHfhiBMsPjgOtf0GhQp1hTX0vSuNJfHWmiZG35nhAieC0xZJ342LpZJvU9ydxqMmblTpRqVhjf9j32cfN44ffmvXDp%2Bu72Ws%2F9k5mt%2Ffvr282w4f1zfXdp9nr4IeFGkMZ6NpvkKH%2FNdKRgtXo5bxGE1IzWwTfzm7X1zevHr7A2v5c311t%2FoDP%2F7i%2BXX%2FafLYefVrfqidX3zZ3%2BvX11%2BvHe%2F3x9tXel6u7a%2FMUkbcI8OBh%2Fe3m%2Fttv5tffHvT%2FXx7Wr%2B42v39%2B8sK%2F1%2Fe312rou%2Be32GpGbShf4M%2BSESnIYnCeXxgEJrlUWVA4e2DmQimGe2AceoZVQchLWhGgKi047djMqZPh0tgPjUdVvanqLlGqoN2lha5I8IcMuOMITOrFW2onZYMEt1CUw8qKPHO8YRh88N%2BH0elV%2FvH9aZQG6WkWh%2BvTDyH45ve5H3xcb%2Bz4ZnGcGwWw6ny%2FekQ3FktdQ3U3qH1oR8DpP4Hwj9QQlGiUTTVklHsrVca0OQHyZFK4FQyBLCj0Sc7rDnIciAL8n6DPRIOfstMggl170Slq1%2F734OB7ePA9Ut%2FJaRBDY5MGMH4%2FbJmXJ762OBUDlS1Jr5JTd9rjwuln%2FDiKo72qRavIGkwtDItOcydA7Ee5BqgGSIkOGgp26R4RhoYmTRVBDWB7guxMlCvHGwzwhVBY7eiGivLJseizUOqk7nKOiF2WBHGmV7EkvFSeSS9ggAoTpFg6R0MxJ8lW8he9kJCerHfmDg4yoVK%2BAnffYRf24rWDB03CZ4D6cQ4qAMwg3Kvfjd%2FdQDVY1NrX27O%2FzXMkvjQ4yeHkIi9MTpIwBy0KYysLMyCp3AI1XVGBfdYv4YY6anv1ila%2BgHNz2%2BosTk1hcNp0mGlAW3Mn2WaQGMY2VMOk%2BlPXIKG2ZUOwZYAKcfcJvpflR6hM9XUFtuGdIjTsJjhbLOETbK%2BmldCNOQGZODJZYlxgS0eOMccKdu8Txpj83xU6WB1FsVh7ZDi8LDz0654Xx97%2BwUxNb9cDCBdzcGtEIs9eHjn4dxZskOR6MwihrkbRkQ8qSRvFDuqRtbb1zY29thCcnLZiygXjHjkFSwI0DyYbv7qdde6lvjFJ6mVFiWjPsdbMTe8Cpc%2BK8tswgXFebm8I%2BoNnVU31w9Ay%2Fg%2FHBTSXhsmUlpxeQO5T3cG6hwWeZ%2FROe%2Fmt2KnuG8kL70WwzXPjhEEM6n9y9A2YyfRQrFURwoMjtWEpSLFuDg3KOa4EGkxBF852G9Yf791zb6%2FoYRtP0uqZFUVxNnX%2BhJ5bL5tLcruL9EMvs9vwkkAn1%2BDt%2BZNQdy30NLuLQyxZ9fZlU9ugQRwk1o2BgCyExNndEhy9IICONzb3Q1Zj3aJi4RWogPJTK6Bahw5b5ifZnU%2FCiYuqWL0VD1X3g%2FvusSL1QA82GaU6cqQcyrPzg%2FKE%2FjwCcbA79ig4RpC4xe1VnTKprGZiNeWQe4e%2Bn8V7%2BN0oIOMoBBxRTZPuts65l6XGsR9ibMdv79J0F6bfQzWtqV1S6kr6peANuZxoa9C8Z0E%2BDzcsu7Eu9eW46go1OU%2B3QOpeYj%2FKkDNs0e5aa7Gw1eb%2B7uZP%2BXXz8HgNjZ%2F8en21uT%2BgJi8O9mc2cvB0CquDP5zmKeNNsEa8u9rcMEN28q6ZAmOBfLxZf%2F7tFBZrZ2ceeZYP2FuagiqRiFvdUVh4Hx5tXfFTP8z3Na98gx29jqzemtrkpOzq0eCCzDIwoslxyGXH2RsgrZeCYrb3ZNXgjZAyLlzYQx82VwdbzMzfESbXc8FK0AqgBcFad4%2Bb5UHuxc9VtSpldG1zaHkPyOlJkL3ciPehYOoATffI7vSBtsTcCJqG2WaAfU3ao5ZJlYD8inqEpqDh5IhT8MEHhX%2FlFNwjo8DbndLkTyZBHoDeyyOyHEXmNlqZYnXdBPXtPqM48E0Lqy59nuFqMGUH0%2BCTH%2B9%2B%2FBdr0hz3&pcode-active-testids=919406%2C0%2C5&pcode-icookie=GDwYM0eP9nhkmGVxwjBrEjKUFnqIDkcarF0WfGWWqjRK8nodmyQO2Zp5qNUBX1h9pp40EfH6%2BXrT6q8VnWEgTboKQUM%3D&duid=MTcwMjEwODkzNDkyOTU3NzUwMA%3D%3D&imp-id=17&enable-flat-highlight=1&charset=utf-8&comboblock-unencoded-vast=1&test-tag=407918813904898&ad-session-id=8872441702108934438&target-id=40760851&tga-with-creatives=1&top-ancestor=https%3A%2F%2Foir.mobi&top-ancestor-undetermined=0&pcode-version=925414&pcodever=925414&skip-token=yabs.NzIwNTc2MDc3MjI3MjE5NDYKNzIwNTc2MDcxMDQyNjIwOTI%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A497%2C%22h%22%3A0%2C%22width%22%3A497%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1069%2C%22top%22%3A1466%2C%22ad_no%22%3A2%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A3%7D&grab-orig-len=1520&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChLmNJEkuQ-oycO4rRtB_GZY4y2sfgG_T22p6ZRt1G-LkhibNLIU3dat67qk-7os6wb_JU7tpWlroKcBrpgJvo7q-Zfl3Q9--I1GzEwMHY-JmCfk2H4QCTlz8SKhHdrBjEAFDRSJPwThlm4Dx2B1amc0uM7olgH8oywD7m5s3D-ZnfYw5n7e2gZutzpmp_6m2dEyDVTJ7oDeR99kdWZH7UwDxH_ShOLaSOhPe21v-ZMk5k2H74ZsOxxevPnDs6dnk8QdZqf_DNZ3Nm_43jf-mu-b-9OsjtZpX5J68l87wN-J3i0ke3fYLWlmu2H8h9ZpBrwf92uaulQS3h29oxpwdofSGchujWpg__noMR7FuPsVTTOwvjurfk3yTO71xQL9nTA_42uL1lZzXMyv02qtbutp4j6KdWVdQphXQ238g_6LPBan0SOaeATD5TnaAN66uEIVweDhbX6wHIckBtmJIyEvBCkzCNzFTt6CYPCJNv9nTzeuLj3dfKvMhD5HOrz57LlcboifHJ3_8TlSwbgHd7i-6okbzoD3B_FfH1E3K1tTqO050mAQ_96KOiAfIegfNZzm3pYBwsPAEYpXMoAzCI526MXRxwD-Bwk9t9YgaqoprQvcCr2clAoyaRna088rdQ476kA2qHSO1JxRKGbrrVZSOsROAuK86R3kfObAcGrzKFPRCYB36A8-wFN0IuwGdXFa5C1FZwFmYHdoDSymKVgWrGaRcc-vFSwLRrPwrIt-s10MxaaYb2LhdrqC0YdhANtKYnaoCvorMEeAKzmzYzS7RG_24-OvXGEHwh6Iqug8oD5wGE-cYx05ptwsxUAJ2bjKxlU2rrJxlY2rbFxl4wpejCskEanOHTibiy91B8F39l_RzueDyW04oku8aDcmRKoSr_yK1Ptwg7Fsh1xJTNdrtUlRhL6XPG0OoS9A6K9Twlb-IUAQa2IOADbcSRTEEDBZ3oDgDVVnAj-OL3syyok-yndwGXqgZMMOmYxw2Pbwpd66t7tDYm-4U-rMYPLtxLnZizgsizpZ67CXTtz9NSReTWZT75FIKG7ckyWkrewVgVs4cAoHduHAKhyYhQOjcKAXToS0wZM3RDjxvzaJRELpK0JKWpuXN4AnG1IPEx85kdncMWyK9Kkyk1hzbSl_sPH-tUm_DZn0QYUwQKaOuz-c_L-xDVYTb2RpBPLdYSZA-yGXtmxEiHfZzmIJiyIuumqSNAgDXbQU8qb0QzuD3eCqTGdFV0sWEH2pFPFQu6prqPmqa7jlXxXFykZPlGL9V7EClcU8vNQuIfzkTs_XrkAj07rrByoktfZ6MbPWX1mMBNdQf_QSRe2_ReCS-PJRKTToCV6i_j7qBnB6CKj5AyXBdJRfKfASPMDm1kXvt3BOWKGhZn2e6C1alOh_wQdwnaV3KYsHYDwHvAE2xzzISKF5eB5Gg1rY2qDfx4Bfuuf63g3V8QTlmmBT8oIW-5C_VD3CYsLgkQfY-wQCB-AToA%3D%3D&uniformat=true&callback=Ya%5B7472296009635%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
9f6ae6b1dcdcafa55f5f2187fcd5991b0cd5399dc538439f84b3e3b665985c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr
true
x-yandex-req-id
1702108935535929-6551306943101187029-balancer-l7leveler-kubr-yp-sas-24-BAL-2426
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:15 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 31CF 		0
0
c4b185eaeb485312881a42
an.yandex.ru/mapuid/arcspireis/ Frame 31CF
Redirect Chain
  • https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
  • https://an.yandex.ru/mapuid/arcspireis/c4b185eaeb485312881a42
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/arcspireis/c4b185eaeb485312881a42
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/arcspireis/c4b185eaeb485312881a42
date
Sat, 09 Dec 2023 08:02:15 GMT
x-envoy-upstream-service-time
0
server
envoy
content-length
0
0100007F071F74655E105E1A022A1954
an.yandex.ru/mapuid/sapeis/ Frame 31CF
Redirect Chain
  • https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
  • https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
  • https://acint.net/rmatch?dp=14&euid=2903420A081F74652000D90A02F8FAE2&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
  • https://an.yandex.ru/mapuid/sapeis/0100007F071F74655E105E1A022A1954
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/sapeis/0100007F071F74655E105E1A022A1954
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

date
Sat, 09 Dec 2023 08:02:16 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://an.yandex.ru/mapuid/sapeis/0100007F071F74655E105E1A022A1954
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
845d3fc3-d67a-5257-b9bf-608fdccb7f88
an.yandex.ru/mapuid/betweendigitalis/ Frame 31CF
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1&rts=8652532877544122312
  • https://an.yandex.ru/mapuid/betweendigitalis/845d3fc3-d67a-5257-b9bf-608fdccb7f88
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/845d3fc3-d67a-5257-b9bf-608fdccb7f88
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/845d3fc3-d67a-5257-b9bf-608fdccb7f88
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
demconf.jpg
dpm.demdex.net/ Frame 31CF
Redirect Chain
  • https://yandex.ru/an/mapuid/adobedmp/
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=93642606882B502D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=93642606882B502D
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=93642606882B502D
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
54.73.144.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-144-235.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-06db7c088.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
AzqN5yFnTZ0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-0a7a21b53.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
J7kMfBzHSaI=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=93642606882B502D
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ads.betweendigital.com/ Frame 31CF
Redirect Chain
  • https://yandex.ru/an/mapuid/betweenx/
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E692A1DE9BE53A8F
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E692A1DE9BE53A8F&crf=1&rts=-932525568820568088
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E692A1DE9BE53A8F&crf=1&rts=-932525568820568088
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
188.42.34.65 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=161&external_user_id=E692A1DE9BE53A8F&crf=1&rts=-932525568820568088
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
im.bluevoox.com/ Frame 31CF
Redirect Chain
  • https://yandex.ru/an/mapuid/blueseaxcom/
  • https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D1E8B7D81265A8E2
0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D1E8B7D81265A8E2
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
HTTP/1.1
Server
52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-175-185.compute-1.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Connection
close
Date
Sat, 09 Dec 2023 08:02:15 GMT
Server
openresty

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1702108935552453-5350871035198381838-balancer-l7leveler-kubr-yp-sas-24-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D1E8B7D81265A8E2
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:15 GMT
pixel
cm.g.doubleclick.net/ Frame 31CF
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1702108935552867-6473475893441060463-balancer-l7leveler-kubr-yp-sas-24-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:15 GMT
pixel
cm.g.doubleclick.net/ Frame 31CF
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1702108935553132-16060961297575986791-balancer-l7leveler-kubr-yp-sas-24-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:15 GMT
pixel
cm.g.doubleclick.net/ Frame 31CF
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1702108935553476-10451369174071590138-balancer-l7leveler-kubr-yp-sas-24-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=6032ED718F37E391&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:15 GMT
cm.gif
ad.mail.ru/ Frame 31CF
Redirect Chain
  • https://yandex.ru/an/mapuid/mailweb/
  • https://ad.mail.ru/cm.gif?p=155&id=2D0808CF2A189C64
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=155&id=2D0808CF2A189C64
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
r.mail.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
server
nginx
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
require-corp
content-type
image/gif
cache-control
max-age=21600
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
43
expires
Sat, 09 Dec 2023 14:02:16 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1702108935606911-16164195943942564093-balancer-l7leveler-kubr-yp-sas-24-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://ad.mail.ru/cm.gif?p=155&id=2D0808CF2A189C64
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:15 GMT
sync
x.bidswitch.net/ Frame 31CF
Redirect Chain
  • https://yandex.ru/an/mapuid/minimobww/
  • https://yandex.digital-services.solutions/api/sync?demand=YANV2EU&userid=D93CC277A4695803&expires=1&usergroup=1
  • https://x.bidswitch.net/sync?dsp_id=469&user_id=D93CC277A4695803&expires=1&user_group=1
43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=469&user_id=D93CC277A4695803&expires=1&user_group=1
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
35.157.229.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-229-177.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=469&user_id=D93CC277A4695803&expires=1&user_group=1
date
Sat, 09 Dec 2023 08:02:15 GMT
x-powered-by
Express
content-length
109
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
sync
t.adx.opera.com/ Frame 31CF
Redirect Chain
  • https://yandex.ru/an/mapuid/operacom/
  • https://t.adx.opera.com/sync?vendor=60143&uid=1C6D042AD0DD99F4
35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60143&uid=1C6D042AD0DD99F4
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1702108935607482-14350022621756497466-balancer-l7leveler-kubr-yp-sas-24-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://t.adx.opera.com/sync?vendor=60143&uid=1C6D042AD0DD99F4
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:15 GMT
/
yandex.ru/an/mapuid/targetads/ Frame 31CF 		43 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/an/mapuid/targetads/
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1702108935607709-13196506123697278935-balancer-l7leveler-kubr-yp-sas-24-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:15 GMT
user-sync
sync.adkernel.com/ Frame 31CF
Redirect Chain
  • https://yandex.ru/an/mapuid/xapadsssp/
  • https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=8754C7A625357E1E
42 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=8754C7A625357E1E
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
HTTP/1.1
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 08:02:15 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1702108935607946-3145650054356467961-balancer-l7leveler-kubr-yp-sas-24-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=8754C7A625357E1E
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:15 GMT
/
yandex.ru/an/mapuid/yeahmobissp/ Frame 31CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/an/mapuid/yeahmobissp/
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
54630d496c6a04adb1ff86e57583df533ec3a5ea680d7f714d7b68d119a1a146
an.yandex.ru/mapuid/mediascope/ Frame 31CF
Redirect Chain
  • https://cm.tns-counter.ru/yacm
  • https://an.yandex.ru/mapuid/mediascope/54630d496c6a04adb1ff86e57583df533ec3a5ea680d7f714d7b68d119a1a146
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mediascope/54630d496c6a04adb1ff86e57583df533ec3a5ea680d7f714d7b68d119a1a146
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
server
ms-counter-4.0.4/1.22.1
content-type
text/html
location
https://an.yandex.ru/mapuid/mediascope/54630d496c6a04adb1ff86e57583df533ec3a5ea680d7f714d7b68d119a1a146
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cr
cr.frontend.weborama.fr/ Frame 31CF
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F{WEBO_CID}
  • https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1108125624
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1108125624
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
via
1.1 google
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
via
1.1 google
last-modified
Sat, 09 Dec 2023 08:02:15 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1108125624
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
match
dm.hybrid.ai/ Frame 31CF 		0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=182
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.23 , Russian Federation, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
https://yastatic.net
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
127
x-xss-protection
1; mode=block
expires
-1
yandexdmp-match
dm.hybrid.ai/ Frame 31CF 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/yandexdmp-match
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.23 , Russian Federation, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:15 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
109
x-xss-protection
1; mode=block
expires
-1
hNZvfxhy0ez5BQn7TrkP
an.yandex.ru/mapuid/dmpamberdata/ Frame 31CF
Redirect Chain
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1702108934
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1702108935760&i=1702108934
  • https://an.yandex.ru/mapuid/dmpamberdata/hNZvfxhy0ez5BQn7TrkP
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpamberdata/hNZvfxhy0ez5BQn7TrkP
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

Date
Sat, 09 Dec 2023 08:02:15 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
nginx
X-Permitted-Cross-Domain-Policies
master-only
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Location
https://an.yandex.ru/mapuid/dmpamberdata/hNZvfxhy0ez5BQn7TrkP
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
kELIUATkLZehJQuSoKQceUjpirzzJyqk
an.yandex.ru/mapuid/mediasurferis/ Frame 31CF
Redirect Chain
  • https://dsp.mpartner.digital/dmp/syncsspdmp?sspid=4
  • https://an.yandex.ru/mapuid/mediasurferis/kELIUATkLZehJQuSoKQceUjpirzzJyqk
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mediasurferis/kELIUATkLZehJQuSoKQceUjpirzzJyqk
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/mediasurferis/kELIUATkLZehJQuSoKQceUjpirzzJyqk
date
Sat, 09 Dec 2023 08:02:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html; charset=utf-8
content-length
109
p3p
policyref="//dsp.mpartner.digital/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
server_match
euw-ice.360yield.com/ Frame 31CF 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.32.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-32-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 08:02:15 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
33a5f3e9-f5a7-45b5-4883-e8af277fba30
an.yandex.ru/mapuid/buzzooladspis/ Frame 31CF
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
  • https://an.yandex.ru/mapuid/buzzooladspis/33a5f3e9-f5a7-45b5-4883-e8af277fba30
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/buzzooladspis/33a5f3e9-f5a7-45b5-4883-e8af277fba30
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/buzzooladspis/33a5f3e9-f5a7-45b5-4883-e8af277fba30
date
Sat, 09 Dec 2023 08:02:15 GMT
server
nginx
content-length
113
serverid
TODO
content-type
text/html; charset=utf-8
ZXQfB6WnaT4
an.yandex.ru/mapuid/soltadspis/ Frame 31CF
Redirect Chain
  • https://kimberlite.io/rtb/sync/yandex
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZXQfB6WnaT4
  • https://vma.mts.ru/match/second?ssp=59&exu=ZXQfB6WnaT4
  • https://tech.rtb.mts.ru/?dsp_uid=9d4b356c-47f8-42c8-baa4-b91b59889bf3&return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59...
  • https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D
  • https://vma.mts.ru/em?next=59&em=3&ssp=segmento&id=xmhqMMA00t5o
  • https://kimberlite.io/rtb/sync/mts?u=ef5239ef-cfec-4ab4-91d8-b34000b93023
  • https://an.yandex.ru/mapuid/soltadspis/ZXQfB6WnaT4
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/soltadspis/ZXQfB6WnaT4
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:17 GMT

Redirect headers

Date
Sat, 09 Dec 2023 08:02:17 GMT
referrer-policy
no-referrer
Server
nginx
access-control-allow-origin
*
location
https://an.yandex.ru/mapuid/soltadspis/ZXQfB6WnaT4
cache-control
no-store
access-control-allow-credentials
true
Connection
keep-alive
server-timing
app;srv=7;dur=0.0003
Content-Length
0
/
an.yandex.ru/mapuid/targetrtbis/ Frame 31CF
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetrtbis/
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

Date
Sat, 09 Dec 2023 08:02:15 GMT
Server
nginx/1.22.1
Vary
Origin
Access-Control-Allow-Origin
*
Location
https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
mitdmp.whiteboxdigital.ru/ Frame 31CF 		0
0
cm
nr.bidderstack.com/yandex/ Frame 31CF
Redirect Chain
  • https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}
  • https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1
Protocol
HTTP/1.1
Server
167.235.186.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.124.186.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 09 Dec 2023 08:02:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0

Redirect headers

Location
/yandex/cm?user_id={partner_user_id}&pupa=1
Access-Control-Allow-Origin
*
Date
Sat, 09 Dec 2023 08:02:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
/
an.yandex.ru/mapuid/ramblerssp/ Frame 31CF
Redirect Chain
  • https://profile.ssp.rambler.ru/sync3.302?pid=188
  • https://an.yandex.ru/mapuid/ramblerssp/
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/ramblerssp/
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

date
Sat, 09 Dec 2023 08:02:16 GMT
strict-transport-security
max-age=0
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location
//an.yandex.ru/mapuid/ramblerssp/
content-type
application/x-javascript
x-passed
0bal1
content-length
0
8BXx1wR6W5y.AikABlGMTZk40Q
an.yandex.ru/mapuid/getintentis/ Frame 31CF
Redirect Chain
  • https://px.adhigh.net/p/cm/yandexssp
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1
  • https://an.yandex.ru/mapuid/getintentis/8BXx1wR6W5y.AikABlGMTZk40Q
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/getintentis/8BXx1wR6W5y.AikABlGMTZk40Q
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
server
nginx
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://an.yandex.ru/mapuid/getintentis/8BXx1wR6W5y.AikABlGMTZk40Q
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
y
rtb-eu-warsaw.intent.ai/um/ Frame 31CF 		68 B
816 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-eu-warsaw.intent.ai/um/y
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
68
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leL9KM%2BGKTUZhI6cHz37WyY7RUrTSZod2AQC%2FUCIOI3rAK7aax4M5nofPur2UQr86nv36g2bOcDgRRN07OOULOm6Elwd6bhmV0yebPUcUWFKSlMjLf%2B7KT6rz2qlUS2oUyLabpOVIrXz"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
832bb99548389060-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Wed, 11 Nov 1998 11:11:11 GMT
LQr7pdi94RV7gWSaulti
an.yandex.ru/mapuid/kadamis/ Frame 31CF
Redirect Chain
  • https://s.uuidksinc.net/match/501
  • https://an.yandex.ru/mapuid/kadamis/LQr7pdi94RV7gWSaulti
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/kadamis/LQr7pdi94RV7gWSaulti
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/kadamis/LQr7pdi94RV7gWSaulti
date
Sat, 09 Dec 2023 08:02:16 GMT
server
nginx/1.23.2
content-length
0
pixel
shopnetic.com/api/rtb/dmp/ Frame 31CF
Redirect Chain
  • https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex
  • https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1
43 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
77.244.216.90 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS"
content-type
image/gif
cache-control
no-cache, private, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 03:00:00 MSK

Redirect headers

location
https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1
date
Sat, 09 Dec 2023 08:02:16 GMT
server
nginx
content-length
154
content-type
text/html
ef5239ef-cfec-4ab4-91d8-b34000b93023
an.yandex.ru/mapuid/mtsdspis/ Frame 31CF
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map
  • https://vma.mts.ru/match/second?ssp=55
  • https://tech.rtb.mts.ru/?dsp_uid=ef5239ef-cfec-4ab4-91d8-b34000b93023&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fef5239ef-cfec-4ab4-91d8-b34000b93023
  • https://an.yandex.ru/mapuid/mtsdspis/ef5239ef-cfec-4ab4-91d8-b34000b93023
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mtsdspis/ef5239ef-cfec-4ab4-91d8-b34000b93023
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

Date
Sat, 09 Dec 2023 08:03:17 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/mapuid/mtsdspis/ef5239ef-cfec-4ab4-91d8-b34000b93023
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame 31CF
Redirect Chain
  • https://sonar.semantiqo.com/dmp/scr.php
  • https://counter.yadro.ru/id127/reff-id.gif?sid=9bf4141e0d254e87a98069c2a8a21d16
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=9bf4141e0d254e87a98069c2a8a21d16
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=9bf4141e0d254e87a98069c2a8a21d16
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
mode
no-cors
server
nginx/1.20.1
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=9bf4141e0d254e87a98069c2a8a21d16
Date
Sat, 09 Dec 2023 08:02:16 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
364
Content-Type
text/html; charset=iso-8859-1
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 31CF 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.213 Kazan', Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad13.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 08:02:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 31CF 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.213 Kazan', Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad13.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 08:02:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
/
sync.bumlam.com/ Frame 31CF 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=yandex
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sat, 09 Dec 2023 08:02:16 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
44eb153e-9669-11ee-86e0-002590c0647c
an.yandex.ru/mapuid/adsniperis/ Frame 31CF
Redirect Chain
  • https://sync.bumlam.com/?src=yandex2
  • https://sync.bumlam.com/?src=yandex2&s_data=CAIQARiIvtCrBqIBEETrFT6WaRHuhuAAJZDAZHw*
  • https://an.yandex.ru/mapuid/adsniperis/44eb153e-9669-11ee-86e0-002590c0647c
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/44eb153e-9669-11ee-86e0-002590c0647c
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT

Redirect headers

Date
Sat, 09 Dec 2023 08:02:16 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://an.yandex.ru/mapuid/adsniperis/44eb153e-9669-11ee-86e0-002590c0647c
Access-Control-Allow-Origin
https://yastatic.net
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
yandexortb
sync.dmp.otm-r.com/match/ Frame 31CF 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/yandexortb
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.40.68.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.68.40.188.clients.your-server.de
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 08:02:17 GMT
server
nginx/1.21.0
NzM4MzI5M2NhNTYzYjVlMg
an.yandex.ru/mapuid/gonetisnew/ Frame 31CF
Redirect Chain
  • https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
  • https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1
  • https://an.yandex.ru/mapuid/gonetisnew/NzM4MzI5M2NhNTYzYjVlMg
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/gonetisnew/NzM4MzI5M2NhNTYzYjVlMg
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:17 GMT

Redirect headers

date
Sat, 09 Dec 2023 08:02:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
location
https://an.yandex.ru/mapuid/gonetisnew/NzM4MzI5M2NhNTYzYjVlMg
content-length
0
x-xss-protection
1; mode=block
6a8a06a8-3496-4034-bfae-ad670a9c283c
an.yandex.ru/mapuid/upravelis/ Frame 31CF
Redirect Chain
  • https://sync.upravel.com/yandex/sync
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
  • https://an.yandex.ru/mapuid/upravelis/6a8a06a8-3496-4034-bfae-ad670a9c283c
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/upravelis/6a8a06a8-3496-4034-bfae-ad670a9c283c
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:17 GMT

Redirect headers

date
Sat, 09 Dec 2023 08:02:17 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://an.yandex.ru/mapuid/upravelis/6a8a06a8-3496-4034-bfae-ad670a9c283c
access-control-allow-origin
*
content-type
image/png
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
a%2BVcOWZAE9Go7RWKslUH9g
an.yandex.ru/mapuid/dmpaidatame/ Frame 31CF
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=YANDEX
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
  • https://an.yandex.ru/mapuid/dmpaidatame/a%2BVcOWZAE9Go7RWKslUH9g?sign=1049403318
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpaidatame/a%2BVcOWZAE9Go7RWKslUH9g?sign=1049403318
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:17 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://an.yandex.ru/mapuid/dmpaidatame/a%2BVcOWZAE9Go7RWKslUH9g?sign=1049403318
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 09 Dec 2023 08:02:16 GMT
opKou4nklg6W
an.yandex.ru/mapuid/dmpsegmento/ Frame 31CF
Redirect Chain
  • https://yandex-dmp-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/dmpsegmento/opKou4nklg6W?sign=2822324777
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpsegmento/opKou4nklg6W?sign=2822324777
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:17 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/dmpsegmento/opKou4nklg6W?sign=2822324777
Date
Sat, 09 Dec 2023 08:02:17 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
nsWqe5-GuLCX
an.yandex.ru/mapuid/rutargetis/ Frame 31CF
Redirect Chain
  • https://yandex-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/rutargetis/nsWqe5-GuLCX
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/rutargetis/nsWqe5-GuLCX
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:17 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/rutargetis/nsWqe5-GuLCX
Date
Sat, 09 Dec 2023 08:02:17 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
51d93bcdec17b44870fb145aa5e34aa248d5ca4c8b98df84779ace13cf04ac0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56002
x-xss-protection
0
server
cafe
etag
11695469815405319560
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:15 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9288 		59 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
0cecfd955087e9d95757c067f114b877bc8490d1d38793c27d2c1f2566eccb7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
21321
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:02:16 GMT
expires
Sat, 09 Dec 2023 08:02:16 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6DF5 		712 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=2110872751&pi=t.aa~a.391652048~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280&nras=3&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b590b4bece35f8cc129199f84f1fdf357cabcd9dacb98199e5bde4856b112279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
360
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:02:16 GMT
expires
Sat, 09 Dec 2023 08:02:16 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1C25 		141 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2cc2c8ba5fbb8cec334b1137e2e549116213661ded9abd6d0315ff87d64f3e30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
47825
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:02:16 GMT
expires
Sat, 09 Dec 2023 08:02:16 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 48D0 		712 B
679 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=2073156596&pi=t.aa~a.270127160~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280%2C497x280&nras=5&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=2269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
0847741f8490f088fd32410cc6d2c1c7274c34490d0dbda0dc46e69bbc324193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
357
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:02:16 GMT
expires
Sat, 09 Dec 2023 08:02:16 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 10AF 		712 B
655 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=200&adk=2450812730&adf=3215368764&pi=t.aa~a.391904162~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x200&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280%2C497x280%2C497x280&nras=6&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f2d01142b33cbc637ca0ca7319dfe872b52cb7ec3384651138cf418d81db6f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
356
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:02:16 GMT
expires
Sat, 09 Dec 2023 08:02:16 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame BA1A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
41557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 20:29:38 GMT
etag
5585625838579639069
expires
Fri, 22 Dec 2023 20:29:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 54AB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
41557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 20:29:38 GMT
etag
5585625838579639069
expires
Fri, 22 Dec 2023 20:29:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame BA1A 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 07:18:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 08:02:15 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BA1A 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:28:20 GMT
x-content-type-options
nosniff
age
66836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Dec 2024 13:28:20 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BA1A 		604 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 11:41:25 GMT
x-content-type-options
nosniff
age
73251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Dec 2024 11:41:25 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame BA1A 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:58:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
47035
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6784
x-xss-protection
0
server
cafe
etag
2582286893585073394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 18:58:21 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame BA1A 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
45893
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9231
x-xss-protection
0
server
cafe
etag
9385233705467680479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:17:23 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://oir.mobi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://oir.mobi
access-control-max-age
1728000
content-encoding
gzip
date
Sat, 09 Dec 2023 08:02:15 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 08:02:16 GMT
wx600
avatars.mds.yandex.net/get-direct/5263523/3EV6DyuMIdp57d7VOz0ohQ/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5263523/3EV6DyuMIdp57d7VOz0ohQ/wx600
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.247.183 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
89b7cf5a882a9a0f402bd4d871e6e605b8eea8e926446704f98e16447173bc8d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:15 GMT
last-modified
Mon, 29 May 2023 12:40:34 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
content-length
34022
x-request-id
1c92fb1e78f38373
intelionmine.ru
favicon.yandex.net/favicon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/intelionmine.ru?size=32&stub=2
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.180.204.36 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
favicon.yandex.net
Software
/
Resource Hash
9ccb21de0b397d95881add60989b1a9781b2ab064832a673ed13bb50f9c2b1ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 54AB 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
47253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 18:54:43 GMT
css
fonts.googleapis.com/ Frame 54AB 		8 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 07:22:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 08:02:15 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 54AB 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f10.1e100.net
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:29:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:29:55 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 54AB 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f10.1e100.net
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:41:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 07:41:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 54AB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
40805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 20:42:11 GMT
css
fonts.googleapis.com/ Frame 1D16 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 07:16:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 08:02:16 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1D16 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
47224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 18:55:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 1D16 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
47253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 18:54:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1D16 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
36018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:01:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1D16 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
40805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 20:42:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1D16 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:16 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 1D16 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 20:29:37 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 1CF4 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e24bd806e3ac18f6b8cc61bbcd7a899ef8de8c91f85840f4ab4ad0eb97cb1204

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
br
last-modified
Fri, 08 Dec 2023 16:51:51 GMT
vary
Accept-Encoding
x-azure-ref
20231209T080216Z-eykvq8qwpx32m0kx3vnvq5up5c0000001bsg0000000001yn
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d67479ca-e01e-00ed-24f7-29a0d2000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame 1CF4 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 08:02:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Sun, 08 Dec 2024 08:02:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1CF4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
36018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:01:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1CF4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
40805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 20:42:11 GMT
l
www.google.com/ads/measurement/ Frame 1CF4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrHkuc_pxTBlyjsIkHyXKHqUX7Vmf10_51shezkEaMnAvzBK0aZaNBoMQvADyiJ98ztxfFYbMR2e-0OfzzzEIpCtNpMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1CF4 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:16 GMT
WUaejI_zOoVX2LbY0TqE05DRPnv4emTH1i7acv0RyUIaF872jjEeOQViqNR8ItrdZDiuz3bjVlY3WVtR-X3s7xmXpBHR7tOFWf4Unlx78rPGYHSGR1CFuX86q76gI8jMKACKh32ImQFY2cC61xky-TheGP9pLM6Ba555E9W9u20kuVUqORo44cyG5uLjsT1aR72i3...
yandex.ru/an/tracking/ 		0
427 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/tracking/WUaejI_zOoVX2LbY0TqE05DRPnv4emTH1i7acv0RyUIaF872jjEeOQViqNR8ItrdZDiuz3bjVlY3WVtR-X3s7xmXpBHR7tOFWf4Unlx78rPGYHSGR1CFuX86q76gI8jMKACKh32ImQFY2cC61xky-TheGP9pLM6Ba555E9W9u20kuVUqORo44cyG5uLjsT1aR72i3cgDJCFOrv2RtCMkh9gnb2eyLoDcreHzbnnMMAy1-oZRjXgkrtMihjVeETXL05iCtY8XpBHR67IhM8fQuovcvEe2juGJsCB-Yv2TMM52bmRLb6bKDYjSy33Z2fpI4t0rlYa0Of0fesMo9emGW2R2agu258hG5BOwzev9pyR5Y7sCtco3-Lg_U0GWYoVW2gRxiK2kSKOncaqzZ_N9z6CI9Jyi0tSd-S6vrux_pRrsV6_kjUDpJz2D_-wZRDk-rgCLQd_MHzcsCSqqJCno1sHTrtKiRPQXmJIFDdfl6bu9z6H_zYJMviSXrkxA8FtN6cabgYtIIbIRrtelf151HP_rNcVEY9a3WQSkBbSgbKghqeUcJGCfFvEI0OXAfL8P4Vm5wXLxpnQXhsajHnuMeGM9S93BdPE6gGDMgQ0aVxCzF-vuzI98lDFtdqVU_Y6Vf4G22qFiF5rAyhW0~2?action-id=11&adsdk-bundle-version=924429&adsdk-bundle-name=AdLoader&ad-session-id=8872441702108934438&vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934&top-ancestor=https%3A%2F%2Foir.mobi&top-ancestor-undetermined=0&client-ts=1702108936281&client-timezone-offset=-60&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=924429%2C0%2C63%3B919406%2C0%2C5&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22width%22%3A162%2C%22height%22%3A162%2C%22w%22%3A162%2C%22h%22%3A162%2C%22left%22%3A19%2C%22top%22%3A114%2C%22visible%22%3A1%2C%22req_no%22%3A0%7D
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/924429/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1702108936324365-10207066055496319083-balancer-l7leveler-kubr-yp-sas-24-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:16 GMT
WUaejI_zOoVX2LbY0TqE05DRPnv4emTH1i7acv0RyUIaF872jjEeOQViqNR8ItrdZDiuz3bjVlY3WVtR-X3s7xmXpBHR7tOFWf4Unlx78rPGYHSGR1CFuX86q76gI8jMKACKh32ImQFY2cC61xky-TheGP9pLM6Ba555E9W9u20kuVUqORo44cyG5uLjsT1aR72i3...
yandex.ru/an/tracking/ 		0
111 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/tracking/WUaejI_zOoVX2LbY0TqE05DRPnv4emTH1i7acv0RyUIaF872jjEeOQViqNR8ItrdZDiuz3bjVlY3WVtR-X3s7xmXpBHR7tOFWf4Unlx78rPGYHSGR1CFuX86q76gI8jMKACKh32ImQFY2cC61xky-TheGP9pLM6Ba555E9W9u20kuVUqORo44cyG5uLjsT1aR72i3cgDJCFOrv2RtCMkh9gnb2eyLoDcreHzbnnMMAy1-oZRjXgkrtMihjVeETXL05iCtY8XpBHR67IhM8fQuovcvEe2juGJsCB-Yv2TMM52bmRLb6bKDYjSy33Z2fpI4t0rlYa0Of0fesMo9emGW2R2agu258hG5BOwzev9pyR5Y7sCtco3-Lg_U0GWYoVW2gRxiK2kSKOncaqzZ_N9z6CI9Jyi0tSd-S6vrux_pRrsV6_kjUDpJz2D_-wZRDk-rgCLQd_MHzcsCSqqJCno1sHTrtKiRPQXmJIFDdfl6bu9z6H_zYJMviSXrkxA8FtN6cabgYtIIbIRrtelf151HP_rNcVEY9a3WQSkBbSgbKghqeUcJGCfFvEI0OXAfL8P4Vm5wXLxpnQXhsajHnuMeGM9S93BdPE6gGDMgQ0aVxCzF-vuzI98lDFtdqVU_Y6Vf4G22qFiF5rAyhW0~2?action-id=0&adsdk-bundle-version=924429&adsdk-bundle-name=AdLoader&ad-session-id=8872441702108934438&vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934&top-ancestor=https%3A%2F%2Foir.mobi&top-ancestor-undetermined=0&client-ts=1702108936282&client-timezone-offset=-60&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=924429%2C0%2C63%3B919406%2C0%2C5&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1123108187%3B0%3B48c4110ac8fe9802%3B7323290045749207443%3B0%3B479133%3B1%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22width%22%3A162%2C%22height%22%3A162%2C%22w%22%3A162%2C%22h%22%3A162%2C%22left%22%3A19%2C%22top%22%3A114%2C%22visible%22%3A1%2C%22req_no%22%3A1%7D
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/924429/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1702108936324730-17770813306563669921-balancer-l7leveler-kubr-yp-sas-24-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:16 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:16 GMT
csi
csi.gstatic.com/ Frame 54AB 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpxrpoqe&c=4028447987425&slotId=2014223993712.5&qqid=CKKlw_PxgYMDFYLdZAodUwgESg&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.200.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jl-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 54AB 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:32:51 GMT
x-content-type-options
nosniff
age
217765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:32:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 54AB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:25:42 GMT
x-content-type-options
nosniff
age
38194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 21:25:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 54AB 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=ChVshBx90ZeKFAYK7kwPTkJDQBNWO-ONxxv-1-I4S8t3S4LIBEAEg5J_LJ2Dp5MmF2BqgAbrtqeYpyAEFqQJIe3oBA6qQPqgDAcgDmwSqBOEBT9AD9ESE3G6S_ehhGez9sLYErLuAo2RVK71xaWPiEeT4DNNUFWAMi-OmVaTdK11SbTpRrz0gUSl0Fyn_iQupfjtbR3QPiiywRL6XZ8O3tjF8qUrTVxy7H7kIVQEFX3Pm2dT0UFMpmLHtRulNu7WMjkfGj8FHXPV0JX-JYsmyzBIW-06FA4Q8LmjsgqBuZeZskUKJpcpIkKidYOQ-qy1q1wD2a1gg5ZjHfZRq__JZ-M-88StXMJJhj6n_S6akdJzbQUTULNrTYmT3j832GtDyGkOGqCpO9WDCxuL_PGydbwgGwATsmMmzugTgBAOIBfuyrPVLkAYBoAZ2gAe6pfrFBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJ7LvvPxgYMDgAoByAsB4AsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CUEywE-L_1hXIE8TSjuMD0BMA2BMKiBQC2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1702108936316&ai=ChVshBx90ZeKFAYK7kwPTkJDQBNWO-ONxxv-1-I4S8t3S4LIBEAEg5J_LJ2Dp5MmF2BqgAbrtqeYpyAEFqQJIe3oBA6qQPqgDAcgDmwSqBOEBT9AD9ESE3G6S_ehhGez9sLYErLuAo2RVK71xaWPiEeT4DNNUFWAMi-OmVaTdK11SbTpRrz0gUSl0Fyn_iQupfjtbR3QPiiywRL6XZ8O3tjF8qUrTVxy7H7kIVQEFX3Pm2dT0UFMpmLHtRulNu7WMjkfGj8FHXPV0JX-JYsmyzBIW-06FA4Q8LmjsgqBuZeZskUKJpcpIkKidYOQ-qy1q1wD2a1gg5ZjHfZRq__JZ-M-88StXMJJhj6n_S6akdJzbQUTULNrTYmT3j832GtDyGkOGqCpO9WDCxuL_PGydbwgGwATsmMmzugTgBAOIBfuyrPVLkAYBoAZ2gAe6pfrFBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJ7LvvPxgYMDgAoByAsB4AsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CUEywE-L_1hXIE8TSjuMD0BMA2BMKiBQC2BQB0BUB-BYBgBcB6BcF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 54AB 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpxrpoql&c=4028447987425&slotId=2014223993712.5&qqid=CKKlw_PxgYMDFYLdZAodUwgESg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.13f&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.200.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jl-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 54AB 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Dw-y6ZhXrfuUVsoj8MOPLt9EaNMKpmolfpREEhUww0eRSxbGk8AuNpamsg-NpsWxHmD9OkfyuElECswPfDRCLYK2zMJg&cry=1&dbm_d=AKAmf-Div2j8NZslcl_TznkitiKHyAPXqmZ7JfxmpOvdimt0XBE5VEV1oKx3M--cZ0y4GbGN-cu2IcyJ7Gx0NxTS6pLX1CK-irNYpJSSMZ4dv7ywEIwzz2PZFCn7Ccv2mDpBBv3ZOY08_bYdvN0uhD89O-BQeAmFkEv9OY7eFukGVeey4QueRfxATh9sdy2wgHSCd52X1_cydfhOVFmE7uFnPPH50acdkBoXgHXqH9Jsm8byPCniTXtxdSrLyb7ip-pH9crfm52JL7FHPSxZdj6xhy5e_RCPsQIie1bkGVQue-IgPSR-B6IHlqTqIGjzmvMCijAGnyxznEpQx-ksK3KlNrIWXle6FFu3zP4FeX_QAAG_kQGrPxdjCyLthJvX4pGzlHZCFOZPr0o8DqIfLpO1QRVqftR7-fwdWNVtmEdmWFVa7rhjogGyzugQPeZ5rXBK96F2BQwWNBUu3FUjbd6gij-33yntr9vKhG4DTNu3vL11s2Fin7wCjLNEQ_SiePXfDDVNJkdoHIScOb9G_LCWfcobokenmAxLtCwOCJLFHWaPLf77Xad7jv-kaUIrzxLR0QUUVS85uKhUr_pVrzbUo2KpNNXABvfy8uqlTlEmJ44d6bs_blEFTwZuRVx8tGnApaJ3v25DbD-RtqveXYxTnMH0wNcgAE0jYKjykVtwfAokS99H6hwL2DGK8VpFYenOWjwQPRnmy5tKJ9cAMoQ9yG9D-4OX1q7TRVOIZlMnxom-XKnqlHz95h5tOnB_JM6m8bEP0gq9uKV4yrJveXCCOq9WLt97glU6da9XMKqFEJ3QHS0JlMn4IXKuH7n6Ee1ZsQgIUN9sijTfAhahI5ISB7RdEevbDZ-NYsJZTDSDAfRTZ-UroAUUYG4D4DHxPoFJLD_gTc9C6Br_Ihhul4ZvcDrvoWvNGsfGfrV5sEaudqQ47dyf2ta2ZKa2cUQaWnqDskZQRoMkk7wUI-DrCAeIl3uzWJM8W0UcRL1roCdb-5TEmIvdZR9vfRou_u2UXROSErHIQNp05X6CCd-WrgUKASzE23PHWvoaM3XQnQGcYESYPXQ542WbJSUiXlpCR12lVYz4TZCcliBX0HyNY1vMh09FktxZFVT17KrvDLsOO38T_g0djnT-EmWh8D0l9BSuaWrDj2jmejTvm-p1K10SDRIKIxyfWQP5LEy65KTvAAsALjoMCKJQYIBDm_jjMIu7BmZxkYzCRiuJAzaftxhlhAJAYnJ4SepXBaPuQlQIssr5GMGATJ5dw5KneUrvcPVn0l4mq4WmWmmSzzaCQvDoxCe5e5bSZzpnm62jy_KXRE1Qh4VDncoswH37GmUxmjBmx-BD_S81qZ7hTHjcuGZhF7lbB1XU97uM4fbboCdRM8aqhZI8PM9UYcXL-SS2LkgGxL_xEy4PeVqp7M_X0P53pMeLMnnD39gBnqO9nWbq_pE2vy5_Sagq-SVor7kJNtfH_P8VSc5RSG5Bv7C9OWlgbq4sBh1FrnYJzSAqKMlRKDGDMndBUwDqh8BNh-nxDHOlsJ57NksNJxzC-aYNCyixiYC2V8QBdSV5uog990CytdHJKYybetmEnXpFyztHGCEzdPABkdwtbxTTBKk2HVTBwCduIPY_liynV49G7SSAYVYhztlmUdpkU9t_i3EnOSF5NAX03x2kckflqmU5rat1hYYl4fSp7altQmsmo9VvXzRBjSlIQ0DBy6L3XLe7qFAQYZ4d-4pmCTdk_hEmnMyYmoljd01x1DFvWDHpwpdHOF0Ln0tRxOex2pjxcKK-Vl4v_7RiCOeRN46mAvbmJrrNS3_RILJXfl9AbOcZHmPxCkMLvNYwb0D06yl8yA2lueaU8XYEv25iB8mrBC9XRONs_4CZiIqrbgMfOYdofLPtAQ53TA4OhsDdykXsXWB8z7ThG_mcI44sW5nr9vFavcwlIe31azWRg3Xv-vweK8OMSKmdWIrfGCN8d-PqA_pNztoYNhIiseWUf3hKirYIcPkRMLatktN5ltn1ya1yku1mwp3tej297I8gfLGnvSqvJGUlsMHR8XmZLrza_tRt2wznvcmv9xnyjjQIaC9S5mobpM1DlFKwllqUpGRc24H2SvzlrYwIS1isSXpkP56FWTmhtsVkaFdLZdQ9n0CuEiLxsK7OKH8PTKTjTSBCtxjAPAAFC25VavK3zT3QHAdHw3jPM7PsPx4bkBpyP3s8slul-7wRgeqMEeT40QZ2dhf8iG6Qz0afpZhhgK59mYI3rYwDfOIfmUpIrvrYqwcpZB-idlYBEFSWv8DgBfFmcBqyc-1-TMgj9s0VNY2hguQo_8bKoNGK7U_udhTlKEnXRwQViY1k6zYBP1vWVsst4nZYCL49gubwIAoHetUoWe7tGJgeYejegjcDOMWUrk4891WnmFY5So2gF7wY7RD4Ilz2WZJCPovZL2ODFdqZZfuxAZb2IuOnu4Iknz_L7OHYXekO-xQAkA7eYVUlVjoSeTaJEy8hzkC1r1CGRmpfm0KYXafGJGyzoqT5gFKY-dL3ExlOGt8_Z08uOqEM64UZO2g6KO51r8hOMqpk_eb0yN4BdxooqNyu51mQ9F7tQGMZOH0a7wYYJlfEmLPaUg2oj5FUvBKTS_Bwdp5nTrxAAXifSEEm94OYEfIrKOzj8wBGyCihXEZyEU-sWEORf3vLObTF_YPxDhPENDLcPVXznf4_T83CIzGlF018KBrmaEf7_iQSd_86zUhK1gI_boLZFEO_GFimIULmTc_o2L9fR7PXv3aDBYBTjQtTa4OMG2Bv741flj5A3j7LWovatuwQ4ryFICirVfLUYw7a6ptzjYITpvuTK0Las5rOidhWBNOPgOiVqtV4LUlvhnbS6uyCfyEO5LpCOocxptMX2SVbF4N407nDAFtrY06Pe5QvKnsMHJiKmz8N689ehBwKt-14mXNcXB_llLWcuQq1ZQ7ltDXmv-uRT6qhLq8EJrcaWRnCjYe3k9G5O8E3U4ldLnFjwMBQpXHFyqQDGt1KItH9LHf_kXCZrV_z44Bkakrc0vWWrCuWIv10mEuFgfJEpZYENK-dotHjBzAollt0HFommH4-Q7SWBP_WcQvcplHVh2U2bsv01sdTdDDnAcn5gIqOngCQTW0X_66ml7PQD9Azf6_qIdZcdNdODUVz_v8nas6WjtYApJcxYmgu5d20WQJq2CZLR3JBhk5i_8g2FJhWlvH7UmyJdlhCoa8u3PNrcBAGJFY72rYdFV1eMTXt7TvokDQ1gJKq5RS8pfu5gHk1-RZr69lQgw4y7jubvAO79tbJQ9avJgYuaN3leF_x98INyipbNrGiFj-itP8aafeeHj_4GvLAFaqgJqDHyEEUTe_13AuERSzBJTd6rOlcCNhe_asGi07561NQBc3y7zYiTcjOUCIkyeGydclDSKO_kl5M8thvQlDg0wx7NtQOd6Bk6ETrhMCxvjIxrqkGX0tuN7wT6m6IEGysOmGDG7gbM5uw-Kp-vVcLOaX9CjdAbX5Vc-pFHiOSPMO5UKRdxWECwmAer-SEc8NClQkHRnYpMl5z-P31-GIZq1LUyUYGH2jH_DvKQbXoyk8yRqApViT2_xtA_2xlBcEpowfZCHmAY_vyZ1H200R48ouhpPeQrhy87BTOc_uZpM_mQJe18DoNAr4gCdNWi7KwTMZzOCEfR9MB7sNCIuWG7Y9z7tipiAOX6plfXmhkNGdKqF-E&cid=CAQSTgDICaaNwp3D50V7X59tZF4hCeh44YN1Kv2tU561wixA4yKS4L2eQZPlUpOr5t2CL2d820HSs-r18ytbsX4JDLPJK9S05eRJC1bCPr1nGxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f154.1e100.net
Software
cafe /
Resource Hash
f3c135343f6f57dad7a3cebd01e32fc97c57116b12623733d9c04ec948d65979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17201
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 54AB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b28073c38658ea8ec16f7f47cc457c4ad26dd3ab253888b89269d940898a4d4

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 54AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYQtCBx90ZeKFAYK7kwPTkJDQBNWO-ONxxv-1-I4S8t3S4LIBEAEg5J_LJ2Dp5MmF2BqgAbrtqeYpyAEFqQJIe3oBA6qQPqgDAaoE3gFP0AP0RITcbpL96GEZ7P2wtgSsu4CjZFUrvXFpY-IR5PgM01QVYAyL46ZVpN0rXVJtOlGvPSBRKXQXKf-JC6l-O1tHdA-KLLBEvpdnw7e2MXypStNXHLsfuQhVAQVfc-bZ1PRQUymYse1G6U27tYyOR8aPwUdc9XQlf4liybLMEhb7ToUDhDwuaOyCoG5l5myRQomlykiQqJ1g5D6rLTLWmgP4ymZ3GD7IlIRK2YxZpGlQHuL1jdZi_dtBGq5dhCzTmcubPTtMSu8mOE9xBXHYb6qwqIJYYCyGfxD7dmzABOyYybO6BOAEA4gF-7Ks9UuSBQYIAxABGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB7ql-sUEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQqOMQGMSxu4AC0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliey77z8YGDA4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxArAT4v_WFcgTxNKO4wPQEwDYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItNzYxNTU3MDU2NjMzMTI4NRgA6BcF&sigh=jnvISGnhvjk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNwp3D50V7X59tZF4hCeh44YN1Kv2tU561wixA4yKS4L2eQZPlUpOr5t2CL2d820HSs-r18ytbsX4JDLPJK9S05eRJC1bCPr1nGxgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible
event-source
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 08:02:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame 1C25 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 07:13:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 08:02:16 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1C25 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
47224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 18:55:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 1C25 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
47253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 18:54:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1C25 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
36018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:01:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9C81 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
56646
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sat, 09 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1C25 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
40805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 20:42:11 GMT
l
www.google.com/ads/measurement/ Frame 1C25 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTULvTc4La19OJU2XfL5erzjUVW9cjGFyGIx5MuuyRTvhiInpTNdJ6J8ZEVt5L0E13Z6BvwqJUgc29MYbklt1IM_LP94g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1C25 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:16 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 1C25 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 20:29:37 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3210859083795584872/ Frame 1C25 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3210859083795584872/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
2ab2025a61e8ce057af4fe3e581e49374a5d1c2fd941fdc1f94b63f3ba53c617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:40:15 GMT
x-content-type-options
nosniff
age
40921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12055
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 09:33:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 20:40:15 GMT
truncated
/ Frame 1C25 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1C25 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
dpixel
cms.quantserve.com/ Frame 9C81 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFGqVBKKqRL3CPEH2H_G6Uw&google_cver=1&google_push=AXcoOmS8EaeXXWLquChFifg-Yq0GGANWTpBgDQVuHFp5-3yKjEOZqj4al3zmTNz3H_uRaCcpoX8DKhSjBlzftmaXKCMn0ei-shxMxh4JxJ5E6d1L-eH4CdufqogdmdCukcjPVzTMrl2A1EiuqyBnfl9M27YaBw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9C81
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJZG0ZGjB1i5kE3mWfKDwW0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJZG0ZGjB1i5kE3mWfKDwW0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXVHbzl4ZGIxUmJTaFc1&google_gid=CAESEJZG0ZGjB1i5kE3mWfKDwW0&google_cver=1&google_push=AXcoOmRLMntdgpEz7TK-beGcL-iQHeDACmpdkkZeTOcQMj8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXVHbzl4ZGIxUmJTaFc1&google_gid=CAESEJZG0ZGjB1i5kE3mWfKDwW0&google_cver=1&google_push=AXcoOmRLMntdgpEz7TK-beGcL-iQHeDACmpdkkZeTOcQMj8OxbGjavNYcBMk-yPpBTnyH3g2IB5Q_9VbnckiwUnUOc3to-VRzNF5A5sow6HNcDL2nLNwepYRWW_37gO8tdYBJP49VxJ2PCT5ScgKM9ZV4TJr00Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 08:02:15 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXVHbzl4ZGIxUmJTaFc1&google_gid=CAESEJZG0ZGjB1i5kE3mWfKDwW0&google_cver=1&google_push=AXcoOmRLMntdgpEz7TK-beGcL-iQHeDACmpdkkZeTOcQMj8OxbGjavNYcBMk-yPpBTnyH3g2IB5Q_9VbnckiwUnUOc3to-VRzNF5A5sow6HNcDL2nLNwepYRWW_37gO8tdYBJP49VxJ2PCT5ScgKM9ZV4TJr00Y
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 9C81
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENAVN0AXIYWyanPtnJ4orJQ&google_cver=1&google_push=AXcoOmR2pEtPz1uQmpiaDROTbEh4EGPrZjzv7bA8P1dH2BurMoJNi68leZhAupfoSW5JM-N44sqnWKZcaHJs30t2-LXuhLb9yzW9Y...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENAVN0AXIYWyanPtnJ4orJQ&google_cver=1&google_push=AXcoOmR2pEtPz1uQmpiaDROTbEh4EGPrZjzv7bA8P1dH2BurMoJNi68leZhAupfoSW5JM-N44sqnWKZcaHJs30t2-LXuhLb9yzW...
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENAVN0AXIYWyanPtnJ4orJQ&google_cver=1&google_push=AXcoOmR2pEtPz1uQmpiaDROTbEh4EGPrZjzv7bA8P1dH2BurMoJNi68leZhAupfoSW5JM-N44sqnWKZcaHJs30t2-LXuhLb9yzW9YvSxWpkTxb6NRgA3PhNngyvcA5Wa_aZJW1f4IAoaGyHuvm76q6baHN1LhvI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR2pEtPz1uQmpiaDROTbEh4EGPrZjzv7bA8P1dH2BurMoJNi68leZhAupfoSW5JM-N44sqnWKZcaHJs30t2-LXuhLb9yzW9YvSxWpkTxb6NRgA3PhNngyvcA5Wa_aZJW1f4IAoaGyHuvm76q6baHN1LhvI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
832bb998cb2f8ff5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
95
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENAVN0AXIYWyanPtnJ4orJQ&google_cver=1&google_push=AXcoOmR2pEtPz1uQmpiaDROTbEh4EGPrZjzv7bA8P1dH2BurMoJNi68leZhAupfoSW5JM-N44sqnWKZcaHJs30t2-LXuhLb9yzW9YvSxWpkTxb6NRgA3PhNngyvcA5Wa_aZJW1f4IAoaGyHuvm76q6baHN1LhvI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR2pEtPz1uQmpiaDROTbEh4EGPrZjzv7bA8P1dH2BurMoJNi68leZhAupfoSW5JM-N44sqnWKZcaHJs30t2-LXuhLb9yzW9YvSxWpkTxb6NRgA3PhNngyvcA5Wa_aZJW1f4IAoaGyHuvm76q6baHN1LhvI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
832bb9978a338ff5-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9C81
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEDTl8NSjIMRPblUzr1SLA2Q&google_cver=1&google_push=AXcoOmRsMi6YT0nViE5osQhm9-JYM_tl17WhYZXGLvsIngM__0NdaFH_8CY5_WraoErs4KTVV8L-XFd_UNYn--6X8wSeLCgMdPiUT4...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF43A856C83248BD8AD0872D506CA7D3&google_push=AXcoOmRsMi6YT0nViE5osQhm9-JYM_tl17WhYZXGLvsIngM__0NdaFH_8CY5_WraoErs4KTVV8L-XFd_UNYn--6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF43A856C83248BD8AD0872D506CA7D3&google_push=AXcoOmRsMi6YT0nViE5osQhm9-JYM_tl17WhYZXGLvsIngM__0NdaFH_8CY5_WraoErs4KTVV8L-XFd_UNYn--6X8wSeLCgMdPiUT43LH5OP31IElPNrd64H564404sJuRpEMyabXVlxrvGs5E3Shmi6xJkXPig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 08:02:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF43A856C83248BD8AD0872D506CA7D3&google_push=AXcoOmRsMi6YT0nViE5osQhm9-JYM_tl17WhYZXGLvsIngM__0NdaFH_8CY5_WraoErs4KTVV8L-XFd_UNYn--6X8wSeLCgMdPiUT43LH5OP31IElPNrd64H564404sJuRpEMyabXVlxrvGs5E3Shmi6xJkXPig
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 08 Dec 2023 08:02:16 GMT
google
match.adsrvr.org/track/cmf/ Frame 9C81 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGfDS-NudAhBmoQxqwacRvs&google_cver=1&google_push=AXcoOmTX2kfQijB7k_ArI4lq4bneygPVp82JmP-JPFMOrLVVZVrxlm9rrmu6n4-nXg7zwlsshfXWII7Gr_byAZJx3scre_J9_zhFPQ2CXAfQ-BchEeF6OWtEiwZB6dxSi_jhjnyRbc4_PdV6ByTeR1xE_Swcj2c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
server
Kestrel
content-length
70
content-type
image/gif
trk
ag.innovid.com/ Frame 9C81 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGm4ohsQCxfpXOkG5ymM_IY&google_cver=1&google_push=AXcoOmSPz8AK_giTL6OnG6Lc-zI1AYezJpjW1j7FKbQo9eAYn3Yc86sulNYmz_NzpmnNOh-czi9jojo5y1PHjzI0S_euq44r5U6xK8FLeqWKIoW5yoViNmFquJY_0jmMbYosZlbOTyV1r_PRGIC8-LUGTyAZWP0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.174.187 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-174-187.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9C81
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJ86ONC0qNaT48RUxqVCLHs&google_cver=1&google_push=AXcoOmQspSjSgGXZpOsvyzlYxWQ8wAyM81Zd7KeXYL73gq673hL844wy_8lqDw_8bh...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQspSjSgGXZpOsvyzlYxWQ8wAyM81Zd7KeXYL73gq673hL844wy_8lqDw_8bhjmt1UugzFFyT6aic2QQANcNnC4msXTBXYBLqDNim997H5Qax...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQspSjSgGXZpOsvyzlYxWQ8wAyM81Zd7KeXYL73gq673hL844wy_8lqDw_8bhjmt1UugzFFyT6aic2QQANcNnC4msXTBXYBLqDNim997H5QaxelVCnVbo4V6sCDOlCxHd9qogkSnJg1Y-FsJo9_eWTtUnwB&google_hm=aXab_pWeQjS7WRwa3rUNC7E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQspSjSgGXZpOsvyzlYxWQ8wAyM81Zd7KeXYL73gq673hL844wy_8lqDw_8bhjmt1UugzFFyT6aic2QQANcNnC4msXTBXYBLqDNim997H5QaxelVCnVbo4V6sCDOlCxHd9qogkSnJg1Y-FsJo9_eWTtUnwB&google_hm=aXab_pWeQjS7WRwa3rUNC7E
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9C81 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAzyH2Hnh8ZOzdejaVDU9IkLc4T8VQHHV7_j3uXeJrw2IQ8iPywVhWVZZpLqi_R7T1jRsZNw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 1C25 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c93ac5284763f24631a8f1032956fb6c8ccd2f2ec5233cc2ce4fed5b48f2841

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 990A 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 06:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
6995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 06:05:41 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1C25 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 02:14:46 GMT
x-content-type-options
nosniff
age
20850
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 02:14:46 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1C25 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:50:38 GMT
x-content-type-options
nosniff
age
51098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19700
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 17:50:38 GMT
csi
csi.gstatic.com/ Frame 54AB 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpxrpoqr&c=4028447987425&slotId=2014223993712.5&qqid=CKKlw_PxgYMDFYLdZAodUwgESg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.200.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jl-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 54AB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:29:38 GMT
file.mp4
r2---sn-5hne6nz6.c.2mdn.net/videoplayback/id/d29f08b200543711/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733644936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 54AB
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/d29f08b200543711/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733644936/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r2---sn-5hne6nz6.c.2mdn.net/videoplayback/id/d29f08b200543711/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733644936/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-5hne6nz6.c.2mdn.net/videoplayback/id/d29f08b200543711/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733644936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1087FE8CBE61C35BF6FE72B4C4C54515847E243F.31E96D39DB52D85CD116063D4AEB61FBD15A8804/key/cms1/cms_redirect/yes/mh/M7/mip/146.70.85.177/mm/42/mn/sn-5hne6nz6/ms/onc/mt/1702022439/mv/m/mvi/2/pl/24/file/file.mp4
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
HTTP/1.1
Server
74.125.100.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s45-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 08:02:17 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4128148
Last-Modified
Mon, 04 Dec 2023 14:30:04 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sat, 09 Dec 2023 08:02:17 GMT

Redirect headers

date
Sat, 09 Dec 2023 08:02:17 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
642
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r2---sn-5hne6nz6.c.2mdn.net/videoplayback/id/d29f08b200543711/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733644936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1087FE8CBE61C35BF6FE72B4C4C54515847E243F.31E96D39DB52D85CD116063D4AEB61FBD15A8804/key/cms1/cms_redirect/yes/mh/M7/mip/146.70.85.177/mm/42/mn/sn-5hne6nz6/ms/onc/mt/1702022439/mv/m/mvi/2/pl/24/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 54AB 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpxrpp18&c=4028447987425&slotId=2014223993712.5&qqid=CKKlw_PxgYMDFYLdZAodUwgESg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2004&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1dz~videopreviewvisible.1e3&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.200.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jl-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 1C25
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CoYABBx90ZZXtLrCD5LcP14uFgA6u6O3tc4mB-oOpEsCNtwEQASDkn8snYOnkyYXYGqABiMWEggPIAQmpAkh7egEDqpA-qAMByAPLBKoEuQFP0B3c_LnmJKBWXasCfH0tMCZ_-W3QoupXCdq...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228251321029201571183%22,%22debug_reporting%22:true,%22destination%22:%22https://renault.pl%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228251321029201571183%22,%22debug_reporting%22:true,%22destination%22:%22https://renault.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22809575048%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222870989429728874961%22}&andc=true
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8251321029201571183","debug_reporting":true,"destination":"https://renault.pl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["809575048"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"2870989429728874961"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Dec 2023 08:02:17 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 08:02:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8251321029201571183","debug_reporting":true,"destination":"https://renault.pl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["809575048"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"2870989429728874961"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame B232 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=1921943821&pi=t.aa~a.391653145~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=1&bdt=2391&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C497x280%2C497x280&nras=4&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 06:05:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
6995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 06:05:41 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 9989 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
132896
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 19:07:20 GMT
expires
Fri, 06 Dec 2024 19:07:20 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228251321029201571183%22,%22debug_reporting%22:true,%22destination%22:%22https://renault.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22809575048%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222870989429728874961%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 09 Dec 2023 08:02:16 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9989 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
47511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 18:50:25 GMT
c.gif
www.bing.com/aes/ Frame 1CF4
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=001c6f92-f4d2-48ef-b246-ec41615ee9ae&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=829c3629-f081-4ee0...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2f221a7bb4464af0b422d67b9e6dbf50&SNR=1&GV=2&med=10
0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2f221a7bb4464af0b422d67b9e6dbf50&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Server
23.212.110.136 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-110-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9386E5DACBD24869B73DECECABE32340 Ref B: PRG01EDGE0812 Ref C: 2023-12-09T08:02:17Z
x-cdn-traceid
0.846ed417.1702108937.184b674e
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 09 Dec 2023 08:02:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AC49E834C628498DBBCEC974619618AC Ref B: PRG01EDGE0517 Ref C: 2023-12-09T08:02:17Z
x-cdn-traceid
0.846ed417.1702108937.184b6694
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2f221a7bb4464af0b422d67b9e6dbf50&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
th
www.bing.com/ Frame 1CF4 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7353078095912_1DTQG8I23B3L1FT8BS&pid=21.2&c=3&w=336&h=176&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.110.136 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-110-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
abba373c04adeb0924cc3ce693be43c0f777426a36219b8f45dadbfaa469f41b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.846ed417.1702108937.184b6693
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
22536
alt-svc
h3=":443"; ma=93600
rd_log
ams3-ib.adnxs.com/ Frame 1CF4 		0
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Foir.mobi&e=wqT_3QLkA-jkAQAAAwDWAAUBCIe-0KsGENeBobTymumPORgAKjYJLGbmBj0EkT8Rq_fWD3aWkD8ZAAAAoHA98j8hqw0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4ifcFgAEBigEDVVNEkgUG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEGh0dHBzOi8vb2lyLm1vYmmAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQFuFiIBQGYBQCgBdexosTn6MyqKcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF5poT-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHifcF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8Af7sQSKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=e5ce98fb56a45030576b8d2efe87d61aff1eb1bb&bdref=https%3A%2F%2Foir.mobi%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Foir.mobi%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7615570566331285%26output%3Dhtml%26h%3D280%26adk%3D589545206%26adf%3D231921432%26pi%3Dt.aa~a.270128129~rp.4%26w%3D497%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702108935%26rafmt%3D1%26to%3Dqs%26pwprc%3D7646585021%26format%3D497x280%26url%3Dhttps%253A%252F%252Foir.mobi%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702108935641%26bpp%3D2%26bdt%3D2390%26idt%3D-M%26shv%3Dr20231206%26mjsv%3Dm202312050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D7928445878926%26frm%3D20%26pv%3D1%26ga_vid%3D1420042610.1702108935%26ga_sid%3D1702108935%26ga_hid%3D1594678752%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D34%26ady%3D1208%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079265%252C31079930%252C95320869%252C95320885%26oid%3D2%26pvsid%3D4428943978985210%26tmod%3D798418886%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D11,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7615570566331285%26output%3Dhtml%26h%3D280%26adk%3D589545206%26adf%3D231921432%26pi%3Dt.aa~a.270128129~rp.4%26w%3D497%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702108935%26rafmt%3D1%26to%3Dqs%26pwprc%3D7646585021%26format%3D497x280%26url%3Dhttps%253A%252F%252Foir.mobi%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702108935641%26bpp%3D2%26bdt%3D2390%26idt%3D-M%26shv%3Dr20231206%26mjsv%3Dm202312050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D7928445878926%26frm%3D20%26pv%3D1%26ga_vid%3D1420042610.1702108935%26ga_sid%3D1702108935%26ga_hid%3D1594678752%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D34%26ady%3D1208%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079265%252C31079930%252C95320869%252C95320885%26oid%3D2%26pvsid%3D4428943978985210%26tmod%3D798418886%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D11&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
an-x-request-uuid
7da403ba-602b-474c-af54-d0229c6191e2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.85.177; 146.70.85.177; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9989 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bd-vxCB90ZY77HZij9fgPrPi5yAQAAAAAOAHgBAI&bg=!hIelh8jNAAY3kmNgF5I7ADQBe5WfOKN-5-HRqLf185KHKMgs3I88n4UKj10gX1IlUedwDQB-O3YQj1U5f1gMeUiy6NGeAgAAAC5SAAAAAWgBBwoAUt4YEG2SsmKKgqFLMllYuiJMiYyQ5If0KyTQfFXBWdjcDrhJTVRS2t54ePdY5eYh6irQMOTevQNplZ3QaMB37o8KRxy3V3XXN87H1H9SIWhNLvOZAydbzn_YE3gdYbNLqscaiGRL-9tNKHeGMGfQabtY9SIC5NqaaOBXu7YrDVSAYgBeRk5MrXLwoMrk6HwOn_GkIkdyFq-Nar2amk0_o2RCpjeTq33n0Sz-ilX17OfxI68Ln-k8-6ZClqqin9G4XcrFfHZhTSRTqFOKYGAKvUIw8dQZ0ASsnaoZQJazLPenXgGqv9_R4dm5MJlmSTC1KhlAw3qmpHeoFiPtSfv_AiU5OP2J3oKtOOLqZDwOxSIKNpD4yZANNecJKrItq73G0UDcnQS4KQmaIQE0ttxhxMNM9yipGIsj1uIc6fHoyJmnUp4QqcYFlpAFm9GcZ8cN21leu6fylVZS2Jycq28a3AvTk3xL0LFl0OLN2GqLyV56Xh1b_iHKsswURWzCBi-vg_ptXBEEHVKpal2CQx1KWJ8t2IlO1k0VozE-RncSq0yYcJ8GG7jhFSsyaXVrHKgRcobLWy5Uk2AhOBUJyN9AJSE3yO4jEQIMCGW96eVQSkIGxHm4HQKSMvyIVibAe8zz6kdXjLHejQnHzJEdC4oeLMMEUsLHQrVXWy7fb843g22zXyiVt5Lj8joBxoNiODidw2VmTmhW8udVQAFBFsOcGHAASbKCgzfbvhUn_xiUAM1-CGrGo3OhsYM_ERNhr-GNgz-XGKJ3dlWt-diMWk5yQvUApjb-OPEuhFcK3sHu-EogQvKwvgmrNQ-WZSfXK9JsVQLE19eZdFpMuvwtzUbuLE-3fSDdYzng1zyL5W-IOplvf7idimluhXZbfI-0RmDOzScqkr6tQTbRcoRnphjCz1e8vjnThVn_4YId9oVnM9xwMpPoRw51iILRZJLXN9d1cccOfSXU__L486YVmzR_HfcvjDEky9xFfNU6Eh5WOSOqQn3eYNeK0wsNq7HlZm3YLgDWp216D7ninYz-xphf8sdEbz1o42XAHuBpb2pfDDk47laMIFRVmtoaBIPFrRvZ8iZPj-hcKIgOoMn28wtMrfpxs_XG5296UR6Wt2FEnhrBDCQs2iRF9l5xih0CWJRJiePEqs-o7HXIhlHSNUNzwYE1j0WCVAdIAEfLZMk
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A29A 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
56647
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Sat, 09 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1CF4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db90fb1aa42586b0c4ba4aab6b93df32e9cfdb44904f0fc7aee4d45e9936c275

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame 1CF4 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Foir.mobi&e=wqT_3QKCB-iCAwAAAwDWAAUBCIe-0KsGENeBobTymumPORgAKjYJLGbmBj0EkT8Rq_fWD3aWkD8ZAAAAoHA98j8hqw0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4ifcFgAEBigEDVVNEkgUG8FiYAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEGh0dHBzOi8vb2lyLm1vYmmAAwCIAwGQAwCYAwmgAwGqA5oDCrACaHR0cAEm8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9ODI5YzM2MjktZjA4MS00ZWUwLWIwYjgtNGRlMGRlY2QyNzc3JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgA4jnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0KgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNDExNjE4OTgyODQxMTMxMDI5NSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOek01TkRJME5qTTFPVFUwT0RRak1qTXlOVGMwTVRrM01EZzVOakl4TXc9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXXsaLE5-jMqinABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXmmhP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAk9fAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeJ9wXSBw0JLiYADNoHBggJL6QHAOoHAggA8Af7sQSKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=08dfe8c525f996d8434adf8dafb428ea6ea5d14e&type=nv&nvt=5&jm=1003&px=81&py=0&bw=336&bh=176&sid=6984342081602990012&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=497&ph=280&ww=497&wh=280&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
an-x-request-uuid
a438f675-840d-476c-b675-56e2a410efa6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.85.177; 146.70.85.177; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame 31CF 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
6faf9b3930c127b8bf7d97f22a50832b6cf0ac678e16ba6fa412e0a5ec06dc2b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Tue, 18 Jul 2023 19:47:42 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"fad15dadf56fc1d71be6b240cc30b915"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
c27450f98408c3a6
timing-allow-origin
*
expires
Mon, 11 Dec 2023 20:00:28 GMT
pixel
cm.g.doubleclick.net/ Frame A29A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOOIILRAv09O70PoSH6hNQw&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXVHbzl4ZGIxUmJTaFc1&google_gid=CAESEOOIILRAv09O70PoSH6hNQw&google_cver=1&google_push=AXcoOmQWhpuP9Zrhn7NaBdrzjUD0qMR6NVj3SJLsrBmDEZc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXVHbzl4ZGIxUmJTaFc1&google_gid=CAESEOOIILRAv09O70PoSH6hNQw&google_cver=1&google_push=AXcoOmQWhpuP9Zrhn7NaBdrzjUD0qMR6NVj3SJLsrBmDEZcd4cgEv4N5h-ZLjKc831tW3M2z7ItLS7EDrQEsVMHJNYCTV0XS17zIMHA6nuHT5TOJVP8lqWwqS9qwwgZWsPMAv50h-RzfN0-rsQAgH-xREJMHw9k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 08:02:16 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXVHbzl4ZGIxUmJTaFc1&google_gid=CAESEOOIILRAv09O70PoSH6hNQw&google_cver=1&google_push=AXcoOmQWhpuP9Zrhn7NaBdrzjUD0qMR6NVj3SJLsrBmDEZcd4cgEv4N5h-ZLjKc831tW3M2z7ItLS7EDrQEsVMHJNYCTV0XS17zIMHA6nuHT5TOJVP8lqWwqS9qwwgZWsPMAv50h-RzfN0-rsQAgH-xREJMHw9k
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A29A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOd_A_cZoM4SGfT_sXZoOQM&google_push=AXcoOmRANAD_0PywOC31-rsR3yAT5H_Y_b_9ZcOf7EmnGxkRMs-GBY7otd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOd_A_cZoM4SGfT_sXZoOQM&google_push=AXcoOmRANAD_0PywOC31-rsR3yAT5H_Y_b_9ZcOf7EmnGxkRMs-GBY7otdDki6nhm-5Y6MH1gekTTfa4mN3H63Z2ncA4G0H_0Tvz-LetiVWtayYvKRXXcmYEAm2l2xe9014RimTRV8jqGsnqYCGErEX55dz1cg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230089-FRA
pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1702108937.169526,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOd_A_cZoM4SGfT_sXZoOQM&google_push=AXcoOmRANAD_0PywOC31-rsR3yAT5H_Y_b_9ZcOf7EmnGxkRMs-GBY7otdDki6nhm-5Y6MH1gekTTfa4mN3H63Z2ncA4G0H_0Tvz-LetiVWtayYvKRXXcmYEAm2l2xe9014RimTRV8jqGsnqYCGErEX55dz1cg
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame A29A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEk7IOLROY3mkiHd9iImXds&google_cver=1&google_push=AXcoOmT-DGTIB5xMX6cxMq6TGPrbalqIlDl8JtmeKfkSdWVAvJmYGOnIrXYJxG_S2kZCloWaBtl-Gxnmg2Utrpp-pd4C_i6St5nl8V...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF43A856C83248BD8AD0872D506CA7D3&google_push=AXcoOmT-DGTIB5xMX6cxMq6TGPrbalqIlDl8JtmeKfkSdWVAvJmYGOnIrXYJxG_S2kZCloWaBtl-Gxnmg2Utrpp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF43A856C83248BD8AD0872D506CA7D3&google_push=AXcoOmT-DGTIB5xMX6cxMq6TGPrbalqIlDl8JtmeKfkSdWVAvJmYGOnIrXYJxG_S2kZCloWaBtl-Gxnmg2Utrpp-pd4C_i6St5nl8VOODxKH7bTkEiz1Ki7C_xft0o5T8ZjYhWztTXf-TyCwan1zWhHp2j2lP10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 08:02:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF43A856C83248BD8AD0872D506CA7D3&google_push=AXcoOmT-DGTIB5xMX6cxMq6TGPrbalqIlDl8JtmeKfkSdWVAvJmYGOnIrXYJxG_S2kZCloWaBtl-Gxnmg2Utrpp-pd4C_i6St5nl8VOODxKH7bTkEiz1Ki7C_xft0o5T8ZjYhWztTXf-TyCwan1zWhHp2j2lP10
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 08 Dec 2023 08:02:17 GMT
pixel
cm.g.doubleclick.net/ Frame A29A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEGn2keJwaUBmNn9HEzS33k&google_cver=1&google_push=AXcoOmR_9snLJ86fGoDkYbJaB3MAfMtO-k1Zf2miT1_Zx_J4AoD1z0Z3WlnZwpWPBR96KloFpX0nwyErMaLMzgY0HtrSI0W...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR_9snLJ86fGoDkYbJaB3MAfMtO-k1Zf2miT1_Zx_J4AoD1z0Z3WlnZwpWPBR96KloFpX0nwyErMaLMzgY0HtrSI0WTN9rV98cJoRVufNdDCT4eZCqbqB96IZne5cIjh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR_9snLJ86fGoDkYbJaB3MAfMtO-k1Zf2miT1_Zx_J4AoD1z0Z3WlnZwpWPBR96KloFpX0nwyErMaLMzgY0HtrSI0WTN9rV98cJoRVufNdDCT4eZCqbqB96IZne5cIjhSzdajSIUm-XRT34OWBHlobTx7w&google_hm=eS14MklxaHFSRTJwSHZKQXdGRVRLaG1RNGNhZkNnLjVlaX5B
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 08:02:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR_9snLJ86fGoDkYbJaB3MAfMtO-k1Zf2miT1_Zx_J4AoD1z0Z3WlnZwpWPBR96KloFpX0nwyErMaLMzgY0HtrSI0WTN9rV98cJoRVufNdDCT4eZCqbqB96IZne5cIjhSzdajSIUm-XRT34OWBHlobTx7w&google_hm=eS14MklxaHFSRTJwSHZKQXdGRVRLaG1RNGNhZkNnLjVlaX5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame A29A 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ9pCgOXNocW4GRmIFdGWyRD_LlXW2OVV_6pMSTelksxjuaM5HDE3LnivIu7wfNgloOaAHS1RCxS8Carx85GhzvJT3eJ80OmAajlDOlLoiuOkCnQAHpfmvzU3Iw0I6Omv4-2Ow-fCbVv35Yv1r7_R15Aaw&google_gid=CAESEPf9mi_y3JEml-hS2XEeju0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:16 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
178175
expires
Sat, 09 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A29A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEmNq8RKCYaGVA9q62WtfJY&google_cver=1&google_push=AXcoOmRHe-KuwiVqkVYWhiecCpyM3MWMhAv3q7NAKkEMgrUSImcZDcl11RHWzTzQ9rhIPLZ2Z1VCCd-D...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEmNq8RKCYaGVA9q62WtfJY&google_cver=1&google_push=AXcoOmRHe-KuwiVqkVYWhiecCpyM3MWMhAv3q7NAKkEMgrUSImcZDcl11RHWzTzQ9rhIPLZ2Z1V...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA0MTExMjYyOTA2MDM0MjkyNg&google_push=AXcoOmRHe-KuwiVqkVYWhiecCpyM3MWMhAv3q7NAKkEMgrUSImcZDcl11RHWzTzQ9rhIPLZ2Z1VCCd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA0MTExMjYyOTA2MDM0MjkyNg&google_push=AXcoOmRHe-KuwiVqkVYWhiecCpyM3MWMhAv3q7NAKkEMgrUSImcZDcl11RHWzTzQ9rhIPLZ2Z1VCCd-D5RP7XaOIRs9hIDD2cnYA4n97FFjEJmwrTpSIsCbLxiQVqDQANl6fbu4wSoNF46QHGNKsTks86SgB02I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA0MTExMjYyOTA2MDM0MjkyNg&google_push=AXcoOmRHe-KuwiVqkVYWhiecCpyM3MWMhAv3q7NAKkEMgrUSImcZDcl11RHWzTzQ9rhIPLZ2Z1VCCd-D5RP7XaOIRs9hIDD2cnYA4n97FFjEJmwrTpSIsCbLxiQVqDQANl6fbu4wSoNF46QHGNKsTks86SgB02I
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame A29A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEL_67N4Rsr-VusZbqF8gxTc&google_cver=1&google_push=AXcoOmRYjlIVmUe59nd3uadmVgki1EPHQDU-idzmWOVA5KEK1n880MWJ76hxttpNE0ZaYSUzWXX3k5y0lovm...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRYjlIVmUe59nd3uadmVgki1EPHQDU-idzmWOVA5KEK1n880MWJ76hxttpNE0ZaYSUzWXX3k5y0lovmduEKBo4wyt_dehPhfVkHuFRVOSJzeYBos-ga...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRYjlIVmUe59nd3uadmVgki1EPHQDU-idzmWOVA5KEK1n880MWJ76hxttpNE0ZaYSUzWXX3k5y0lovmduEKBo4wyt_dehPhfVkHuFRVOSJzeYBos-gahIX0cmarbZ0tGBQxt50X-PPgg-kpaZHpavRoXQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRYjlIVmUe59nd3uadmVgki1EPHQDU-idzmWOVA5KEK1n880MWJ76hxttpNE0ZaYSUzWXX3k5y0lovmduEKBo4wyt_dehPhfVkHuFRVOSJzeYBos-gahIX0cmarbZ0tGBQxt50X-PPgg-kpaZHpavRoXQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame A29A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbEGshu4QXagd_RL247WTP1WN2XYfJE4zNBe6Z9iUHL4VEo9KAIV5c7jwq_1GXCWmuGUyb
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
watch.js
mc.yandex.ru/metrika/ Frame 31CF 		155 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
6c56606ed4de2496e58d9c37eb158bc80997d6dffe6906e54318280e4005c81a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 08 Dec 2023 08:26:31 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6572d337-db07"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
56071
expires
Sat, 09 Dec 2023 09:02:17 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame 31CF 		362 B
714 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Foir.mobi%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
1b21be50822c8f1e162a563f05543e3d8b2f97a91e6ebcb8064ebbe13c6037e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1702108937192490-9591431343839163729-balancer-l7leveler-kubr-yp-sas-24-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
1TVk1GZl0Ki200000000U9nJP0lFtvKsjudLSB8Y9qjzxy9KIpRvabG68F24YOHA7zZa5plNdvqXbH4edZbPaV5Z7L2y5CIhlGeaMXahW6GdY0y4J0mp6IUkWt0MCiwIWx1MClR6GUJtCafSuMSu2kQVPGJ9NWMJTnaPP1WO_ZBEOc9WcCi44bdAj82LWM4jKnIGV...
yandex.ru/an/rtbcount/ 		43 B
288 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/rtbcount/1TVk1GZl0Ki200000000U9nJP0lFtvKsjudLSB8Y9qjzxy9KIpRvabG68F24YOHA7zZa5plNdvqXbH4edZbPaV5Z7L2y5CIhlGeaMXahW6GdY0y4J0mp6IUkWt0MCiwIWx1MClR6GUJtCafSuMSu2kQVPGJ9NWMJTnaPP1WO_ZBEOc9WcCi44bdAj82LWM4jKnIGVPRfFn2yOXAumcLy0-W4XfrlC-JuUTWO_Z8nWvp035J9qCki22IdCeCqpsLc0baB91N0rcvaLjiumME7dMBrIMQOhw-2LTu5ap-P7Ppu8OvcORze0cQjO9bubsq7otyOO3p0mdI1PSwRtxFVFJnsNlmc2yH77-mVidoLajacBtlL_YqBo5yBM3bFidvLuG5BNs1jQ6XgQ62yoSeMd_RmZhzDorTMa6aTR0qi4zZQrksz_7hDyeEiCzYk70vUmBPbrVQ7cowzwOvVoGOpym2RnmasvaTil65fRbRf-Tv-PedUUUOlsM2s_uIp9h8tgscmpDPyPp-BdStIoDJ4q6G3EzCETiOJxE8Fs9SllV3ls_uTE-f_iFCiu01wRGN7hBqi6pXwzpBku62ynO4Hjayv61WQx7ivGLwQoWaAvmMS3SmhEDSoRk0KEy79U86JyGKdumTEnX-SZ02LQBLe?confirmTime=2100000&confirmRatio=1000000&test-tag=407918813904898&actual-format=10&rnd=5161194345622&pcode-active-testids=919406%2C0%2C5&banner-sizes=eyI3MjA1NzYwNzcyMjcyMTk0NiI6IjE1NjB4MTYwIn0%3D&width=1560&height=160
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/925414/45b38d32d1ac376c1534.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1702108937311476-4288221578900957334-balancer-l7leveler-kubr-yp-sas-24-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:17 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1CF4 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9apPBx90ZcvHLpH6sgf-qYDYAdLg1-Buj6S2k5MKwI23ARABIABg6eTJhdgaggEXY2EtcHViLTc2MTU1NzA1NjYzMzEyODXIAQmoAwHIAwKqBLMBT9DQ1YEvKbezPd-RCt6FSXrQilHtY1ziFknkV80iq4MaZccFnUVmqxkXYKbvoii8U2rBPLCShk0mPfTd1-Rsq6WhwoIDzpvzFiShjNehMBQxcYE332S6gH0NOoCLrEbY3PRxqAsuDgCf7M4a6azcEdY5c9HNokkSc-xNrvM6VgNzryz-fJB0lPs0XugrG5fVndTaGOxaYHVlFokDpixyj3KJF5qw_0c1VHhVpytlX3WnOcGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYmaTs8_GBgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzYxNTU3MDU2NjMzMTI4NRgA&sigh=eHWZBiCT7Ns&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNEn7IukQmT0tuKabaOiM3CXgFqPp8gDBjpJ6G4rmqOIqCXzqz-zTvJwd-kHL_lVKqHLsi3XFhGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 08:02:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame 1CF4 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Foir.mobi&e=wqT_3QKCB-iCAwAAAwDWAAUBCIe-0KsGENeBobTymumPORgAKjYJLGbmBj0EkT8Rq_fWD3aWkD8ZAAAAoHA98j8hqw0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4ifcFgAEBigEDVVNEkgUG8FiYAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEGh0dHBzOi8vb2lyLm1vYmmAAwCIAwGQAwCYAwmgAwGqA5oDCrACaHR0cAEm8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9ODI5YzM2MjktZjA4MS00ZWUwLWIwYjgtNGRlMGRlY2QyNzc3JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgA4jnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0KgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNDExNjE4OTgyODQxMTMxMDI5NSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOek01TkRJME5qTTFPVFUwT0RRak1qTXlOVGMwTVRrM01EZzVOakl4TXc9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXXsaLE5-jMqinABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXmmhP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAk9fAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeJ9wXSBw0JLiYADNoHBggJL6QHAOoHAggA8Af7sQSKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=08dfe8c525f996d8434adf8dafb428ea6ea5d14e&pp=ZXQfBwALo8sK7L0RAAAU_utqUPiv0LaEyi-yKw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH27oBx90ZcvHLpH6sgf-qYDYAdLg1-Buj6S2k5MKwI23ARABIABg6eTJhdgaggEXY2EtcHViLTc2MTU1NzA1NjYzMzEyODXIAQmoAwHIAwKqBLYBT9DQ1YEvKbezPd-RCt6FSXrQilHtY1ziFknkV80iq4MaZccFnUVmqxkXYKbvoii8U2rBPLCShk0mPfTd1-Rsq6WhwoIDzpvzFiShjNehMBQxcYE332S6gH0NOoCLrEbY3PRxqAsuDgCf7M4a6azcEdY5c9HNokkSc-xNrvM6VgNzryz-fJB0lPs0XugrWZX0DxZ-4oHOmgHQiNCHEChRhfaAOYJpXcFs0MTVjQd9n_RFVFXHVuuABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYmaTs8_GBgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zjDkGgNF0TtO8q2IMVrtWd0sOtA%26client%3Dca-pub-7615570566331285%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7615570566331285&output=html&h=280&adk=589545206&adf=231921432&pi=t.aa~a.270128129~rp.4&w=497&fwrn=4&fwrnh=100&lmt=1702108935&rafmt=1&to=qs&pwprc=7646585021&format=497x280&url=https%3A%2F%2Foir.mobi%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702108935641&bpp=2&bdt=2390&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7928445878926&frm=20&pv=1&ga_vid=1420042610.1702108935&ga_sid=1702108935&ga_hid=1594678752&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=34&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C31079930%2C95320869%2C95320885&oid=2&pvsid=4428943978985210&tmod=798418886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
an-x-request-uuid
b6f1a3ff-bfa4-47a8-a74b-b056a05c159c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.85.177; 146.70.85.177; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
advert.gif
mc.yandex.com/metrika/ Frame 31CF 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: oir.mobi
URL: https://oir.mobi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 08 Dec 2023 08:26:31 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6572d337-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 09 Dec 2023 09:02:17 GMT
3
mc.yandex.com/watch/ Frame 31CF 		256 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Foir.mobi%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Av7g7h36los83t4e4rb0ijyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A18387312380%3Ahid%3A858738208%3Az%3A60%3Ai%3A20231209090217%3Aet%3A1702108937%3Ac%3A1%3Arn%3A1381365%3Arqn%3A1%3Au%3A1702108937485664065%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C389%2C44%2C4%2C0%2C0%2C%2C9%2C0%2C447%2C447%2C0%2C447%3Aco%3A0%3Acpf%3A1%3Ans%3A1702108935059%3Ast%3A1702108937&t=clc(0-0-0)rqnt(1)aw(1)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
f714561b29d680eec62f88efaea5381a20906894c540692ae64096795443f023
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 09-Dec-2023 08:02:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
256
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
2e90e9c3d26c31d51a67a76f796d7461eebc1f432de631863339a002ba9fb95d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12262
x-xss-protection
0
WQyejI_zOoVX2Lb00GqD0EEMLnv4emTH1i7aTxpUS8VhTx8wZbvdptbmP_JvdCOGmEPpidIENi80EauLQT4AQfI25KOoU5HSOSpWO9STlX1qyBem0dYpNTxfDeqLjZRbPnsrfqWaaAmraAn9Fqb0r1iPRFwyazULbpufhJee6x2DLwbKAfKLThROxB3H_TCXOnQxE...
yandex.ru/an/count/ 		43 B
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/count/WQyejI_zOoVX2Lb00GqD0EEMLnv4emTH1i7aTxpUS8VhTx8wZbvdptbmP_JvdCOGmEPpidIENi80EauLQT4AQfI25KOoU5HSOSpWO9STlX1qyBem0dYpNTxfDeqLjZRbPnsrfqWaaAmraAn9Fqb0r1iPRFwyazULbpufhJee6x2DLwbKAfKLThROxB3H_TCXOnQxE38VP0vc0ZY89spWQXYRoIdHQjYRPd9Aj1gsleRipsSQC9DcMwNHCccoDZJwCeCvGsC0Yqxsh0GGBk443e1B1w2b0yXk2K3NWi6yeSdOu5WTr1eP1grLB4MjSHSpSdM1-ukGdLbXGfS6rPHfL3OhNF0mumgSqXDmDRuf06AGAQDbifv2rbFGQLtNiJ5Y6aQyezLr6A_rYqS0idW2hc2w7mla6cSKezdKyutDxxAikVlVs05PrtKTIvjZceo_Tj2D78oKXM7A14YXuJoTvQcBiofzQ3gW_4ghMgm3c8s25VmbcppwDYe_i1k1XyFxAWu8ifV35bUTFurC7RNc5D3Ks1QHYrfBA_C7fUqVlCDLrhhL_AEplYQ9wnzUL4IBhm00~2=WPmejI_zOoVX2LaZ0NKC0EFMLZG8i6yoo0N22uB9Do4tuib9UGA5RQTHmqxPe-sGb_hE6FfyBdVsRBzpvmrtlifcXGiUPbo1Kte2hiOt1K0CEevUPopa14SsGmEYWqvdktI2PgLaxmaXbXpigW1j3cPLW5Ow-5U0LZeeBa0h7UmhG9lpuCxeypcD8O0j1xlA-PemGW2Q24kw2kHqOM3_jWBGY2FB019mWD3H5OLjsUVCv9HeDUnDCpabMWrRUggcBAKApzM8lQvZTRr6tx0apv2HoyjY5mqt1xiAO8l1MoJ_WJQpfQze2bjFGOUPKFPGWZ7aPhRP1lErVl48G1PFm1LCTrdMv6R8O_B5z6CI9Jyi0tSd-S6vrux_pRrsVA-FictxMezMgFrP6YPcsP-PNthfbQ71D8ysUlTrXFkSDpFBVBbfU2NGa_tParYR7uTOkok3z5zhf9MejaWhKMrUwxsGHWGLVTRJEdCphfm53_mHb7kcthDSX-20SBJ7R1io1WUtX3QYRjHL3riWe1Zem4imyzGxd1vlnIc51Be8~2?stat-id=1&test-tag=407918813904913&banner-sizes=eyI3MjA1NzYwNzcyMjcyMTk0NiI6IjE1NjB4MTYwIn0%3D&actual-format=10&pcodever=925414&banner-test-tags=eyI3MjA1NzYwNzcyMjcyMTk0NiI6IjcxMjc1MyJ9&order-banners-options=eyI3MjA1NzYwNzcyMjcyMTk0NiI6MjA0OH0&constructor-rendered-assets=eyI3MjA1NzYwNzcyMjcyMTk0NiI6MjU2OX0&pcode-active-testids=919406%2C0%2C5&width=1560&height=160&confirmTime=2100000&confirmRatio=1000000&wmode=0
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/925414/45b38d32d1ac376c1534.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1702108937510312-4413552865095410417-balancer-l7leveler-kubr-yp-sas-24-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:17 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:17 GMT
csi
csi.gstatic.com/ Frame 54AB 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lpxrpp1d&c=4028447987425&slotId=2014223993712.5&qqid=CKKlw_PxgYMDFYLdZAodUwgESg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2004&mt=video%2Fmp4&vs=1280x720&ple=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.200.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jl-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
51579212
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/51579212?wv-part=1&wv-type=7&wmode=0&wv-hit=540026713&page-url=https%3A%2F%2Foir.mobi%2F&rn=674890401&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1702108938%3Aw%3A1600x1200%3Av%3A1180%3Az%3A60%3Ai%3A20231209090217%3Au%3A1702108934929577500%3Avf%3Atuwae7cfavzq29du94ga6zf%3Ast%3A1702108938&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 09-Dec-2023 08:02:17 GMT
content-type
image/gif
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7615570566331285&plah=oir.mobi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 08:02:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E1CA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
31123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 23:23:34 GMT
expires
Sat, 07 Dec 2024 23:23:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5F36 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
c31019ef1be201f0ebd1077f6a21e0eb09c55be33d347b942e0f4e9276336ee7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-js9El3-DFsrZE3KnUb7q-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-js9El3-DFsrZE3KnUb7q-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:02:17 GMT
expires
Sat, 09 Dec 2023 08:02:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
file.mp4
r2---sn-5hne6nz6.c.2mdn.net/videoplayback/id/d29f08b200543711/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733644936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 54AB 		4 MB
4 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-5hne6nz6.c.2mdn.net/videoplayback/id/d29f08b200543711/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733644936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1087FE8CBE61C35BF6FE72B4C4C54515847E243F.31E96D39DB52D85CD116063D4AEB61FBD15A8804/key/cms1/cms_redirect/yes/mh/M7/mip/146.70.85.177/mm/42/mn/sn-5hne6nz6/ms/onc/mt/1702022439/mv/m/mvi/2/pl/24/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.100.199 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s45-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
b3fd1e19d68cbd5a67fe64df70361647d0a2fa7582579ccde93c803edbc0e4b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 09 Dec 2023 08:02:17 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 0-4128147/4128148
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4128148
Last-Modified
Mon, 04 Dec 2023 14:30:04 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://googleads.g.doubleclick.net
Expires
Sat, 09 Dec 2023 08:02:17 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E1CA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
47512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 18:50:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5F36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=4428943978985210&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
37412095
mc.yandex.com/watch/ Frame 31CF 		439 B
471 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Foir.mobi%2F&charset=utf-8&site-info=%7B%22b%22%3A%22%22%2C%22browser%22%3A%22chrome%22%2C%22extensions%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22fromCancel%22%3A%22false%22%2C%22fromGoogle%22%3A%22false%22%2C%22infected%22%3A%22%22%2C%22loyal%22%3A%220%22%2C%22old%22%3A%22actual%22%2C%22os%22%3A%22windows%22%2C%22p%22%3A%22%22%2C%22sbscrb%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22winxp%22%3A%22false%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Av7g7h36los83t4e4rb0ijyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A2%3Adp%3A1%3Als%3A811945845809%3Ahid%3A858738208%3Aphid%3A540026713%3Az%3A60%3Ai%3A20231209090217%3Aet%3A1702108938%3Ac%3A1%3Arn%3A559634452%3Arqn%3A1%3Au%3A1702108937485664065%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C389%2C44%2C4%2C0%2C0%2C%2C9%2C0%2C447%2C447%2C0%2C447%3Aco%3A0%3Acpf%3A1%3Ans%3A1702108935059%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702108938%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)lt(5200)aw(1)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
dbe9cbcf64536a5570aae0ad01040aa4b23a8d914ba89c7449e3d2bfd85e106c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 09-Dec-2023 08:02:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:17 GMT
generate_204
tpc.googlesyndication.com/ Frame E1CA 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5Rri9Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
51579212
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/51579212?wv-part=1&wv-type=7&wmode=0&wv-hit=540026713&page-url=https%3A%2F%2Foir.mobi%2F&rn=128973703&browser-info=we%3A1%3Aet%3A1702108938%3Aw%3A1600x1200%3Av%3A1180%3Az%3A60%3Ai%3A20231209090217%3Au%3A1702108934929577500%3Avf%3Atuwae7cfavzq29du94ga6zf%3Ast%3A1702108938&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:18 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 09-Dec-2023 08:02:18 GMT
content-type
image/gif
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:18 GMT
dc_oe=ChMIjp-d9PGBgwMVmFEdCR0sfA5JEAAYACCU-aRiOhoIr_Xz8wQQ7JjJs7oEGMTSjuMDIMb_tfiOEkITCKKlw_PxgYMDFYLdZAodUwgESg;dc_rmcid=CAQSTgDICaaNwp3D50V7X59tZF4hCeh44YN1Kv2tU561wixA4yKS4L2eQZPlUpOr5t2CL2d820H...
ade.googlesyndication.com/ddm/activity/ Frame 54AB 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjp-d9PGBgwMVmFEdCR0sfA5JEAAYACCU-aRiOhoIr_Xz8wQQ7JjJs7oEGMTSjuMDIMb_tfiOEkITCKKlw_PxgYMDFYLdZAodUwgESg;dc_rmcid=CAQSTgDICaaNwp3D50V7X59tZF4hCeh44YN1Kv2tU561wixA4yKS4L2eQZPlUpOr5t2CL2d820HSs-r18ytbsX4JDLPJK9S05eRJC1bCPr1nGxgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOliey77z8YGDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14997%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D739794927%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702108938137;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 54AB 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChVshBx90ZeKFAYK7kwPTkJDQBNWO-ONxxv-1-I4S8t3S4LIBEAEg5J_LJ2Dp5MmF2BqgAbrtqeYpyAEFqQJIe3oBA6qQPqgDAcgDmwSqBOEBT9AD9ESE3G6S_ehhGez9sLYErLuAo2RVK71xaWPiEeT4DNNUFWAMi-OmVaTdK11SbTpRrz0gUSl0Fyn_iQupfjtbR3QPiiywRL6XZ8O3tjF8qUrTVxy7H7kIVQEFX3Pm2dT0UFMpmLHtRulNu7WMjkfGj8FHXPV0JX-JYsmyzBIW-06FA4Q8LmjsgqBuZeZskUKJpcpIkKidYOQ-qy1q1wD2a1gg5ZjHfZRq__JZ-M-88StXMJJhj6n_S6akdJzbQUTULNrTYmT3j832GtDyGkOGqCpO9WDCxuL_PGydbwgGwATsmMmzugTgBAOIBfuyrPVLkAYBoAZ2gAe6pfrFBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJ7LvvPxgYMDgAoByAsB4AsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CUEywE-L_1hXIE8TSjuMD0BMA2BMKiBQC2BQB0BUB-BYBgBcB6BcF&sigh=qRPQK-ZWf7w&label=part2viewed&ad_mt=3&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14997%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D739794927%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702108938137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 54AB 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkZ-ocrptamuRTzltkHbVWTjNWPx2x2MpnfYFQCCxFXZv5-K8khm5d785YjM9E9mDnQXwOUvyg_rdCPp8tuGYbn5HohotqO_Fq9HBaqHFsaT1moRoWu62YToJqTKSAkAVj-eR_s4ANnFkbPy86-DIqAfgbKszg1Gas1N2q_2Cn5M2e000SnghfPBLJojb0ViRyAeNLZuAvuIhQ1kLUXEFCzonr-2WjjZGMxlr7uz_qtHSAELkFjxzC-j_UCk1igEOWuCbzbNIUJ2MpucUwPJiuxLhT5ue-xh2AYII4KO5ynL5VpTGZYlAFrNn-BqvHYkPQMJiit_p5POLKpLtMtaWHkB5cTW5lANgXf_bvIjA7XkzFxuQsDHZO5VUC2D1ytVmRgzhDxnBVJEDJu55f7feAJDvXQ2QBXdx1lycfxwalgUleJ3gzb8As89epu5OAWis8SWQ1DYwrWyFNu218G0WoFUZjawQHm7amzzM44R6hCu9to4POSWIGzMwlZqpz8yCOJW9RF_deOWRfKSn-uSlsStceuA9pMc4mjXVbZ7dBnr4FCtTrsaVKF5fVeN4evWsqJXadHEXW9l-8dxMjxGzk1QDHFSenI0kOlm0N9nlBpF9U236F_E7UYeQnKCfYwdGn-Of8x7VEvGZoda0nRvf2BLyE2UyXi9WkvGAVR9eoYgUQNy1Iwc0l-nbhXMELDTTuCsr3uvFP2gUH7Fs2K6rCrPUl9Ow5K1e-qTzJsWGEZyUQgcHGOIfEc2seVkxxo2Y9AVfZrTxMHG99fEunE2cLJuIs6spv3PBwzltYnXhgdzqzSC-j-S92fidpgnUqsr6bQkHi2ZpMwCnJmcGwcjYyyrCH7oeWWZlYU6uMb1ewYDFfhmMVHSdipftDVYPDGH-RDHbdeCkYk_9ba9yag5lf8E1oZ0vq4DUfWy3DQf_onWzxft0LmK0N7CHESIYZ9iZM6Ycnr5oE7SJ_P87RiBbSkfbSAWdxUMpUYm_DBoyw1A8BghYFOiKEZlkQYQr4JgRzQFg5YxT66-bAeVSiEngkPuT8AT712ZKsH6KCvFGXcW-cBCfTPcjkd-PUScquJVuKvANgTfZPEpHutAslMLeRPOk1t_RItUW4Bj_K4kETfZEZib5HECUoyGAy2qmbhZYjF3yfc3A08FtcFWPRGBSAtrkCDmHuTJ-aTFE5AQxNkmmeM3LLuQ8J-wUsotsQCfTBBgyI5_4v3CZJh9FiYO485sICl0rYGw&sai=AMfl-YQ-G3OrRZjUrpuknVDsMwONc-Ue6qRN6eYEEScCcpg_PvcXBS9Gr-TOXt2G4MED0WLr7YVoyt4c1kJlclLlxccUN3g3lFXGxnhRzy6MQKc_jA9G1kHno-wJGFZqRjnYVhkN9RdnDMl30S_-6R1NgBbwgtaOSFTu90b__6n6FpCYsdQBMLXoWFSLRYwwQuVRq8g5J5odN8SXfChBegJ6uJG70bF8psRR7ZD6C65lNk8NvoSoTB6-H4Ruw1MUvYvVkYZgaN5AJhJej9S40L-tIsS1DJDzBNkapxBe0g&sig=Cg0ArKJSzKOz5pc4yLhTEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 08:02:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 54AB 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKqrmu0EEK_18_MEGMSxu4ACIAEwAQ&v=APEucNXlwp4BBxeKRMPsDx1YOvLPSQtcq1FED-PsTdXIQ95Nud0xArLtTrMSQIZ5Fpoup47R2aTY-AjHheteUGFjD1Ixt8aWXw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 54AB 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 54AB 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLCUJ2MDGnJq9t9MGH-aAycvq-VZgtUWR42shUhmF2faPT9_RapNBaU4fPx2Qwiz3OtWUX_o5r2wAhgz3f-BEtALful2Yn47WkwqjeB0nkyX5J45Uxxm9EeednhbgQ_wGy7qbmmcpJeHPhQzYW2ojWUrpD&sai=AMfl-YT7ybPH7KL9fcBFHy1AxRszZG8hD9OVFASceb_tHIX19c7qgEXhwZRGdXpwLZ7h5pG0iIotNU02UlqOa3ZpeTLKB_KaSVocyMvY_VuTFJz3CChUz1JYRxkASFGeYq0gPElVzyD2jKDvCDjPakf3&sig=Cg0ArKJSzEz_efVU9rWTEAE&cid=CAQSTgDICaaNwp3D50V7X59tZF4hCeh44YN1Kv2tU561wixA4yKS4L2eQZPlUpOr5t2CL2d820HSs-r18ytbsX4JDLPJK9S05eRJC1bCPr1nGxgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14997%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D739794927%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702108938137&avm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 54AB 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChVshBx90ZeKFAYK7kwPTkJDQBNWO-ONxxv-1-I4S8t3S4LIBEAEg5J_LJ2Dp5MmF2BqgAbrtqeYpyAEFqQJIe3oBA6qQPqgDAcgDmwSqBOEBT9AD9ESE3G6S_ehhGez9sLYErLuAo2RVK71xaWPiEeT4DNNUFWAMi-OmVaTdK11SbTpRrz0gUSl0Fyn_iQupfjtbR3QPiiywRL6XZ8O3tjF8qUrTVxy7H7kIVQEFX3Pm2dT0UFMpmLHtRulNu7WMjkfGj8FHXPV0JX-JYsmyzBIW-06FA4Q8LmjsgqBuZeZskUKJpcpIkKidYOQ-qy1q1wD2a1gg5ZjHfZRq__JZ-M-88StXMJJhj6n_S6akdJzbQUTULNrTYmT3j832GtDyGkOGqCpO9WDCxuL_PGydbwgGwATsmMmzugTgBAOIBfuyrPVLkAYBoAZ2gAe6pfrFBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJ7LvvPxgYMDgAoByAsB4AsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CUEywE-L_1hXIE8TSjuMD0BMA2BMKiBQC2BQB0BUB-BYBgBcB6BcF&sigh=qRPQK-ZWf7w&label=vast_creativeview&ad_mt=3&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14997%26vmtime%3D2%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D739794927%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702108938137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 54AB 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lpxrppnl&c=4028447987425&slotId=2014223993712.5&qqid=CKKlw_PxgYMDFYLdZAodUwgESg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2004&mt=video%2Fmp4&vs=1280x720&dm=15000&umsem=0&event_name=first_play&asset_bytes=198320&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.2hu~ff.2i0~videopreviewstarted.2i1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.200.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jl-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:18 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=4428943978985210&bg=!iYqlisXNAAY3kmNgF5I7ADQBe5WfOMNFIOuJgurZzuvvtL0L6okiMIGPPZPqhfzUWpqriu1Pq_eSOtFORmsnT8C6PrNUAgAAADFSAAAAAmgBBwoAZlhtg4DOOlpL9DWBfcX0Ki8cfDQRwe3KAmWUdnXtBe4kqBh5jup9rw6b5TkFMBj4zz3ZhC43_IYC4nxKt64hX_EmReZh9t0tg0CMgGiPNjjB_L1X6oF4at5-Z7vyX_c417Hs4nv4x5kC8eYOR4AjNTUuDyiM5gz-Q_duglRWYVPtCOm9uZ-JO5uENAAlnwqT_z_gNA-hSrpF-a1s7g7R2nmhTGdjkTu7UwTxy_2nmeRYDIdkqmsiIcf-uBFCps5OBZPf2HHEdyrrUm9Y3u_fC8CfMQnhdZlzG7ZVkD7JvwnvCYJhITwJmWy4r-AxlySGN3UgrguNmV606BR-0UzGlMwpEdy8s4vsTw5z-5u1b5CCOqsX2bcYA9XQM_cYCKpwRCvH3OafEQrSGC1gFWAN9Uzh4H5t1sq6NJdhrrX-frVVLZrhz9A82GTPhkFmEbRWz95ufptb6spotujUXw_hZ4azYB9WKKAr1kSxhS22l0MKafyOZa_8qpP5adXULElxSHAdw_hb0hb7eLcEIRevvYqLzm4qfWuXJWPLrGZz59qUYSJW2lAyZasn-YdrnMYnOPP7AC4dfQM-DvQn7eOtWcfsR7XBzM9q_uBuNoXR4idyuE0N5YPz7hxN_VWO34MvUJ2IdFZMSHYyDpcCKa-fdpKbXhIyyAR9w9ROq7ktONc06HKdMeIrWi1F6yk03cNL4kCMfRYdWSoaSRwNnJVVQDLEPrTvkb4D-auXWS4hFNQCSaDXVkKXbeZAqR1yzNmzgXSkxP4Uy5ddzvYxpcYUgUooTAZvPM-M-yjstkF29bSTZQHNo66NNuRqm5Fn_6bcEZRq40RLT_v6jGBDcMqCcnyDziaoSW6gtOpR04fRnJdx5KZU5e9xhl_DBOpV9kyrCgfnYVFPUrPKOOpCcafeBORnEX4j6qLWy8jsJ0F_B7i-e-LRLY3s7pDg65bTny-2JZQK98A4FYFvp_DDhNUrrzzjR4C2HadlIzd5PjDm88gGCae6qpOMTsVn6x5ucZNB16G_DYtJsjjTm-wgrDShhBsbep9Whwm9aocuMcIWH7bnh0Y1DA0nnoBAFD_ejUsMa-R-TziVr3V6T6JgohHyNzc6Sw3QML6sAe0-RGMyI8WzhRnuULP4dcobyw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
51579212
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/51579212?wv-part=2&wv-type=7&wmode=0&wv-hit=540026713&page-url=https%3A%2F%2Foir.mobi%2F&rn=51502654&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1702108939%3Aw%3A1600x1200%3Av%3A1180%3Az%3A60%3Ai%3A20231209090219%3Au%3A1702108934929577500%3Avf%3Atuwae7cfavzq29du94ga6zf%3Ast%3A1702108939&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:19 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 09-Dec-2023 08:02:19 GMT
content-type
image/gif
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 09-Dec-2023 08:02:19 GMT
WVKejI_zOoVX2Lbe0JqF01CSQZw4s8S8Un2D7aGP19DlGcx4avFo10hRJgE6dR97so4lzPtncG1nCuUCspZqEMr--8E1_Tlw4FOVl27Cj5iVTW-2aHx6_iSZLb295n1i4m_Y4WRGSQf8YrPGenIiC9B1e-8AOmO7kxpvskX1adDLOOkGKKKuc0dW82xXzxHXl8GIR...
yandex.ru/an/tracking/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/tracking/WVKejI_zOoVX2Lbe0JqF01CSQZw4s8S8Un2D7aGP19DlGcx4avFo10hRJgE6dR97so4lzPtncG1nCuUCspZqEMr--8E1_Tlw4FOVl27Cj5iVTW-2aHx6_iSZLb295n1i4m_Y4WRGSQf8YrPGenIiC9B1e-8AOmO7kxpvskX1adDLOOkGKKKuc0dW82xXzxHXl8GIRn0NXMtPq6HiSAmEQerCmzZNa9lSnQwich6KAZnN8sRMX7sN75POhm7xADks6gxNTQokr-Wvs5K0MmpU8Y7Cj5iOTAjOYbhZBcRawWAtX1FOmlwBa9rPOKAN1jMKQLGsArpmCECAdD8JS3M-AG1Ya2cZPR8cZ1209iAIhW8KYj0KjZhsZadFniM8VOpUR8FvMhzu122B9-0AflknGAvnHZ6QJJsFzSdqOn8bFom3ToVvmRdNZl_DlNPyR-wrutDFq8t_xgDisxxMenLgVzP7sROnpJHCp787P5tNTInjbg71D8ysUcyQNWdqP7_s9DRcno7MxieW_TSQQIMgBT9AL9lNUY-a4K55d_LUPyw8cGE1foukLogLIglIXwPDpr3-CRP6GAbKAWCH_0Ng5NjlINFCxgCYCuC8lI72uMzkQJHCNLYbWZpzpKZzSO_LY-JedJu8FFB-3Faa4H9OEEZdwJgIJGG0~2?action-id=25&viewability-undetermined=0
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oir.mobi/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Dec 2023 08:02:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1702108940211387-17409887994766670985-balancer-l7leveler-kubr-yp-sas-24-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:20 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:20 GMT
WUaejI_zOoVX2LbY0TqE05DRPnv4emTH1i7acv0RyUIaF872jjEeOQViqNR8ItrdZDiuz3bjVlY3WVtR-X3s7xmXpBHR7tOFWf4Unlx78rPGYHSGR1CFuX86q76gI8jMKACKh32ImQFY2cC61xky-TheGP9pLM6Ba555E9W9u20kuVUqORo44cyG5uLjsT1aR72i3...
yandex.ru/an/tracking/ 		0
110 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/tracking/WUaejI_zOoVX2LbY0TqE05DRPnv4emTH1i7acv0RyUIaF872jjEeOQViqNR8ItrdZDiuz3bjVlY3WVtR-X3s7xmXpBHR7tOFWf4Unlx78rPGYHSGR1CFuX86q76gI8jMKACKh32ImQFY2cC61xky-TheGP9pLM6Ba555E9W9u20kuVUqORo44cyG5uLjsT1aR72i3cgDJCFOrv2RtCMkh9gnb2eyLoDcreHzbnnMMAy1-oZRjXgkrtMihjVeETXL05iCtY8XpBHR67IhM8fQuovcvEe2juGJsCB-Yv2TMM52bmRLb6bKDYjSy33Z2fpI4t0rlYa0Of0fesMo9emGW2R2agu258hG5BOwzev9pyR5Y7sCtco3-Lg_U0GWYoVW2gRxiK2kSKOncaqzZ_N9z6CI9Jyi0tSd-S6vrux_pRrsV6_kjUDpJz2D_-wZRDk-rgCLQd_MHzcsCSqqJCno1sHTrtKiRPQXmJIFDdfl6bu9z6H_zYJMviSXrkxA8FtN6cabgYtIIbIRrtelf151HP_rNcVEY9a3WQSkBbSgbKghqeUcJGCfFvEI0OXAfL8P4Vm5wXLxpnQXhsajHnuMeGM9S93BdPE6gGDMgQ0aVxCzF-vuzI98lDFtdqVU_Y6Vf4G22qFiF5rAyhW0~2?action-id=1&adsdk-bundle-version=924429&adsdk-bundle-name=AdLoader&ad-session-id=8872441702108934438&vsid=cae1d5c3b0644a25d548016ddd3b4f095f9860bee0d2xVASx5414x1702108934&top-ancestor=https%3A%2F%2Foir.mobi&top-ancestor-undetermined=0&client-ts=1702108940279&client-timezone-offset=-60&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=924429%2C0%2C63%3B919406%2C0%2C5&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1123108187%3B0%3B48c4110ac8fe9802%3B7323290045749207443%3B0%3B479133%3B1%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22width%22%3A162%2C%22height%22%3A162%2C%22w%22%3A162%2C%22h%22%3A162%2C%22left%22%3A19%2C%22top%22%3A114%2C%22visible%22%3A1%2C%22req_no%22%3A2%7D
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/924429/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://oir.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 08:02:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1702108940320416-4444006592090739392-balancer-l7leveler-kubr-yp-sas-24-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 09 Dec 2023 08:02:20 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin
https://oir.mobi
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 09 Dec 2023 08:02:20 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 54AB 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLCUJ2MDGnJq9t9MGH-aAycvq-VZgtUWR42shUhmF2faPT9_RapNBaU4fPx2Qwiz3OtWUX_o5r2wAhgz3f-BEtALful2Yn47WkwqjeB0nkyX5J45Uxxm9EeednhbgQ_wGy7qbmmcpJeHPhQzYW2ojWUrpD&sai=AMfl-YT7ybPH7KL9fcBFHy1AxRszZG8hD9OVFASceb_tHIX19c7qgEXhwZRGdXpwLZ7h5pG0iIotNU02UlqOa3ZpeTLKB_KaSVocyMvY_VuTFJz3CChUz1JYRxkASFGeYq0gPElVzyD2jKDvCDjPakf3&sig=Cg0ArKJSzEz_efVU9rWTEAE&cid=CAQSTgDICaaNwp3D50V7X59tZF4hCeh44YN1Kv2tU561wixA4yKS4L2eQZPlUpOr5t2CL2d820HSs-r18ytbsX4JDLPJK9S05eRJC1bCPr1nGxgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D2001,0,0,0,0%26mtos%3D2001,2001,2001,2001,2001%26amtos%3D0,0,0,0,0%26mcvt%3D2001%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2162%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D201%26dur%3D14997%26vmtime%3D2167%26dtos%3D2001%26dtoss%3D1%26dvs%3D2001%26dfvs%3D2001%26dvpt%3D2162%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D739794927%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2001&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702108938137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 08:02:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ysa-static.passport.yandex.ru
URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Domain
mitdmp.whiteboxdigital.ru
URL
https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| yaContextCb function| ym function| $ function| jQuery function| doRateLD string| dle_root string| dle_admin string| dle_login_hash number| dle_group string| dle_skin string| dle_wysiwyg string| quick_wysiwyg string| dle_min_search object| dle_act_lang string| menu_short string| menu_full string| menu_profile string| menu_send string| menu_uedit string| dle_info string| dle_confirm string| dle_prompt string| dle_req_field string| dle_del_agree string| dle_spam_agree string| dle_c_title string| dle_complaint string| dle_mail string| dle_big_text string| dle_orfo_title string| dle_p_send string| dle_p_send_ok string| dle_save_ok string| dle_reply_title string| dle_tree_comm string| dle_del_news string| dle_sub_agree string| dle_captcha_type object| DLEPlayerLang boolean| allow_dle_delete_news function| _init function| _open object| c_cache object| dle_poll_voted function| reload function| dle_change_sort function| doPoll function| IPMenu function| ajax_save_for_edit function| ajax_prep_for_edit function| ajax_comm_edit function| ajax_cancel_comm_edit function| ajax_save_comm_edit function| DeleteComments function| MarkSpam function| doFavorites function| CheckLogin function| doCalendar function| doRate function| doCommentsRate function| ajax_cancel_reply function| ajax_fast_reply function| DLESendPM function| dle_reply function| doAddComments function| isHistoryApiAvailable function| CommentsPage function| dle_copy_quote function| dle_fastreply function| dle_ins function| ShowOrHide function| ckeck_uncheck_all function| confirmDelete function| setNewField function| dle_news_delete function| MenuNewsBuild function| sendNotice function| AddComplaint function| DLEalert function| DLEconfirm function| DLEprompt string| dle_user_profile string| dle_user_profile_link function| ShowPopupProfile function| ShowProfile function| FastSearch function| dle_do_search function| ShowLoading function| HideLoading function| ShowAllVotes function| fast_vote function| AddIgnorePM function| DelIgnorePM function| subscribe function| media_upload function| dropdownmenu function| setcookie function| get_local_storage function| set_local_storage function| del_local_storage function| save_last_viewed function| hidemenu function| delayhidemenu function| clearhidemenu object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| Ya object| yaCounter51579212 function| cnc object| pcode_925414_default_B2rff17elV object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya boolean| yandex_context_perf_logging object| yaads object| layoutConfig function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter479133 object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

84 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcssspb
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
shopnetic.com/api/rtb/dmp Name: test_cookie
Value: 1
kimberlite.io/rtb/sync Name: as
Value: OFrH4WV0Hwc
oir.mobi/ Name: PHPSESSID
Value: a6bbc6bd14a54400c5022faa07360151
.yandex.ru/ Name: yashr
Value: 4434878341702108934
.oir.mobi/ Name: _ym_uid
Value: 1702108934929577500
.oir.mobi/ Name: _ym_d
Value: 1702108934
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 660497738fake
.yandex.com/ Name: i
Value: OT931EzZz/a5xP/5k6Z6jhWQe1dF4oIE/QBjijFHvReqeFMkcbuFNSnfwmhK+K9rXbBzmFTpSAnRLERHJBrhckNHSmY=
.yandex.com/ Name: yandexuid
Value: 5667104461702108934
.oir.mobi/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3859518311fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 5667104461702108934
.yandex.ru/ Name: yuidss
Value: 5667104461702108934
.yandex.ru/ Name: i
Value: OT931EzZz/a5xP/5k6Z6jhWQe1dF4oIE/QBjijFHvReqeFMkcbuFNSnfwmhK+K9rXbBzmFTpSAnRLERHJBrhckNHSmY=
.yandex.ru/ Name: yp
Value: 1702195334.yu.397052781702108934
mc.yandex.com/ Name: yabs-sid
Value: 1647589791702108934
.yandex.com/ Name: yuidss
Value: 5667104461702108934
.yandex.com/ Name: ymex
Value: 1733644934.yrts.1702108934
.yandex.com/ Name: bh
Value: KgI/MA==
.oir.mobi/ Name: _ym_visorc
Value: w
mc.yandex.ru/ Name: yabs-sid
Value: 1865756281702108935
.yandex.ru/ Name: ymex
Value: 1704700934.oyu.397052781702108934#1733644935.yrts.1702108935
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 845d3fc3-d67a-5257-b9bf-608fdccb7f88
.weborama.fr/ Name: AFFICHE_W
Value: s5aqXhSLQAiz42
px.arcspire.io/ Name: arcid
Value: c4b185eaeb485312881a42
.betweendigital.com/ Name: ut
Value: ZXQfBwAKh1DctyQD2gWBe28WrIo8o4-yRGgXtg==
.demdex.net/ Name: demdex
Value: 82053474530387100723339076245950692676
.dmg.digitaltarget.ru/ Name: viuserid
Value: hNZvfxhy0ez5BQn7TrkP
.dsp.mpartner.digital/ Name: dmp
Value: kELIUATkLZehJQuSoKQceUjpirzzJyqk
.adx.opera.com/ Name: UID
Value: OPU8a66f64731a74214a8765c36a6c4e342
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWV0HwcaXhBeVBkqAohoZbUIkyebMPDGnGIed1uOaOvd
.dpm.demdex.net/ Name: dpm
Value: 82053474530387100723339076245950692676
.acint.net/ Name: cSyncDp14v4
Value: 1702108935
kimberlite.io/ Name: u
Value: ZXQfB6WnaT4~_5gqroii4pXgMofn-LPZYBkKGMo
.tns-counter.ru/ Name: guid
Value: 4C831A0D65741F08X1702108936
.oir.mobi/ Name: __gads
Value: ID=cd25cb07b89ad5ab:T=1702108935:RT=1702108935:S=ALNI_MbXo68t4PePqGgTympJddnUSm2PQA
.oir.mobi/ Name: __gpi
Value: UID=00000ce48a26eecc:T=1702108935:RT=1702108935:S=ALNI_MYtFtgFrCyis5in1XGB4uB_Wb5uuQ
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDKWV0HwgK2QAg4vr4AqgcEPlv+fSTpS1vuucElLL8DTkn
.uuidksinc.net/ Name: jcsuuid
Value: LQr7pdi94RV7gWSaulti
.mail.ru/ Name: VID
Value: 1egLDm3bWO2L0027mP0ry02L:::0-0-0-a8e77c8-0:CAASEL4rO3jo5xFX2uTESUSAPgEaYEMES8ZpvnU5Jnn2WNpCq7QK-XIHW0J537jvKpcfYKfCvufQKpHJJbzQgzgPgFS4czvU3bxTqukJf-AGy1BvZe07adQq2mj5rZcO8xyWarcMG2rQKluKLzX3xQx9EZw0fw
.mts.ru/ Name: dspid
Value: ef5239ef-cfec-4ab4-91d8-b34000b93023
.mts.ru/ Name: reset_cookie
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlKc7JdzPElNGaXlo1kgfP7ptkuqIpiHTDn3_EG7V2HgytXv9y3mlGP77rMMpU
.adhigh.net/ Name: gi_u
Value: 8BXx1wR6W5y.AikABlGMTZk40Q
shopnetic.com/ Name: shuniq
Value: CabF8rEpRx7bEyMfeO9koGycyNU
.adhigh.net/ Name: yandexssp_sync
Value: LL6a
.sonar.semantiqo.com/ Name: semantiqo_a
Value: 9bf4141e0d254e87a98069c2a8a21d16
.sonar.semantiqo.com/ Name: check
Value: 3c89f118173c49309e29acd1d115ac55
.ctnsnet.com/ Name: cid_69769bfe959e4234bb591c1adeb50d0b
Value: 1
.ctnsnet.com/ Name: gid_CAESEJ86ONC0qNaT48RUxqVCLHs
Value: 1
.simpli.fi/ Name: suid
Value: FF43A856C83248BD8AD0872D506CA7D3
.w55c.net/ Name: wfivefivec
Value: yuGo9xdb1RbShW5
.doubleclick.net/ Name: APC
Value: AfxxVi7_L_WhyJ3A0dlhHO9J54gwvbu8JnTR6gDqtRhRNU8luliu5Q
.w55c.net/ Name: matchgoogle
Value: 5
.bumlam.com/ Name: suuid3
Value: IiQ0NGViMTUzZS05NjY5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.mts.ru/ Name: mts_id
Value: f0eed0d7-dfa0-461c-88a4-47f9a03be4fe
.mts.ru/ Name: mts_id_last_sync
Value: 1702108997
.quantserve.com/ Name: d
Value: EH0BCQHPKoEA
.quantserve.com/ Name: mc
Value: 65741f08-dfe7d-fbaaa-0c990
.upravel.com/ Name: session_tptc
Value: 1702108936959
sync.gonet-ads.com/ Name: chk
Value: 1
.upravel.com/ Name: user_id
Value: 6a8a06a8-3496-4034-bfae-ad670a9c283c
.gonet-ads.com/ Name: pid
Value: NzM4MzI5M2NhNTYzYjVlMg
.innovid.com/ Name: uuid
Value: e72a6f7d-2860-4fde-a39e-102db378d458-20231209 03:02:17
.aidata.io/ Name: __upin
Value: a+VcOWZAE9Go7RWKslUH9g
.aidata.io/ Name: __upints
Value: 1702108937
.googleadservices.com/ Name: ar_debug
Value: 1
.rutarget.ru/ Name: userId
Value: nsWqe5-GuLCX
x01.aidata.io/ Name: yaya
Value: 1
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CP7tRxC73gEYAQ==
.adform.net/ Name: C
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: ayntXLRwEfES2QVoq6vnRKFGQZawWbOn78wwIhBTO1jC39LFZdY1BVSl16fUYYq6UoJ5lN2Sse2ZapTJB01xNRCYklentyT
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXQfCQAFl9LVsQBd
.adform.net/ Name: uid
Value: 4041112629060342926
.bing.com/ Name: MUID
Value: 1478AF568CB567D72205BCB48D44667C
.yahoo.com/ Name: A3
Value: d=AQABBAkfdGUCEKVJnwpcccYTL60AYAmX18cFEgEBAQFwdWV-ZQAAAAAA_eMAAA&S=AQAAAkoD-3M3qchP43t94kkhN5I

2 Console Messages

Source Level URL
Text
network error URL: https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://yandex.ru/an/mapuid/targetads/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
acint.net
ad.mail.ru
ade.googlesyndication.com
ads.betweendigital.com
adsdk.microsoft.com
ag.innovid.com
ams3-ib.adnxs.com
an.yandex.ru
avatars.mds.yandex.net
bid.g.doubleclick.net
c1.adform.net
cdn.adnxs.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.tns-counter.ru
cms.quantserve.com
counter.yadro.ru
cr.frontend.weborama.fr
csi.gstatic.com
dis.criteo.com
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
dsp.mpartner.digital
euw-ice.360yield.com
exchange.buzzoola.com
ext-strm-itt10.strm.yandex.net
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
im.bluevoox.com
imasdk.googleapis.com
ius.ctnsnet.com
kimberlite.io
log.strm.yandex.ru
match.adsrvr.org
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
mts-dsp-sync.rutarget.ru
nr.bidderstack.com
oir.mobi
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
r2---sn-5hne6nz6.c.2mdn.net
rtb-eu-warsaw.intent.ai
s.tribalfusion.com
s.uuidksinc.net
shopnetic.com
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
strm.yandex.ru
sync-tm.everesttech.net
sync.adkernel.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.gonet-ads.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
tpc.googlesyndication.com
um.simpli.fi
vma.mts.ru
www.bing.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.digital-services.solutions
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
ysa-static.passport.yandex.ru
104.17.24.14
104.18.25.173
104.26.14.69
13.107.246.45
142.132.138.215
142.250.184.226
142.250.185.100
142.250.185.130
142.250.185.131
142.250.185.226
142.250.185.238
142.250.186.66
142.250.186.98
142.250.186.99
144.126.246.116
15.197.193.217
151.101.66.49
167.235.186.124
172.217.16.202
172.217.18.2
172.217.23.106
176.9.8.252
178.154.131.215
178.170.192.140
178.170.196.176
178.250.1.9
18.169.174.187
185.15.175.131
185.70.202.12
185.89.211.12
188.40.68.29
188.42.105.220
188.42.34.65
188.72.107.205
193.232.148.142
193.3.184.217
194.226.130.229
195.201.198.232
209.85.200.120
213.180.204.36
213.180.204.90
213.87.44.187
216.58.206.33
217.199.220.44
217.65.2.150
217.66.147.36
217.66.147.39
23.212.110.136
23.35.236.188
31.172.81.172
31.220.27.155
34.111.129.221
35.157.229.177
35.177.4.157
35.186.193.173
35.204.158.49
37.157.2.230
37.18.16.23
51.77.35.176
51.89.9.252
52.211.32.112
52.28.254.225
52.45.175.185
54.73.144.235
54.77.159.200
64.233.167.154
74.125.100.199
77.244.216.90
77.245.57.72
77.88.55.60
81.222.128.213
82.145.213.8
84.38.189.213
87.250.247.183
87.250.251.15
87.250.254.45
88.212.201.198
89.108.120.68
91.192.150.14
91.228.74.168
93.158.134.119
95.163.41.56
95.217.109.66
026477252fddb27ce4adf2e110bc7c3ffc62e43fe543596bf70c6f31a2659b87
027b7d7a9c8ca105320a7fe0a0abf87d66de50d44e790dd30256254c6a03e8c7
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
03924b0277bd9dadbf9b23e2a934dc9ed3b8a341a6e938a675e4506253fb7dbe
04522f521840dc6edb4201648cb0f292393411fa4fc37a1a41be809f0218ae9a
06ddef982836b918541b610989e273047eabbbfb0b67afc2900b4df6699abba0
08244961394be050ebf9854c5d3a7e1ec84f21cfb826002791c82ce658889276
0847741f8490f088fd32410cc6d2c1c7274c34490d0dbda0dc46e69bbc324193
08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49
09b8d2495c8aa3760aa8b0f03ed5da49d595b6b2fa33576953ddeb4937125589
0b471c88246e94ac65e70d670b8a474b8af3056c018aa8be2ec668bbbc93cc39
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbba55316cd58f431f68be99551249796b217070c3c5590d3cc15cd63f35612
0c318686ad9df72e23ae660f476ad2d21b36bbe5e2f5a8f15e5f2f3ee2f442ce
0cecfd955087e9d95757c067f114b877bc8490d1d38793c27d2c1f2566eccb7b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
147a7bc94dda95411d3b13b428129b5a112846e96e8e6a38a3c1dace5c39e0f2
155de2f33f92499a65d9400ee2d22b04ba9b1f837f14f592a84bc3ca54be2010
16a23880d984b69b9eae6a9fe2d2b40b9a85e5d7113be1a1c341afe840cb1d07
198a94a76e607758440ffb8cc4a2fbb64f4159b79337c15c3e6f125d2236d016
1b21be50822c8f1e162a563f05543e3d8b2f97a91e6ebcb8064ebbe13c6037e4
1d28dec83b172991e04954c5415e727a80895070d6ec2fb3a052f7f0a0606d03
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab2025a61e8ce057af4fe3e581e49374a5d1c2fd941fdc1f94b63f3ba53c617
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b28073c38658ea8ec16f7f47cc457c4ad26dd3ab253888b89269d940898a4d4
2cc2c8ba5fbb8cec334b1137e2e549116213661ded9abd6d0315ff87d64f3e30
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e454a4d7a8741141736b27a7eb4dacecff15d3aac442533696c6eb8813e73a1
2e90e9c3d26c31d51a67a76f796d7461eebc1f432de631863339a002ba9fb95d
2f0253a9ee6c26c1c960191a7f349ced5600d94d5fe6e7bfc3dcc9125a963e99
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
35791a0a568287fd20da5facf5eb7bbfd717719be54b020874cb71e2985f6d79
35ef6a5812cd5efdd975b0d93543348b65e352ad79c69441136f880a99545dc4
36f95aa2a76da6d772c4fe548a8bb1edd069b9ab87d90c1c8704ec9767f6918c
38f5cb82910c51861c505fb4d497ddc2be198bb1d25a94a806974a52b298f931
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43dfec3575d3a4f35c202cdacf93464785937721088e4ae2f2cc8aa57382cba1
447539f40d87e06a811c72d580e3a3f9b22191815936be0d9d7a8180f4b9b3f1
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
46b120cfffe0f08004776832a9c93ba4535501bc095342a66cb1956f273b95a7
4910781e4d5d643737775bc6f4b2f83c299dcd2f6f62f8dd79eff5a1389ed8a9
4a515ed9afeaec617d37e1ad21d950486a74b4e070233b689ea9c4c88417a005
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d4e30a25a5d3036f167c1805dbf08dbcb4950a0570a6220d72401ac753fe107
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
50cd53439c9dfe3310b7b9cdc65fcc634e20faeb8ae28ebe6221b009294a08c5
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
51d93bcdec17b44870fb145aa5e34aa248d5ca4c8b98df84779ace13cf04ac0f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a874ede0056180157076616b16e067e73c6ab24aeee8d650b31529bec75ee8
575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65
579ff09d0cfe834581eb571dc5c49e854639c28af3c199857914d7cea9ba732b
5a95852e0935033395bc6b3404544d1271d30ecd160b5b6d9d599f2810842861
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5de793f9e0e3da35559f70e59936eb6aca8cc8e9d5c84e620db7944e057f0644
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6c56606ed4de2496e58d9c37eb158bc80997d6dffe6906e54318280e4005c81a
6faf9b3930c127b8bf7d97f22a50832b6cf0ac678e16ba6fa412e0a5ec06dc2b
71caff91afbfa3c24a8339e5a2eb9d48d1499a54e370f5758e8b63c898c528b3
74b1857e267adbb29c31ea2689433853a1f079b969f1c63d6f241cf95b4b33e5
76101230df18a0b28c174f9c05473b1cba7f8adaa536addf42976edcf8c31afd
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
78e2d27db2e35fa1d9b49e223f8ca9b179135dc1fda500214d5f8fbd68df784c
7ba972f06726b121b8e467bcc6015587b5b7569cc16f1dba947de0a33d12bc45
7de14293a00f3a08ca677a236acb46a444c5d750d41c6f1a865f7d206a041ea4
806410955231fff791cc4c111430dbbfcdd644b8f1c0d92cff6da2b180c732db
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
81b205e6a0b490a0ba2688cd5f6e3c03f2fd17e282ea818a7aa2e89e52265f5c
81bb98d4a0bc6fd7dca9614cae0dd9a18a0c204f09da2110fb2b7f7970ec71f8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874b14195ac3af37abf3e3d130aff9b797f0bb56dbe1fe82579854462ee882b3
89b7cf5a882a9a0f402bd4d871e6e605b8eea8e926446704f98e16447173bc8d
8b9f23b825e597461cc3fba46fe2f98d63068cc910f9ae4cbabd6c67c5487b79
8c93ac5284763f24631a8f1032956fb6c8ccd2f2ec5233cc2ce4fed5b48f2841
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e256ea8ede7c639ba943a43c960b44937258abe75c4e31c26b46561025a2b40
911fd300b609f9e226fa83983d7c40e7db64fa370c5b9cd4da462b60c53e2098
950e669503ea0ba379b1864d59cb226bd553e4ecca5c7612aee805cead427559
95f3ee34eb020119b508d680c3034048ffb7c2e5418671ce197a9cba1c04ec1b
97360f85078f698bf0cbef51c524801cba10b1ddfd018447dced8abde3a5d934
975cee13fb7bf50a9943336ebf6c05cab726cfbbbaa91b77c63e1cfd5257fb92
977db94c729df853ef606b19b3b7d8ab4df8f8c6e6bd8a7a8a5edf234e1bdcf9
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b744f084cad32c03abe3f411b1a2f2e4c3b06169f76bc2dc2fa6a71849ba530
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9ccb21de0b397d95881add60989b1a9781b2ab064832a673ed13bb50f9c2b1ee
9f6ae6b1dcdcafa55f5f2187fcd5991b0cd5399dc538439f84b3e3b665985c8a
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1e6e4e8279dfccb3c4a03e22e876af2c0a24761cf094ebd442f78b72f679d47
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8
a3e10819e11ca5aa607b1b881725bba0aab5171c47e683a00fe93b2a7af3711d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abba373c04adeb0924cc3ce693be43c0f777426a36219b8f45dadbfaa469f41b
ad824274f0386af658ff46f7bbf671f47a94f6b58c62ce8c43f359691943000e
ae5210d5fd5720e90c16b23256979ebcf412fa079527249be73cdb9b2ff6a9ba
ae70eddd24be531b8cc6b05e8f3b57a4860194a64a83d8d74bb0dbd573d34460
aec5efae3ce587fa856a91853a45e37c11e20bc2a82d276628b2ea6d1f7f82b8
af6a92c9491000145270d3426de49054973db74accd6d2d05c9e60aec2986e23
af9df3413c1bb91c75c2ecaf48e48580ab2d17026d8d82a48dcad10973e5d925
afa9c0be53d2fb2839241a2ebafce04bce3480df9736a55141745d7e0a30e25f
b3fd1e19d68cbd5a67fe64df70361647d0a2fa7582579ccde93c803edbc0e4b2
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b590b4bece35f8cc129199f84f1fdf357cabcd9dacb98199e5bde4856b112279
b7c2612e05c6cd333836d9398b00f108936e534c99571500f38eb0ff8ab90a64
b87f1a2df2f2ec9d705976694e06123afc5b4583a8cea170102b8626fc7c85b3
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
b8ffaeb4b75f963480c6d97a3cdca6f5bce9ad7baccb80ea938a80ae5657bcf7
c078d3990f6ecbbf68c73536e712788065d0ca73fda5a242a9fbb566811c2368
c2704054e9d4d8a66cffd4907225cc63852900c037cfbedbbeeddc7d34b294b9
c28997e16f0bf987fb031b9f7bf5d5fbadb58fdfee8ad36eb67cc0a6aaca3b2c
c31019ef1be201f0ebd1077f6a21e0eb09c55be33d347b942e0f4e9276336ee7
c7225e1625f71d4ee78959dfc9f65d6dd1434a99fe0e52ccfedcb9813da95a31
c7d511b3f05adad555db0604053bfc41cf2c4a1087ee2f02d1800a022af7d7ca
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d4a7135dd00586b0f9a153709d8c2fe94e1cfa781bc8049bd780d71d2888f9c0
d7731154eeecc9f8248b7e02478a67cf6fb03f5a76dfdd61897725b964d5b129
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d80a0be6589a8d2a8da3372d349f58d65f415f3fde7462bf90789e34d198da0f
d920d67aacf754a02cd6914c898b7aaf5772a4ef8014ceaead5f563405d66f20
db90fb1aa42586b0c4ba4aab6b93df32e9cfdb44904f0fc7aee4d45e9936c275
dbe9cbcf64536a5570aae0ad01040aa4b23a8d914ba89c7449e3d2bfd85e106c
dd321da9fbfb2751ef37064414b32f455ae4e64bfdcfc7c89f9681b163dca0fb
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e24bd806e3ac18f6b8cc61bbcd7a899ef8de8c91f85840f4ab4ad0eb97cb1204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b21054be553b7280ba08c1a7bfe4a15dcf58df05222720931725abc1361fa1
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b95f2beb97218d47f5c9567dc6e5b4458b44f1822db77135c0b304c6327fd0
e6e0710e0318cb3bfe2cee9fd0595f4321b99a860060c2c06b186494506031f0
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eb8df707bddb2433438b1246002ea9c2ed3ba57d731ca8ade66f79ca926f2e82
ecb72db76b72224091ffbc94e9aa7c316d5ba1610f3b4e9d4c2d47ad32e606f7
ede4720b86f5352554939ef84c5d8cc4d4b8e6c7d8a20378c079df0c3c51eed0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d01142b33cbc637ca0ca7319dfe872b52cb7ec3384651138cf418d81db6f70
f2f1cd7cf8d10c0b49fc5d3ab3b0eee9e30145016ff86cb7b38c85e31ee2d2cd
f3c135343f6f57dad7a3cebd01e32fc97c57116b12623733d9c04ec948d65979
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f714561b29d680eec62f88efaea5381a20906894c540692ae64096795443f023
fe6ca2b41a95517feda736a6699fb311f3df3f1e2e169b172838d26a58e0c0c1