kontofirmowe.pl Open in urlscan Pro
77.79.202.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.kontofirmowe.pl/
Effective URL:
https://kontofirmowe.pl/
Submission: On September 28 via automatic, source certstream-suspicious (September 28th 2021, 11:24:17 pm UTC) — Scanned from DE

Summary HTTP 90 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 90 HTTP transactions. The main IP is 77.79.202.67, located in Poland and belongs to ATMAN-ISP-AS ATM S.A., PL. The main domain is kontofirmowe.pl.
TLS certificate: Issued by R3 on July 30th 2021. Valid for: 3 months.

This is the only time kontofirmowe.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	77.79.202.67 77.79.202.67	15694 (ATMAN-ISP...) (ATMAN-ISP-AS ATM S.A.)
1	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	128.204.218.194 128.204.218.194	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
1 1	104.26.9.183 104.26.9.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::ac43:4703	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
9 9	77.79.227.167 77.79.227.167	15694 (ATMAN-ISP...) (ATMAN-ISP-AS ATM S.A.)
9	195.167.159.38 195.167.159.38	15694 (ATMAN-ISP...) (ATMAN-ISP-AS ATM S.A.)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.9.57 23.111.9.57	33438 (HIGHWINDS2) (HIGHWINDS2)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
90	18

30 77.79.202.67 (Poland) 1 redirects

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: jchost.jchost05.pl

www.kontofirmowe.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kontofirmowe.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.204.218.194 (Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-002.s3264.net.eco.atman.pl

api.systempartnerski.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.9.183 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4703 (United States)

ASN13335 (CLOUDFLARENET, US)

widget-v4.tidiochat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 77.79.227.167 (Poland) 9 redirects

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: ip-40.77-79-227-128.net.eco.atman.pl

ssl.bankier.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 195.167.159.38 (Warsaw, Poland)

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: bankier.pl

www.bankier.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.57 (United States)

ASN33438 (HIGHWINDS2, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	kontofirmowe.pl 1 redirects www.kontofirmowe.pl kontofirmowe.pl	546 KB
18	bankier.pl 9 redirects ssl.bankier.pl www.bankier.pl	55 KB
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	208 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	180 KB
6	doubleclick.net googleads.g.doubleclick.net	34 KB
5	tidiochat.com widget-v4.tidiochat.com	265 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	google.com 1 redirects adservice.google.com www.google.com	2 KB
2	googletagservices.com www.googletagservices.com	64 KB
1	maxcdn.com twemoji.maxcdn.com	2 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	660 B
1	googleusercontent.com themes.googleusercontent.com	27 KB
1	tidio.co 1 redirects code.tidio.co	550 B
1	systempartnerski.pl api.systempartnerski.pl	4 KB
1	fontawesome.com use.fontawesome.com	12 KB
90	16

	Domain	Requested by
29	kontofirmowe.pl	kontofirmowe.pl
10	fonts.gstatic.com	fonts.googleapis.com
9	www.bankier.pl	kontofirmowe.pl
9	ssl.bankier.pl	9 redirects
8	pagead2.googlesyndication.com	kontofirmowe.pl pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	widget-v4.tidiochat.com	kontofirmowe.pl code.tidio.co
4	fonts.googleapis.com	kontofirmowe.pl widget-v4.tidiochat.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
1	twemoji.maxcdn.com	kontofirmowe.pl
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	themes.googleusercontent.com	kontofirmowe.pl
1	code.tidio.co	1 redirects
1	api.systempartnerski.pl	kontofirmowe.pl
1	use.fontawesome.com	kontofirmowe.pl
1	www.kontofirmowe.pl	1 redirects
90	21

This site contains no links.

Subject Issuer	Validity	Valid
kontofirmowe.pl R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.systempartnerski.pl Certum Domain Validation CA SHA2	`2020-11-27` - `2021-11-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.bankier.pl Certum Domain Validation CA SHA2	`2020-11-27` - `2021-11-27`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-09` - `2021-11-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://kontofirmowe.pl/
Frame ID: 11D5B69046827F64EA08DDB937C5CCE6
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: 0E5893A019DFFE92ABC78DDC44579E45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5458742355012073&output=html&h=280&slotname=3604593662&adk=2259910733&adf=131729747&pi=t.ma~as.3604593662&w=728&fwrn=4&fwrnh=100&lmt=1632871452&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fkontofirmowe.pl%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632871452669&bpp=4&bdt=306&idt=152&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=8174571884481&frm=20&pv=2&ga_vid=1862435249.1632871453&ga_sid=1632871453&ga_hid=1239277957&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=747&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062935&oid=3&pvsid=2465244556034779&pem=166&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CVrVfVCY6y&p=https%3A//kontofirmowe.pl&dtd=166
Frame ID: FE7DD9D924BEA9055B865F7804F9A86B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5458742355012073&output=html&adk=1812271804&adf=3025194257&lmt=1632871452&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkontofirmowe.pl%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632871452800&bpp=1&bdt=437&idt=49&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=8174571884481&frm=20&pv=1&ga_vid=1862435249.1632871453&ga_sid=1632871453&ga_hid=1239277957&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062935&oid=3&pvsid=2465244556034779&pem=166&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=56
Frame ID: 38260A03813CF2AE2101292382539D3B
Requests: 1 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_77_0/static/js/chunk-WidgetIframe-37e3a46cca72f53ace00.js
Frame ID: 0878BAF0987B77925C47170D8B753831
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
Frame ID: EF46183A64667D2B47AF5B1411C2D07A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0F09819D39060E0FCDC9444F23C2439A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Frame ID: 13AE6480785C0D9ED09DD2397580BE94
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 27F993944712CF57A2BE8CCCE3993399
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D211D70A011BC4B1AD0F0758F319C01E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Konto firmowe ← najlepsze konta firmowe i ranking dla firm

Page URL History Show full URLs

https://www.kontofirmowe.pl/ HTTP 301
https://kontofirmowe.pl/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

90
Requests

100 %
HTTPS

63 %
IPv6

16
Domains

21
Subdomains

18
IPs

3
Countries

1400 kB
Transfer

3065 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.kontofirmowe.pl/ HTTP 301
https://kontofirmowe.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://code.tidio.co/vqdg8lohsvuuapz9bkvfzgc1lylba13a.js HTTP 302
https://widget-v4.tidiochat.com/1_77_0/static/js/render.37e3a46cca72f53ace00.js

Request Chain 36

https://ssl.bankier.pl/i/l/nestbank.gif HTTP 301
https://www.bankier.pl/i/l/nestbank.gif

Request Chain 37

https://ssl.bankier.pl/i/l/aliorbank.gif HTTP 301
https://www.bankier.pl/i/l/aliorbank.gif

Request Chain 38

https://ssl.bankier.pl/i/l/mbank.gif HTTP 301
https://www.bankier.pl/i/l/mbank.gif

Request Chain 39

https://ssl.bankier.pl/i/l/zgarnijpremie.gif HTTP 301
https://www.bankier.pl/i/l/zgarnijpremie.gif

Request Chain 40

https://ssl.bankier.pl/i/l/santanderbankpolska.gif HTTP 301
https://www.bankier.pl/i/l/santanderbankpolska.gif

Request Chain 41

https://ssl.bankier.pl/i/l/bankpekao.gif HTTP 301
https://www.bankier.pl/i/l/bankpekao.gif

Request Chain 42

https://ssl.bankier.pl/i/l/pko.gif HTTP 301
https://www.bankier.pl/i/l/pko.gif

Request Chain 43

https://ssl.bankier.pl/i/l/creditagricole.gif HTTP 301
https://www.bankier.pl/i/l/creditagricole.gif

Request Chain 44

https://ssl.bankier.pl/i/l/vwbankpolska.gif HTTP 301
https://www.bankier.pl/i/l/vwbankpolska.gif

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

90 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kontofirmowe.pl/
Redirect Chain

https://www.kontofirmowe.pl/
https://kontofirmowe.pl/

64 KB
11 KB

357ms
312ms

Document
text/html

77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed / PHP/7.3.30
Resource Hash: cf6699ae067dd7a49b0e7a3fb1459f2b04551f34592a18140d35df2af3343604

Request headers

:method: GET
:authority: kontofirmowe.pl
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: PHP/7.3.30
content-type: text/html; charset=UTF-8
link: <https://kontofirmowe.pl/wp-json/>; rel="https://api.w.org/"
cache-control: private, must-revalidate
expires: Tue, 28 Sep 2021 23:34:12 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Tue, 28 Sep 2021 23:24:12 GMT
server: LiteSpeed

Redirect headers

x-powered-by: PHP/7.3.30
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://kontofirmowe.pl/
cache-control: private, must-revalidate
expires: Tue, 28 Sep 2021 23:34:11 GMT
content-length: 5
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Tue, 28 Sep 2021 23:24:11 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 style.min.css
kontofirmowe.pl/wp-includes/css/dist/block-library/ 50 KB
7 KB 30ms
28ms Stylesheet
text/css 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-includes/css/dist/block-library/style.min.css?ver=5.6.5
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.6.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 7413
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 loancomparison.css
kontofirmowe.pl/wp-content/plugins/loan-comparison/ 13 KB
3 KB 55ms
52ms Stylesheet
text/css 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/plugins/loan-comparison/loancomparison.css?ver=5.6.5
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: db7d97ab435f269ae6b7e4aa0549dbf2ac0a762fe6b824e968cc2a26db19561c

Request headers

:path: /wp-content/plugins/loan-comparison/loancomparison.css?ver=5.6.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 3279
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
12 KB 93ms
25ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css?ver=5.6.5
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1709493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XV7G06ARDSZQGTFD
x-amz-id-2: 1bpfjyxGJCjIPF993dMFQEkvYY5FGpJfpEeRP/QNrFjvI9KHs1O7Jd5G3JoiqOHBfZkPgZRAGQw=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8%2BntM5EmYub4pjasu0Og3UvCdyy2AvjgLl2K5mRmCxuXz3eUv7AxQfRZaMLBhTNVO8eARJyX3FMIzM4e2hWZVQu%2B8Llusc3H7jK8m4b5jMqL0g862cyuVQJAc4yUbQgD6JWKD0e0XaQrRZS533G8XN8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6960b951d8f80e26-MXP

GET
H2 200 tablepress-combined.min.css
kontofirmowe.pl/wp-content/ 7 KB
3 KB 55ms
52ms Stylesheet
text/css 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/tablepress-combined.min.css?ver=12
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: c29a2f62f96e0fd6c0c95af4012ba2eed854e883c13cb40241ddb2ad26e5aecf

Request headers

:path: /wp-content/tablepress-combined.min.css?ver=12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 2664
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 style.css
kontofirmowe.pl/wp-content/themes/dziecko/ 8 KB
2 KB 53ms
51ms Stylesheet
text/css 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/dziecko/style.css?ver=2.0.3.5
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: ee3010cf912de37453026428844c8cbd3692c901e0536c840f687ca2489ff683

Request headers

:path: /wp-content/themes/dziecko/style.css?ver=2.0.3.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 2260
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 font-awesome.min.css
kontofirmowe.pl/wp-content/themes/justwrite/assets/icons/css/ 30 KB
7 KB 53ms
51ms Stylesheet
text/css 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/icons/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: b139f243c33a32098b98fe104d2070f65662d47c93cbdee9b80ac9ea4e060830

Request headers

:path: /wp-content/themes/justwrite/assets/icons/css/font-awesome.min.css?ver=4.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 6660
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 60ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CLato%3A400%2C700%2C900%2C400italic%2C700italic

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67ed5e0827ac2eaa56c25aa7fe9cd258053e9bb456fcf7cf983cf223793eb7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kontofirmowe.pl/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 23:16:12 GMT
server: ESF
date: Tue, 28 Sep 2021 23:24:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Sep 2021 23:24:12 GMT

GET
H2 200 font-style5.css
kontofirmowe.pl/wp-content/themes/justwrite/assets/css/ 4 KB
1 KB 55ms
53ms Stylesheet
text/css 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/css/font-style5.css
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: ea1bece94de4b7e16b5f78da077091d3205f6d6ae3133b8492635e416cd45e31

Request headers

:path: /wp-content/themes/justwrite/assets/css/font-style5.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 1059
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 jquery.min.js Show response
kontofirmowe.pl/wp-includes/js/jquery/ 87 KB
30 KB 52ms
50ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 30287
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 jquery-migrate.min.js Show response
kontofirmowe.pl/wp-includes/js/jquery/ 11 KB
4 KB 51ms
50ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 3995
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 html5.js Show response
kontofirmowe.pl/wp-content/themes/justwrite/assets/js/ 2 KB
1 KB 53ms
51ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/js/html5.js?ver=3.7.0
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: e3c03ff5afc9a484b47571aa1cd3fd7d7f11bf9b130c778df39f0158fee24e83

Request headers

:path: /wp-content/themes/justwrite/assets/js/html5.js?ver=3.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 1096
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 127ms
61ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6205d101ceaacc9ba47f1c2db620d2e87f6a2f3d158f2f5d9582890494d1aeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50004
x-xss-protection: 0
server: cafe
etag: 4281834444109830177
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 23:24:12 GMT

GET
H/1.1 200
OK / Show response
api.systempartnerski.pl/2.0/widget/mpMeMJEBp1CNR03Nn8R/ 25 KB
4 KB 330ms
205ms Script
text/plain 128.204.218.194
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.systempartnerski.pl/2.0/widget/mpMeMJEBp1CNR03Nn8R/
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 128.204.218.194 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-002.s3264.net.eco.atman.pl
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2c7e4c4c043eacbd5c0ead7ec5eb2349876c5d070696d26c2c44d87a2e5350b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 23:24:12 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
X-Bankier-Server: app-12.srv.bankier.pl
Keep-Alive: timeout=5, max=100
Content-Length: 4244

GET
H2 200 no-thumbnail.png
kontofirmowe.pl/wp-content/themes/justwrite/images/ 1 KB
1 KB 30ms
28ms Image
image/png 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/images/no-thumbnail.png
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 32dd6356ac457e0463a48a9539f35b14db11807948a0a3217bd08566672115ed

Request headers

:path: /wp-content/themes/justwrite/images/no-thumbnail.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 1433
expires: Wed, 28 Sep 2022 23:24:12 GMT

GET
H2 200 effect.min.js Show response
kontofirmowe.pl/wp-includes/js/jquery/ui/ 17 KB
6 KB 28ms
28ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-includes/js/jquery/ui/effect.min.js?ver=1.12.1
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 336f4e4477bcdb32ded9d34541dabaa6e12c9f8297ed98b32940784fe0d7e98e

Request headers

:path: /wp-includes/js/jquery/ui/effect.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 6155
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 loancomparison.js Show response
kontofirmowe.pl/wp-content/plugins/loan-comparison/ 32 KB
7 KB 34ms
32ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/plugins/loan-comparison/loancomparison.js?ver=5.6.5
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 23f420bee62dd87b4460e2cc508f5557a05fccc933b47deb95a790ac18604d00

Request headers

:path: /wp-content/plugins/loan-comparison/loancomparison.js?ver=5.6.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 7376
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 jQuery.bargraph.js Show response
kontofirmowe.pl/wp-content/plugins/loan-comparison/ 15 KB
4 KB 33ms
31ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/plugins/loan-comparison/jQuery.bargraph.js?ver=5.6.5
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: d850a0b32c696c63be8fd18ead0dba245547ea7546e633ecfed8c45bef137865

Request headers

:path: /wp-content/plugins/loan-comparison/jQuery.bargraph.js?ver=5.6.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 3930
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 jquery.fitvids.js Show response
kontofirmowe.pl/wp-content/themes/justwrite/assets/js/ 3 KB
1 KB 34ms
32ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/js/jquery.fitvids.js?ver=1.1
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: cf53667dcf4c290c42b652154f2880981ccd9de593d5d1841cc027783408d101

Request headers

:path: /wp-content/themes/justwrite/assets/js/jquery.fitvids.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 1015
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 menu-dropdown.js Show response
kontofirmowe.pl/wp-content/themes/justwrite/assets/js/ 3 KB
1 KB 34ms
32ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/js/menu-dropdown.js?ver=1.4.8
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 4920010809f2753c01feb41fdd0b531e994f8d452b2d4f6ec5140d532449af6d

Request headers

:path: /wp-content/themes/justwrite/assets/js/menu-dropdown.js?ver=1.4.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 1240
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 myscripts.js Show response
kontofirmowe.pl/wp-content/themes/justwrite/assets/js/ 9 KB
2 KB 32ms
31ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/js/myscripts.js?ver=1.0.6
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 5e082006678b1866afe5928d730e15829c117017e11db817aa810be2cae8929d

Request headers

:path: /wp-content/themes/justwrite/assets/js/myscripts.js?ver=1.0.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 2298
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 wp-embed.min.js Show response
kontofirmowe.pl/wp-includes/js/ 1 KB
695 B 36ms
34ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-includes/js/wp-embed.min.js?ver=5.6.5
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.6.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 663
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 owl.carousel.min.js Show response
kontofirmowe.pl/wp-content/themes/justwrite/assets/js/ 39 KB
10 KB 37ms
35ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/js/owl.carousel.min.js?ver=2.0.0
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

:path: /wp-content/themes/justwrite/assets/js/owl.carousel.min.js?ver=2.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 10319
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 imagesloaded.min.js Show response
kontofirmowe.pl/wp-content/themes/justwrite/assets/js/ 7 KB
2 KB 36ms
34ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/js/imagesloaded.min.js?ver=3.1.8
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: dc008f649c463c6bd9e8f5b2aebea7c0d0b5d13aa1d837c0ccd1173706247b68

Request headers

:path: /wp-content/themes/justwrite/assets/js/imagesloaded.min.js?ver=3.1.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 2235
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 imagesloaded.min.js Show response
kontofirmowe.pl/wp-includes/js/ 5 KB
2 KB 37ms
35ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

:path: /wp-includes/js/imagesloaded.min.js?ver=4.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 1733
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 masonry.min.js Show response
kontofirmowe.pl/wp-includes/js/ 24 KB
7 KB 35ms
33ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

:path: /wp-includes/js/masonry.min.js?ver=4.2.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 7117
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 jquery.masonry.min.js Show response
kontofirmowe.pl/wp-includes/js/jquery/ 2 KB
660 B 29ms
29ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

:path: /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 628
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2

200

render.37e3a46cca72f53ace00.js Show response
widget-v4.tidiochat.com/1_77_0/static/js/
Redirect Chain

https://code.tidio.co/vqdg8lohsvuuapz9bkvfzgc1lylba13a.js
https://widget-v4.tidiochat.com/1_77_0/static/js/render.37e3a46cca72f53ace00.js

17 KB
6 KB

90ms
25ms

Script
application/javascript

2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_77_0/static/js/render.37e3a46cca72f53ace00.js
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5730b5cda06e0b6d7a3e954013e065c8db99ab4a1d4cb537523e6e0e291ac88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Sep 2021 12:54:45 GMT
server: cloudflare
age: 1538
etag: W/"61433e95-4308"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQWC1DbbyR40SDSsHsYjjsukgKp3UK1qgTUXcFq69BnW3b434RpDXTmNHq1VNLvDm6HOYHt4S0Yjd5lDZIBVIwXykqKhN1d%2BYZJiJTcOU0wUyR2uwNLaZ4VdSP9%2Bz5qgt2l1xJcbEOXVxMCCBNXABiScdepO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6960b954786e3761-MXP

Redirect headers

date: Tue, 28 Sep 2021 23:24:12 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6elwE%2BpUJtu%2FV6WhHfeefrvuAG2Zu5Y0%2BrfgRTSpiwF%2F2OH9Q%2B0GbSaD7iLQl7ARiZC0irZVy09LD4859JAm82qajEqVEa3LxaHBnszMrtwqUGIjYVCpWnptko5yvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://widget-v4.tidiochat.com/1_77_0/static/js/render.37e3a46cca72f53ace00.js
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 6960b952cc9354a5-MAN

GET
H2 200 wp-emoji-release.min.js Show response
kontofirmowe.pl/wp-includes/js/ 14 KB
4 KB 29ms
28ms Script
application/javascript 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-includes/js/wp-emoji-release.min.js?ver=5.6.5
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.6.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 4316
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 722 B
864 B 58ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web&subset=latin,latin-ext

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/wp-content/themes/dziecko/style.css?ver=2.0.3.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecd8799f73c6448e0900077d29c47a134dc4e755c1a3d2d1b17171fad091f65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 23:24:12 GMT
server: ESF
date: Tue, 28 Sep 2021 23:24:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Sep 2021 23:24:12 GMT

GET
H2 200 style.css
kontofirmowe.pl/wp-content/themes/justwrite/ 138 KB
24 KB 32ms
31ms Stylesheet
text/css 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/style.css
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/wp-content/themes/dziecko/style.css?ver=2.0.3.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: dee09ebed0b685458f880b1dbdb42c84bf3ef84c24e379a71a3f7c2b560d8026

Request headers

:path: /wp-content/themes/justwrite/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/wp-content/themes/dziecko/style.css?ver=2.0.3.5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/wp-content/themes/dziecko/style.css?ver=2.0.3.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 24914
expires: Tue, 05 Oct 2021 23:24:12 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 53ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CLato%3A400%2C700%2C900%2C400italic%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:19:14 GMT
x-content-type-options: nosniff
age: 385498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Sep 2022 12:19:14 GMT

GET
H2 200 fontawesome-webfont.woff2
kontofirmowe.pl/wp-content/themes/justwrite/assets/icons/fonts/ 75 KB
75 KB 29ms
29ms Font
font/woff2 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/icons/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/icons/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/themes/justwrite/assets/icons/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://kontofirmowe.pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/icons/css/font-awesome.min.css?ver=4.7.0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://kontofirmowe.pl/wp-content/themes/justwrite/assets/icons/css/font-awesome.min.css?ver=4.7.0
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 77160
expires: Tue, 28 Sep 2021 23:24:13 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v15/ 5 KB
5 KB 59ms
27ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CLato%3A400%2C700%2C900%2C400italic%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9011d99d51fdf6ca2efbfeb19d5bada394be4fdea2f88a8662b1a343483a124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 20:46:01 GMT
x-content-type-options: nosniff
age: 182291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5428
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:45 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 20:46:01 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 43ms
16ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CLato%3A400%2C700%2C900%2C400italic%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 233066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 06:39:46 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/ 255 KB
95 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5458742355012073&plah=kontofirmowe.pl&bust=31062935

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ad0ec366281df6e9aeb1a76d38edbf62c2d76dc0acfff428755b085c8d1ebb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96614
x-xss-protection: 0
server: cafe
etag: 11187776091410035689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 23:24:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame 0E58 10 KB
5 KB 32ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kontofirmowe.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 28 Sep 2021 05:09:11 GMT
expires: Tue, 12 Oct 2021 05:09:11 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 65701
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

nestbank.gif
www.bankier.pl/i/l/
Redirect Chain

https://ssl.bankier.pl/i/l/nestbank.gif
https://www.bankier.pl/i/l/nestbank.gif

2 KB
2 KB

146ms
22ms

Image
image/gif

195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/i/l/nestbank.gif

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

93710e0443608bbf64f2ba1544992bf515e7c33351f29935ed564a34813b5f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 23:24:12 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Fri, 04 Nov 2016 10:44:07 GMT
X-Backend: old_static
age: 0
Vary: Origin
Content-Type: image/gif
Connection: keep-alive
X-Varnish: 2898721256 2882498055
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 1706
Expires: Wed, 29 Sep 2021 12:08:50 GMT

Redirect headers

Date: Tue, 28 Sep 2021 23:24:05 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bankier.pl/i/l/nestbank.gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 247
Expires: Wed, 29 Sep 2021 23:24:05 GMT

GET
H/1.1

200
OK

aliorbank.gif
www.bankier.pl/i/l/
Redirect Chain

https://ssl.bankier.pl/i/l/aliorbank.gif
https://www.bankier.pl/i/l/aliorbank.gif

4 KB
5 KB

159ms
22ms

Image
image/gif

195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/i/l/aliorbank.gif

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

5d74c0dc7cf0555aab7bfd904e5ceb3e2bd8fc1c0479b208f6b668b35e79f6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 23:24:13 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 May 2014 10:24:36 GMT
X-Backend: old_static
age: 0
Vary: Origin
Content-Type: image/gif
Connection: keep-alive
X-Varnish: 2898721259 2881789013
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 4587
Expires: Wed, 29 Sep 2021 11:49:24 GMT

Redirect headers

Date: Tue, 28 Sep 2021 23:24:05 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bankier.pl/i/l/aliorbank.gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 248
Expires: Wed, 29 Sep 2021 23:24:05 GMT

GET
H/1.1

200
OK

mbank.gif
www.bankier.pl/i/l/
Redirect Chain

https://ssl.bankier.pl/i/l/mbank.gif
https://www.bankier.pl/i/l/mbank.gif

3 KB
4 KB

169ms
22ms

Image
image/gif

195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/i/l/mbank.gif

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

39fcf26426898bffe5c81187ac32d18e8f10bdb538da04fcd3ce224360e7ecfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 23:24:13 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 May 2014 12:00:19 GMT
X-Backend: old_static
age: 0
Vary: Origin
Content-Type: image/gif
Connection: keep-alive
X-Varnish: 2898721261 2881806176
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 3416
Expires: Wed, 29 Sep 2021 11:49:52 GMT

Redirect headers

Date: Tue, 28 Sep 2021 23:24:05 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bankier.pl/i/l/mbank.gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 244
Expires: Wed, 29 Sep 2021 23:24:05 GMT

GET
H/1.1

200
OK

zgarnijpremie.gif
www.bankier.pl/i/l/
Redirect Chain

https://ssl.bankier.pl/i/l/zgarnijpremie.gif
https://www.bankier.pl/i/l/zgarnijpremie.gif

3 KB
4 KB

169ms
22ms

Image
image/gif

195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/i/l/zgarnijpremie.gif

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

c57a1a5073681f0a85a3382ec3a8fdeeb685927b7d90f2992a7b1f20068ba001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 23:24:13 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Dec 2015 08:51:12 GMT
X-Backend: old_static
age: 0
Vary: Origin
Content-Type: image/gif
Connection: keep-alive
X-Varnish: 2898721262 2895087367
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 3515
Expires: Wed, 29 Sep 2021 19:17:21 GMT

Redirect headers

Date: Tue, 28 Sep 2021 23:24:05 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bankier.pl/i/l/zgarnijpremie.gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 252
Expires: Wed, 29 Sep 2021 23:24:05 GMT

GET
H/1.1

200
OK

santanderbankpolska.gif
www.bankier.pl/i/l/
Redirect Chain

https://ssl.bankier.pl/i/l/santanderbankpolska.gif
https://www.bankier.pl/i/l/santanderbankpolska.gif

3 KB
3 KB

169ms
22ms

Image
image/gif

195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/i/l/santanderbankpolska.gif

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

73b961a34a35475508bdc1bb9eb0e09af4b648980f6e4690387e78f3ed9c7365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 23:24:13 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Sep 2018 13:14:50 GMT
X-Backend: old_static
age: 0
Vary: Origin
Content-Type: image/gif
Connection: keep-alive
X-Varnish: 2898721263 2881882848
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 3135
Expires: Wed, 29 Sep 2021 11:51:51 GMT

Redirect headers

Date: Tue, 28 Sep 2021 23:24:05 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bankier.pl/i/l/santanderbankpolska.gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 258
Expires: Wed, 29 Sep 2021 23:24:05 GMT

GET
H/1.1

200
OK

bankpekao.gif
www.bankier.pl/i/l/
Redirect Chain

https://ssl.bankier.pl/i/l/bankpekao.gif
https://www.bankier.pl/i/l/bankpekao.gif

14 KB
15 KB

183ms
37ms

Image
image/gif

195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/i/l/bankpekao.gif

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

a1c67957ba89cb4e2b03e6535bb5beba8f7458c19684c5f4dd35066bb735a117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 23:24:13 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Mon, 12 Jun 2017 14:16:42 GMT
X-Backend: old_static
age: 0
Vary: Origin
Content-Type: image/gif
Connection: keep-alive
X-Varnish: 2898721260 2881735989
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 14525
Expires: Wed, 29 Sep 2021 11:47:58 GMT

Redirect headers

Date: Tue, 28 Sep 2021 23:24:05 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bankier.pl/i/l/bankpekao.gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 248
Expires: Wed, 29 Sep 2021 23:24:05 GMT

GET
H/1.1

200
OK

pko.gif
www.bankier.pl/i/l/
Redirect Chain

https://ssl.bankier.pl/i/l/pko.gif
https://www.bankier.pl/i/l/pko.gif

5 KB
5 KB

22ms
22ms

Image
image/gif

195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/i/l/pko.gif

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

ac421df0d2f9f38ebe569ffe36ce044d3e3df29489eb51eb5faebeba2c4a0de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 23:24:13 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 13:58:01 GMT
X-Backend: old_static
age: 0
Vary: Origin
Content-Type: image/gif
Connection: keep-alive
X-Varnish: 2898721265 2881735990
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 5075
Expires: Wed, 29 Sep 2021 11:47:58 GMT

Redirect headers

Date: Tue, 28 Sep 2021 23:24:06 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bankier.pl/i/l/pko.gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 242
Expires: Wed, 29 Sep 2021 23:24:06 GMT

GET
H/1.1

200
OK

creditagricole.gif
www.bankier.pl/i/l/
Redirect Chain

https://ssl.bankier.pl/i/l/creditagricole.gif
https://www.bankier.pl/i/l/creditagricole.gif

3 KB
3 KB

22ms
22ms

Image
image/gif

195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/i/l/creditagricole.gif

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

e3c37c00ab971318bbaf10512bedd827dc59ee40877aafa83949fb75b442fbe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 23:24:13 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Jun 2014 10:06:45 GMT
X-Backend: old_static
age: 0
Vary: Origin
Content-Type: image/gif
Connection: keep-alive
X-Varnish: 2898721266 2881955879
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 2920
Expires: Wed, 29 Sep 2021 11:53:54 GMT

Redirect headers

Date: Tue, 28 Sep 2021 23:24:06 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bankier.pl/i/l/creditagricole.gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 253
Expires: Wed, 29 Sep 2021 23:24:06 GMT

GET
H/1.1

200
OK

vwbankpolska.gif
www.bankier.pl/i/l/
Redirect Chain

https://ssl.bankier.pl/i/l/vwbankpolska.gif
https://www.bankier.pl/i/l/vwbankpolska.gif

10 KB
11 KB

23ms
23ms

Image
image/gif

195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/i/l/vwbankpolska.gif

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

bd92c634d4eca5179a4b65e19cd396a66335d9940980c590c2b1d6e905c828cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 23:24:13 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Dec 2020 16:44:07 GMT
X-Backend: old_static
age: 0
Vary: Origin
Content-Type: image/gif
Connection: keep-alive
X-Varnish: 2898721267 2882020278
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 10637
Expires: Wed, 29 Sep 2021 11:55:38 GMT

Redirect headers

Date: Tue, 28 Sep 2021 23:24:06 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bankier.pl/i/l/vwbankpolska.gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 251
Expires: Wed, 29 Sep 2021 23:24:06 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CLato%3A400%2C700%2C900%2C400italic%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 04:13:09 GMT
x-content-type-options: nosniff
age: 69063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 04:13:09 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CLato%3A400%2C700%2C900%2C400italic%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 04:13:08 GMT
x-content-type-options: nosniff
age: 69064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 04:13:08 GMT

GET
H2 200 OFgyER5uFw7Cy-F01PjbVg.woff
themes.googleusercontent.com/static/fonts/oxygen/v3/ 27 KB
27 KB 51ms
14ms Font
font/woff 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/oxygen/v3/OFgyER5uFw7Cy-F01PjbVg.woff

Requested by

Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/wp-content/themes/dziecko/style.css?ver=2.0.3.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db96b5fd7ce4a558844d7e426d253aaccebaceeaaff8aa1ba25a15750c8edb2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kontofirmowe.pl/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 06:17:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 61611
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27612
x-xss-protection: 0
expires: Wed, 28 Sep 2022 06:17:21 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v20/ 24 KB
24 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CLato%3A400%2C700%2C900%2C400italic%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 17:45:26 GMT
x-content-type-options: nosniff
age: 193126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24428
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 17:45:26 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CLato%3A400%2C700%2C900%2C400italic%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 16:36:33 GMT
x-content-type-options: nosniff
age: 283659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 25 Sep 2022 16:36:33 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwaPGR_p.woff2
fonts.gstatic.com/s/lato/v20/ 5 KB
5 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwaPGR_p.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CLato%3A400%2C700%2C900%2C400italic%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c231bed4704b4d3db5350e6b08c88dd0ea7240374bfe6f9951b706dfa8901c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:19:09 GMT
x-content-type-options: nosniff
age: 385503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5436
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Sep 2022 12:19:09 GMT

GET
H2 200 konto_ibiznes_alior-600x400.png
kontofirmowe.pl/wp-content/uploads/2019/03/ 269 KB
269 KB 37ms
37ms Image
image/png 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kontofirmowe.pl/wp-content/uploads/2019/03/konto_ibiznes_alior-600x400.png
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: fb8bff83eb22cb674bc2aa088c5330762de9660ebd00749dd7756908d7d5201c

Request headers

:path: /wp-content/uploads/2019/03/konto_ibiznes_alior-600x400.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 275366
expires: Wed, 28 Sep 2022 23:24:12 GMT

GET
H2 200 account-atm-bank-600x400.jpg
kontofirmowe.pl/wp-content/uploads/2019/02/ 26 KB
26 KB 37ms
37ms Image
image/jpeg 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kontofirmowe.pl/wp-content/uploads/2019/02/account-atm-bank-600x400.jpg
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 7d8b281fb2fd612ced3c9e572ea1d4cbbc97a61ef6b32e1c185b84ba9f561eb3

Request headers

:path: /wp-content/uploads/2019/02/account-atm-bank-600x400.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 26125
expires: Wed, 28 Sep 2022 23:24:12 GMT

GET
H2 200 ranking_kont_firmowych.jpg
kontofirmowe.pl/wp-content/uploads/2013/04/ 33 KB
33 KB 30ms
30ms Image
image/jpeg 77.79.202.67
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kontofirmowe.pl/wp-content/uploads/2013/04/ranking_kont_firmowych.jpg
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.79.202.67 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: jchost.jchost05.pl
Software: LiteSpeed /
Resource Hash: 77e7272b824bbe456a1d069728924d42689c26b69404fd3c2a40a387cbd8c305

Request headers

:path: /wp-content/uploads/2013/04/ranking_kont_firmowych.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: kontofirmowe.pl
referer: https://kontofirmowe.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 33839
expires: Wed, 28 Sep 2022 23:24:12 GMT

GET
DATA 200
OK truncated
/ 279 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bff229f8cf6b902f6c6f9837d436c59634e5a3448189c84ebfeba05c047f4e86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
660 B 138ms
15ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kontofirmowe.pl&callback=_gfp_s_&client=ca-pub-5458742355012073

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5458742355012073&plah=kontofirmowe.pl&bust=31062935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f7393472be6ee9627b38cccde1ad177aa45a0d9ade35f29880bf1ec295bc898d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 118ms
22ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kontofirmowe.pl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 60ms
23ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kontofirmowe.pl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE7D 86 KB
29 KB 698ms
697ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5458742355012073&output=html&h=280&slotname=3604593662&adk=2259910733&adf=131729747&pi=t.ma~as.3604593662&w=728&fwrn=4&fwrnh=100&lmt=1632871452&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fkontofirmowe.pl%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632871452669&bpp=4&bdt=306&idt=152&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=8174571884481&frm=20&pv=2&ga_vid=1862435249.1632871453&ga_sid=1632871453&ga_hid=1239277957&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=747&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062935&oid=3&pvsid=2465244556034779&pem=166&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CVrVfVCY6y&p=https%3A//kontofirmowe.pl&dtd=166

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70f8dd593b9b9dddffe03eb516bae23814b9715fddb4bd0bf347dac67e2c3df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5458742355012073&output=html&h=280&slotname=3604593662&adk=2259910733&adf=131729747&pi=t.ma~as.3604593662&w=728&fwrn=4&fwrnh=100&lmt=1632871452&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fkontofirmowe.pl%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632871452669&bpp=4&bdt=306&idt=152&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=8174571884481&frm=20&pv=2&ga_vid=1862435249.1632871453&ga_sid=1632871453&ga_hid=1239277957&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=747&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062935&oid=3&pvsid=2465244556034779&pem=166&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CVrVfVCY6y&p=https%3A//kontofirmowe.pl&dtd=166
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kontofirmowe.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Sep 2021 23:24:13 GMT
server: cafe
content-length: 29170
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 28-Sep-2021 23:39:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Sep 2021 23:24:13 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 77ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27596
x-xss-protection: 0
server: sffe
etag: "1632742284803949"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 28 Sep 2021 23:24:12 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3826 0
165 B 70ms
70ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5458742355012073&output=html&adk=1812271804&adf=3025194257&lmt=1632871452&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkontofirmowe.pl%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632871452800&bpp=1&bdt=437&idt=49&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=8174571884481&frm=20&pv=1&ga_vid=1862435249.1632871453&ga_sid=1632871453&ga_hid=1239277957&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062935&oid=3&pvsid=2465244556034779&pem=166&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=56

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5458742355012073&output=html&adk=1812271804&adf=3025194257&lmt=1632871452&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkontofirmowe.pl%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632871452800&bpp=1&bdt=437&idt=49&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=8174571884481&frm=20&pv=1&ga_vid=1862435249.1632871453&ga_sid=1632871453&ga_hid=1239277957&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062935&oid=3&pvsid=2465244556034779&pem=166&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=56
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kontofirmowe.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 28 Sep 2021 23:24:12 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 28-Sep-2021 23:39:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Sep 2021 23:24:12 GMT
cache-control: private

GET
H2 200 chunk-WidgetIframe-37e3a46cca72f53ace00.js Show response
widget-v4.tidiochat.com/1_77_0/static/js/ Frame 0878 343 KB
87 KB 32ms
31ms Script
application/javascript 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_77_0/static/js/chunk-WidgetIframe-37e3a46cca72f53ace00.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/vqdg8lohsvuuapz9bkvfzgc1lylba13a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70451f9e2fd63c36dd9534e636401b78fdcebd8e3ec240c2018499c9eadadf9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Sep 2021 12:53:41 GMT
server: cloudflare
age: 1525
etag: W/"61433e55-55aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BU2fxY9nVWVSstPpa%2F6y%2FlgeJnQhawxCgoXjw3RGvd%2BXtpk3dt9irEL8UbWCFjIJnmCwFi8n6xdm7fTNJvXviTdVXooo4cLHj6beo4VRjzlnGVfA16GVTphimKV7VwrtEG6pQQFgTJvnBioRsm%2FwoIMmKq%2Bx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6960b954b8a23761-MXP

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame 0878 7 KB
7 KB 23ms
23ms Media
audio/mpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1140085
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Wed, 08 Sep 2021 10:41:27 GMT
server: cloudflare
etag: "61389357-1c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5d4ezdfi39tstsviomx2xUzIjMOOKl2Vucieaaf%2F5rFxtbFnF8RcMhkIHvgC%2Fc65gBXWsoFwymIDxwfXa35nWJf%2BzLgnKKFNpgAoc87HoSSHj%2Bw%2B6%2FIqKQIuIyGzyT89mEEtn9ukO1MHgruzdvhQoD0lGiBz"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 6960b954b8a33761-MXP
expires: Wed, 29 Sep 2021 18:42:47 GMT

GET
H2 200 widget.37e3a46cca72f53ace00.js Show response
widget-v4.tidiochat.com//1_77_0/static/js/ Frame 0878 505 KB
157 KB 48ms
47ms Script
application/javascript 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//1_77_0/static/js/widget.37e3a46cca72f53ace00.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/vqdg8lohsvuuapz9bkvfzgc1lylba13a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16859ca0c3c2396324e5be9a2c319d322febc9f41d2742bcfe11724f05868a9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Sep 2021 12:54:02 GMT
server: cloudflare
age: 1525
etag: W/"61433e6a-7e53d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfKoIq6bPdboC0i0m9M4QBYPGL9yZuxbgqCLMKzXB5oA6CPwpIYef1X5ups74lBQYFAErA0d4qqoA8AYsD3mzdo3qF8v2RzpDEIUAXMYoXIfatr65A4nz%2BttW7TaZM6NMf2Ryp%2FCeXFUYCKnOBUwUkYn8JWE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6960b954b8a43761-MXP

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame 0878 7 KB
7 KB 25ms
25ms Media
audio/mpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 28 Sep 2021 23:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1140086
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Wed, 08 Sep 2021 10:41:27 GMT
server: cloudflare
etag: "61389357-1c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RH%2BpHx4K6EPdvEaxAwo38PcNsATbVGV%2BVHpuZsyy47aFk110D3LRTpnE6hfSxZ4%2BZpLqguoCm8%2BLMIgSRen2OHZ5Y0xte37IXKfpDBKCquNoJhiCpABK5PwmYCDQyc3XB4cJyMjYBD7jNp%2Fa9ZpOouX55JlT"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 6960b95569553761-MXP
expires: Wed, 29 Sep 2021 18:42:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame EF46 3 KB
646 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap

Requested by

Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_77_0/static/js/widget.37e3a46cca72f53ace00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b24da0c6d2f25d86882b64b5b180c298afd02c3222dbfd415d179767e67823f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 22:05:49 GMT
server: ESF
date: Tue, 28 Sep 2021 23:24:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Sep 2021 23:24:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ Frame EF46 27 KB
27 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kontofirmowe.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 20:59:04 GMT
x-content-type-options: nosniff
age: 181509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:57:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 20:59:04 GMT

GET
H2 200 1f44b.png
twemoji.maxcdn.com/v/13.0.1/72x72/ Frame EF46 1 KB
2 KB 62ms
6ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
Requested by: Host: kontofirmowe.pl
URL: https://kontofirmowe.pl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: ef3a13d933c5500a063d45c928be2ee206ab512c
date: Tue, 28 Sep 2021 23:24:13 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 1285
last-modified: Tue, 01 Jun 2021 07:52:51 GMT
server: NetDNA-cache/2.2
x-github-request-id: 6F68:DEC7:B9415D:BD7906:614DB38D
etag: "60b5e753-505"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Thu, 28 Oct 2021 23:24:13 GMT

GET
H2 200 b349715971fc02f992e4cc58b88ce41f.js Show response
www.gstatic.com/mysidia/ Frame FE7D 7 KB
3 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b349715971fc02f992e4cc58b88ce41f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5458742355012073&output=html&h=280&slotname=3604593662&adk=2259910733&adf=131729747&pi=t.ma~as.3604593662&w=728&fwrn=4&fwrnh=100&lmt=1632871452&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fkontofirmowe.pl%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632871452669&bpp=4&bdt=306&idt=152&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=8174571884481&frm=20&pv=2&ga_vid=1862435249.1632871453&ga_sid=1632871453&ga_hid=1239277957&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=747&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062935&oid=3&pvsid=2465244556034779&pem=166&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CVrVfVCY6y&p=https%3A//kontofirmowe.pl&dtd=166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 14:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3166
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 24 Dec 2021 14:00:33 GMT

GET
H2 200 a1aae16d08f1cf4ca3f32f832dc900b8.js Show response
www.gstatic.com/mysidia/ Frame FE7D 8 KB
4 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a1aae16d08f1cf4ca3f32f832dc900b8.js?tag=text/vanilla_cta_animation_title_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f3dca760a16a5bbc551921bccf65a5d73945f97616ea347cf09ffa50ca2b4cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3426
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 01:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 27 Dec 2021 21:59:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FE7D 2 KB
675 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c916b561eeb543f2b2579740b50b6e5c1f88777ff88d2a75ca190d59383657ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 23:02:02 GMT
server: ESF
date: Tue, 28 Sep 2021 23:24:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Sep 2021 23:24:13 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame FE7D 1 KB
959 B 52ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 21:55:32 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame FE7D 18 KB
8 KB 81ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 22:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 22:48:03 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame FE7D 3 KB
1 KB 52ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 23:15:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE7D 122 KB
37 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 28 Sep 2021 23:24:13 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame FE7D 14 KB
6 KB 82ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 23:00:04 GMT

GET
H2 200 a05f1579543550f3e279366fb116adbd.js Show response
www.gstatic.com/mysidia/ Frame FE7D 27 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 19:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 03:50:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sun, 26 Dec 2021 19:30:07 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame FE7D 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cx9N4HKRTYemFNNDl7_UPiOC6qA-LwY2pWLrlifu_CcCNtwEQASDRw5QJYJX68IGMB6ABytH_wwPIAQGpAhcDGyibmLM-qAMByAPDBKoEpwFP0JRn3-7Z14JDJUi0YncpZVdHqG9GS6RGoYoRE0C9_eFmXaroB_Jq0wtl0isscrDBgM4iUTM4G8MPCZ4U6i0n11Ye7atYmFgrg6Vd7YSwVGWA83fXO-SPhRVS5XHTxQfW7WX8n5dY_9qf4XrT8KQwPDlemJohLAbSDSzw-26W1wTwlcsk71f3206aqSXlo4Q3Tg2RELy4d8ZgIhk-ElCmuV1iE_I4TMAE9-qGzIACkgUECAQYAZIFBAgFGASgBlGAB92yli6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcFENCXkwHSCAkIgOGAEBABGB-ACgHICwHYEwyIFAbQFQGAFwGyFxwKGggAEhRwdWItNTQ1ODc0MjM1NTAxMjA3MxgA&sigh=wY-JuuLXBrw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5458742355012073&output=html&h=280&slotname=3604593662&adk=2259910733&adf=131729747&pi=t.ma~as.3604593662&w=728&fwrn=4&fwrnh=100&lmt=1632871452&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fkontofirmowe.pl%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632871452669&bpp=4&bdt=306&idt=152&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=8174571884481&frm=20&pv=2&ga_vid=1862435249.1632871453&ga_sid=1632871453&ga_hid=1239277957&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=747&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062935&oid=3&pvsid=2465244556034779&pem=166&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CVrVfVCY6y&p=https%3A//kontofirmowe.pl&dtd=166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 28 Sep 2021 23:24:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Sep 2021 23:24:13 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0F09 143 B
226 B 7ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5458742355012073&output=html&h=280&slotname=3604593662&adk=2259910733&adf=131729747&pi=t.ma~as.3604593662&w=728&fwrn=4&fwrnh=100&lmt=1632871452&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fkontofirmowe.pl%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632871452669&bpp=4&bdt=306&idt=152&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=8174571884481&frm=20&pv=2&ga_vid=1862435249.1632871453&ga_sid=1632871453&ga_hid=1239277957&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=747&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062935&oid=3&pvsid=2465244556034779&pem=166&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CVrVfVCY6y&p=https%3A//kontofirmowe.pl&dtd=166
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5458742355012073&output=html&h=280&slotname=3604593662&adk=2259910733&adf=131729747&pi=t.ma~as.3604593662&w=728&fwrn=4&fwrnh=100&lmt=1632871452&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fkontofirmowe.pl%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632871452669&bpp=4&bdt=306&idt=152&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=8174571884481&frm=20&pv=2&ga_vid=1862435249.1632871453&ga_sid=1632871453&ga_hid=1239277957&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=747&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062935&oid=3&pvsid=2465244556034779&pem=166&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CVrVfVCY6y&p=https%3A//kontofirmowe.pl&dtd=166

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 28 Sep 2021 22:34:13 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FE7D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0428d1f832746debe5391558f68f7b0467a7574395faea42271fc0679fe3410d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ Frame FE7D 16 KB
16 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:40:07 GMT
x-content-type-options: nosniff
age: 20646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:44:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Sep 2022 17:40:07 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0F09
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

16ms
15ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmETKNqeuaaZ5KAe2JpESDQCvVU3jkeoNnY4TV0uRCihGQ2LupaMSMFqGCwTw4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 28 Sep 2021 23:24:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 28-Sep-2021 23:25:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Sep 2021 23:24:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 28 Sep 2021 23:24:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 62ms
28ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2df9e0298eeb39e0f83b7958cc80754afe0ee9dc3bd7dc1faa18e4673ce4387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Sep 2021 23:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8340
x-xss-protection: 0

GET
H2 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame 13AE 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 28 Sep 2022 21:44:24 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 299ms
299ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 28 Sep 2021 23:24:14 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 27F9 12 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kontofirmowe.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 28 Sep 2021 13:52:25 GMT
expires: Wed, 28 Sep 2022 13:52:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D211 783 B
1 KB 27ms
27ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e3161a40fe47aa3c5f1e70a8d5459e58ca1e04baba32ef2741c408edef1c206

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yHVd0OxUEl71NbMpc3gwdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kontofirmowe.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 28 Sep 2021 23:24:14 GMT
date: Tue, 28 Sep 2021 23:24:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-yHVd0OxUEl71NbMpc3gwdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame 27F9 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 28 Sep 2022 21:44:24 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D211 0
0 30ms
29ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=2465244556034779&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
40ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=2465244556034779&bg=!l5SllNDNAAZNQyuQTUM7ACkAdvg8Wl3MhMmczzWpbglKtREnCzyjK3NfrekudDS-R7HnkdNyIJqaygIAAABbUgAAAAxoAQcKAKRRXkU768pSFptFSTeBfbG9gA3aeuxjsKg0pWAKKQFdnl0khi17YqPqbwK0urI_PjNIdJUyQsGYj87neEUADMNgOTR-FV-qiEugo_78FXxWRNDlpSZAlGsi24Y5fsJ-vvGEyBUhezMkqyYikhamfDBmfJqRhiKl80bL3GVmtEHJsV8MVbElaQZSHhF3FF-LU6fzTINC8LKyUHL6XiS58rjzSS9wVpkCtQ-Kl4xHY36jy7AeGUOOJXeSPf9YlhnDyWK-Bic0DuOq1l5_QTD8l1huUzr47BAbskirUsxo0o4DQvbuzjeoSSnrimVNcc9GIuSjsQxZT8b4GPqO5B3BxDVmvqZsKO-ItF9tOmXqnZ8EYPJSrf5zHHfiQTjHvueztFFOdwLHekiWfvgcyfxgLovH5txmnNQBqUeoNN2wv3zudZC2YvFPEzEp61P_pyluVUPmt6qdrpoaUorhYqSp50oACmKIfaV7gPTMfFJFuHRW7MAEtsiY2P-3WuLvsex7BEQlQcwYQ32ii-xowxN5Vlg_ZqFUw9mphi1pJWFYfSJ5Km_wZpkFwoBIFTRH4cmpdLj9y2kSK0abHHHO2Nf7bno5ElR_xNuy5VVXwJX-48xfugdGyur5aLj6vHxJ5u9j5Thw9gOoJVyc3z1HHZO91Hv9ybxnsAm1na10gTfYZzNeKNnm0-PYudLpkm7PBF-gklnOAodqUO9alLP9ElPvhqp_jJO74yboJUXkULpbfKrG3jnL11HxbBGbC-2rAIKlRM88T6Qb9R_X_Zta27dVRFl8ZufdjtiaXPEiSsUScuNbH84-9-BeEumYx4iTh_9V2u_oI0xU1r0Raam9RyEH2nebUlyfj3B8Y1X9OZZgNbqx3Nv0SAayb_c5SZhwPtb9YLc8n5ks4TtL4LRXZe3SkA4dJ_pkRbnh5IL8b5wqKhRB0wSVa512X-kiFsG3XeeQFZEA799Sl5jBP0qFAgxsKBjI1xC4h8tTP-DG-4pP-Tl3BwyuscfnUED-39DBVd-LQT10hL5at41L4T5Y7V_HwjDGiC1O2BuOSQUhykOgAmBY_0FWqy_V_s_zNR8CxJNX1baqn2j7IwqcHh5jeEksTM3FztgbTAfaO0T-YrTilgT7HS5dS-_BgaDT8QMGmw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kontofirmowe.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FE7D 42 B
174 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY-96axW9vWxJJmMOL-j20CPPAmi3suWzQFxYLzdJ769rTeu2ixJZs8S4Io8FkXDtL2bclXxE9xwaEID3bAPqvUKR_PBPEhavXUvQeuWkbnJGI8-QWYA&sai=AMfl-YQQQ-d_-XoEzKNkXsdYC-s50FyNnrgicPYaWjBE2FyjCgTlWp9Xrxd0kKBemxfmQr7CAdww2jZBIyRc&sig=Cg0ArKJSzKW1dkjWI8g4EAE&id=lidar2&mcvt=1000&p=40,747,320,1475&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2259910733&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1632871452836&rpt=945

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 23:24:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kontofirmowe.pl/	1970-01-20 06:56:07	Name: __gads Value: ID=96b80cea29d02b7a-22108dd865c90087:T=1632871452:RT=1632871452:S=ALNI_MZP_MhO8dcd8smtw6ZKbARGe5ZwFg
.doubleclick.net/	1970-01-20 06:56:07	Name: IDE Value: AHWqTUmETKNqeuaaZ5KAe2JpESDQCvVU3jkeoNnY4TV0uRCihGQ2LupaMSMFqGCwTw4
.doubleclick.net/	1970-01-19 21:34:31	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.systempartnerski.pl
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kontofirmowe.pl
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.bankier.pl
themes.googleusercontent.com
tpc.googlesyndication.com
twemoji.maxcdn.com
use.fontawesome.com
widget-v4.tidiochat.com
www.bankier.pl
www.google.com
www.googletagservices.com
www.gstatic.com
www.kontofirmowe.pl
104.26.9.183
128.204.218.194
142.250.185.194
195.167.159.38
23.111.9.57
2606:4700:20::ac43:4703
2606:4700:3031::ac43:d645
2a00:1450:4001:800::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
77.79.202.67
77.79.227.167
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0428d1f832746debe5391558f68f7b0467a7574395faea42271fc0679fe3410d
0c231bed4704b4d3db5350e6b08c88dd0ea7240374bfe6f9951b706dfa8901c3
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
16859ca0c3c2396324e5be9a2c319d322febc9f41d2742bcfe11724f05868a9b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
23f420bee62dd87b4460e2cc508f5557a05fccc933b47deb95a790ac18604d00
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c7e4c4c043eacbd5c0ead7ec5eb2349876c5d070696d26c2c44d87a2e5350b4
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
32dd6356ac457e0463a48a9539f35b14db11807948a0a3217bd08566672115ed
336f4e4477bcdb32ded9d34541dabaa6e12c9f8297ed98b32940784fe0d7e98e
39fcf26426898bffe5c81187ac32d18e8f10bdb538da04fcd3ce224360e7ecfe
3ad0ec366281df6e9aeb1a76d38edbf62c2d76dc0acfff428755b085c8d1ebb6
3e3161a40fe47aa3c5f1e70a8d5459e58ca1e04baba32ef2741c408edef1c206
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4920010809f2753c01feb41fdd0b531e994f8d452b2d4f6ec5140d532449af6d
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d74c0dc7cf0555aab7bfd904e5ceb3e2bd8fc1c0479b208f6b668b35e79f6a9
5e082006678b1866afe5928d730e15829c117017e11db817aa810be2cae8929d
5f3dca760a16a5bbc551921bccf65a5d73945f97616ea347cf09ffa50ca2b4cb
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6205d101ceaacc9ba47f1c2db620d2e87f6a2f3d158f2f5d9582890494d1aeb3
67ed5e0827ac2eaa56c25aa7fe9cd258053e9bb456fcf7cf983cf223793eb7ac
6b24da0c6d2f25d86882b64b5b180c298afd02c3222dbfd415d179767e67823f
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
70451f9e2fd63c36dd9534e636401b78fdcebd8e3ec240c2018499c9eadadf9b
70f8dd593b9b9dddffe03eb516bae23814b9715fddb4bd0bf347dac67e2c3df4
73b961a34a35475508bdc1bb9eb0e09af4b648980f6e4690387e78f3ed9c7365
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
77e7272b824bbe456a1d069728924d42689c26b69404fd3c2a40a387cbd8c305
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7d8b281fb2fd612ced3c9e572ea1d4cbbc97a61ef6b32e1c185b84ba9f561eb3
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
93710e0443608bbf64f2ba1544992bf515e7c33351f29935ed564a34813b5f57
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a1c67957ba89cb4e2b03e6535bb5beba8f7458c19684c5f4dd35066bb735a117
a2df9e0298eeb39e0f83b7958cc80754afe0ee9dc3bd7dc1faa18e4673ce4387
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb
ac421df0d2f9f38ebe569ffe36ce044d3e3df29489eb51eb5faebeba2c4a0de5
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b139f243c33a32098b98fe104d2070f65662d47c93cbdee9b80ac9ea4e060830
b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb
b5730b5cda06e0b6d7a3e954013e065c8db99ab4a1d4cb537523e6e0e291ac88
bd92c634d4eca5179a4b65e19cd396a66335d9940980c590c2b1d6e905c828cf
bff229f8cf6b902f6c6f9837d436c59634e5a3448189c84ebfeba05c047f4e86
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c29a2f62f96e0fd6c0c95af4012ba2eed854e883c13cb40241ddb2ad26e5aecf
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c57a1a5073681f0a85a3382ec3a8fdeeb685927b7d90f2992a7b1f20068ba001
c916b561eeb543f2b2579740b50b6e5c1f88777ff88d2a75ca190d59383657ac
cf53667dcf4c290c42b652154f2880981ccd9de593d5d1841cc027783408d101
cf6699ae067dd7a49b0e7a3fb1459f2b04551f34592a18140d35df2af3343604
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
d850a0b32c696c63be8fd18ead0dba245547ea7546e633ecfed8c45bef137865
db7d97ab435f269ae6b7e4aa0549dbf2ac0a762fe6b824e968cc2a26db19561c
db96b5fd7ce4a558844d7e426d253aaccebaceeaaff8aa1ba25a15750c8edb2f
dc008f649c463c6bd9e8f5b2aebea7c0d0b5d13aa1d837c0ccd1173706247b68
dee09ebed0b685458f880b1dbdb42c84bf3ef84c24e379a71a3f7c2b560d8026
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c03ff5afc9a484b47571aa1cd3fd7d7f11bf9b130c778df39f0158fee24e83
e3c37c00ab971318bbaf10512bedd827dc59ee40877aafa83949fb75b442fbe7
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
ea1bece94de4b7e16b5f78da077091d3205f6d6ae3133b8492635e416cd45e31
ecd8799f73c6448e0900077d29c47a134dc4e755c1a3d2d1b17171fad091f65a
ee3010cf912de37453026428844c8cbd3692c901e0536c840f687ca2489ff683
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
f7393472be6ee9627b38cccde1ad177aa45a0d9ade35f29880bf1ec295bc898d
f9011d99d51fdf6ca2efbfeb19d5bada394be4fdea2f88a8662b1a343483a124
fb8bff83eb22cb674bc2aa088c5330762de9660ebd00749dd7756908d7d5201c
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

kontofirmowe.pl Open in urlscan Pro 77.79.202.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

100 %HTTPS

63 %IPv6

16 Domains

21 Subdomains

18 IPs

3 Countries

1400 kBTransfer

3065 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kontofirmowe.pl Open in urlscan Pro
77.79.202.67 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

100 %
HTTPS

63 %
IPv6

16
Domains

21
Subdomains

18
IPs

3
Countries

1400 kB
Transfer

3065 kB
Size

3
Cookies

90 HTTP transactions
2 data transactions