urlscan.io logo urlscan.io
SecurityTrails logo

newsblog.pl Open in urlscan Pro
104.21.66.238  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://newsblog.pl/
Effective URL: https://newsblog.pl/
Submission: On October 19 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 7 countries across 23 domains to perform 190 HTTP transactions. The main IP is 104.21.66.238, located in and belongs to CLOUDFLARENET, US. The main domain is newsblog.pl.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2023. Valid for: a year.
This is the only time newsblog.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37 104.21.66.238 13335 (CLOUDFLAR...)
24 142.250.185.194 15169 (GOOGLE)
1 172.67.172.12 13335 (CLOUDFLAR...)
1 172.67.194.119 13335 (CLOUDFLAR...)
3 9 93.158.134.119 13238 (YANDEX)
1 10 142.250.186.162 15169 (GOOGLE)
9 142.250.186.67 15169 (GOOGLE)
8 14 142.250.184.194 15169 (GOOGLE)
1 27 216.58.206.33 15169 (GOOGLE)
2 216.58.206.36 15169 (GOOGLE)
4 142.250.186.42 15169 (GOOGLE)
7 142.250.186.98 15169 (GOOGLE)
31 172.217.23.102 15169 (GOOGLE)
2 142.250.185.110 15169 (GOOGLE)
1 142.250.184.206 15169 (GOOGLE)
1 142.250.184.238 15169 (GOOGLE)
3 7 104.18.26.193 13335 (CLOUDFLAR...)
4 6 37.252.171.52 29990 (ASN-APPNEX)
4 172.217.23.98 15169 (GOOGLE)
4 142.250.185.131 15169 (GOOGLE)
2 2 52.29.172.170 16509 (AMAZON-02)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 15.197.193.217 16509 (AMAZON-02)
1 18.195.155.219 16509 (AMAZON-02)
1 2 54.229.245.224 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
1 2 35.186.193.173 15169 (GOOGLE)
2 142.251.32.35 15169 (GOOGLE)
1 1 172.217.16.142 15169 (GOOGLE)
1 194.9.25.81 41406 (ATMAN-PRO...)
190 28
37    104.21.66.238 (None, )

ASN13335 (CLOUDFLARENET, US)
newsblog.pl
24    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.67.172.12 (United States)

ASN13335 (CLOUDFLARENET, US)
js.streampsh.top
1    172.67.194.119 (United States)

ASN13335 (CLOUDFLARENET, US)
nxt-psh.com
9    93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
10    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads.g.doubleclick.net
9    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
14    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
cm.g.doubleclick.net
27    216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f1.1e100.net
tpc.googlesyndication.com
2    216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f4.1e100.net
www.google.com
4    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
7    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googletagservices.com
www.googleadservices.com
31    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net
s0.2mdn.net
2    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
encrypted-tbn0.gstatic.com
1    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
encrypted-tbn3.gstatic.com
1    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
encrypted-tbn1.gstatic.com
7    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
6    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
googleads4.g.doubleclick.net
4    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
2    52.29.172.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-172-170.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    18.195.155.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-219.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.229.245.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-245-224.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
2    142.251.32.35 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: sfo03s26-in-f3.1e100.net
csi.gstatic.com
1    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
redirector.gvt1.com
1    194.9.25.81 (Poland)

ASN41406 (ATMAN-PROJECTS, PL)
PTR: rev-194-9-25-81.atman.pl
r6---sn-5uh5o-f5fs.gvt1.com
Apex Domain
Subdomains		 Transfer
51 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
601 KB
37 newsblog.pl
newsblog.pl
861 KB
31 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
271 KB
27 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
233 KB
19 gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn1.gstatic.com
fonts.gstatic.com
csi.gstatic.com
286 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
4 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7957
4 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
5 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
295 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
4 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
www.googleadservices.com — Cisco Umbrella Rank: 153
602 B
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 3762
r6---sn-5uh5o-f5fs.gvt1.com
1 MB
2 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 8315
981 B
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3539
70 KB
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1386
213 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
146 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
149 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
759 B
1 nxt-psh.com
nxt-psh.com — Cisco Umbrella Rank: 185080
789 B
1 streampsh.top
js.streampsh.top — Cisco Umbrella Rank: 183425
9 KB
190 23
Domain Requested by
37 newsblog.pl 1 redirects newsblog.pl
31 s0.2mdn.net newsblog.pl
s0.2mdn.net
27 tpc.googlesyndication.com 1 redirects pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
newsblog.pl
24 pagead2.googlesyndication.com newsblog.pl
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
13 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 www.gstatic.com js.streampsh.top
googleads.g.doubleclick.net
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 mc.yandex.com 2 redirects mc.yandex.ru
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 googleads4.g.doubleclick.net newsblog.pl
4 fonts.googleapis.com googleads.g.doubleclick.net
2 csi.gstatic.com www.gstatic.com
2 ius.ctnsnet.com 1 redirects googleads.g.doubleclick.net
2 pr-bh.ybp.yahoo.com 1 redirects googleads.g.doubleclick.net
2 pm.w55c.net 2 redirects
2 www.googleadservices.com
2 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
2 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
2 mc.yandex.ru 1 redirects newsblog.pl
1 r6---sn-5uh5o-f5fs.gvt1.com googleads.g.doubleclick.net
1 redirector.gvt1.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 x.bidswitch.net googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 nxt-psh.com js.streampsh.top
1 js.streampsh.top newsblog.pl
190 33

This site contains links to these domains. Also see Links.

Domain
wordpress.org
themezhut.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-07 -
2024-03-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
nxt-psh.com
GTS CA 1P5		 2023-08-24 -
2023-11-22		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh

This page contains 23 frames:

Primary Page: https://newsblog.pl/
Frame ID: D5839042D3105161B9AE17F7AF07703E
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 41A8B51A60DC5825D4BB08989FC179B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&adk=1812271804&adf=3025194257&lmt=1697736144&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnewsblog.pl%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343802&bpp=8&bdt=649&idt=298&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3758523756016&frm=20&pv=2&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=366
Frame ID: 0DA2CD3487676037DBD7B756BFDAE4EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&slotname=2282450815&adk=40390786&adf=3094035350&pi=t.ma~as.2282450815&w=490&fwrn=4&fwrnh=100&lmt=1697736144&rafmt=1&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343810&bpp=2&bdt=656&idt=371&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9W43jTYYy9&p=https%3A//newsblog.pl&dtd=381
Frame ID: D696DA79165B973C639ACABA026281E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Frame ID: A9BCA07597C9A3465C91097DBA422355
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4FDEDDD19EDF9DE5A355DD1B43E4FF12
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A8E60045525BE3368E12AC34D787728
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARi0jaH1ATAB&v=APEucNXu0dVOoJsjQniOVUyxRLn49h0lDlR54dlD_eNqLNpVZyWGMasl53ExPIQ59EAcqbZI7c_SSh-hWMvfWPl0iV3wTfjbfYFoqAtG6huhhM9tNWo59KaB7TS3_yd6GWEYGrhPaorA7tAxlOkSmhj4cY4eIAbK8yE3B0cRHR8rAAJKP8kv_0w
Frame ID: 2B7F9350FD27DE3FEA1D2E060CC472D5
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 3A1E41D9F0E0E5256DF87A333CA2A028
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Frame ID: 88DD617E106C2FD2F01526D24B879FFC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B4A2D8727FEAA31D6531D648F28A05FC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Frame ID: 4667C5CF4B25DF3CA9AE3F85EFE16504
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0773EE52F6ED61BD3478A29A0DFD69F5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: D45F8059C78BC8A3263B961EC5B90146
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARijwor6ATAB&v=APEucNWwQA-Dlwx9ktPLloWjcYwZecXJJRiYY1NAP8hHsCAWSznp4bzoQVREqc7Od7JifX0uCzUv_3Hs-XUoMNKgBQMsxh5vg5M1AQdyFHAy03WO35jordekBLZ6i3LuZStthd-WOpa4ev2zCqUankpPDq5WsGvZOObSknRw1Bgzz3sXhp8nVRQ
Frame ID: 67048D411B469F7CF255CE1E54C2F2BA
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 0FDAF2B0FA33C975B78A90E87F8331C3
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D574D65D1A2D3FAE9C58DC660FFC01FC
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Frame ID: ADE088AC7ACB283C8D55A7807F5FDFD8
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 1599BB24CC41EA19A76E1E5F3744622E
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Frame ID: BF734A6954CB7FCC453C0871C66001F7
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F99139AFCC8A7BB58F6CEF6980B2682D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 388388D55F6B0C65E747DCE416CE0CF8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: DEBCA4DDCF60D1F09D20F04E294A2251
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

newsblog.pl – Nowości ze świata IT/Recenzje/Porady/Wywiady

Page URL History Show full URLs

  1. http://newsblog.pl/ HTTP 301
    https://newsblog.pl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

190
Requests

90 %
HTTPS

0 %
IPv6

23
Domains

33
Subdomains

28
IPs

7
Countries

4042 kB
Transfer

7390 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://newsblog.pl/ HTTP 301
    https://newsblog.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10161.mWrb1xzkk0fm-GjubeSuaaw5eXaxOYdQustY4h00NlFHNG3_JQtduVlNMUA4V2KE.6SPthPKxbsRpLZyYdh1xGpoDYF0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10161.j32bC32ODUCxLhk8Md4KmtBeCzknQv_x4HXkMB4lS77hMQ_1rIP9emB5DH-tmdu46Zl3QoYQTaIE7pbhji7ljEb6PNcbuwk6DL4q3ZWTAuPb2HGfwcX1a-jxro9KVAXmbx1LM-pU9NoQBhIIXsS8O3-BqRHvTQIXUJ520mHkmPr_wrw8rMf0Nx7mmV-4kt-JRJdm89wAIasM1JDCGJYOrCwcjzo5YWdlPD_V9W9gUDI%2C.4vuyj_G9qKWgP9S8js78LDZFZlA%2C
Request Chain 57
  • https://mc.yandex.com/watch/52665877?wmode=7&page-url=https%3A%2F%2Fnewsblog.pl%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1140%3Acn%3A1%3Adp%3A0%3Als%3A558048125436%3Ahid%3A453456672%3Az%3A120%3Ai%3A20231019212224%3Aet%3A1697743344%3Ac%3A1%3Arn%3A865246543%3Arqn%3A1%3Au%3A1697743344670733575%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C1345%2C39%2C91%2C0%2C%2C324%2C0%2C1879%2C1879%2C25%2C1878%3Aco%3A0%3Acpf%3A1%3Ans%3A1697743341644%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697743345%3At%3Anewsblog.pl%20%E2%80%93%20Nowo%C5%9Bci%20ze%20%C5%9Bwiata%20IT%2FRecenzje%2FPorady%2FWywiady&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/52665877/1?wmode=7&page-url=https%3A%2F%2Fnewsblog.pl%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1140%3Acn%3A1%3Adp%3A0%3Als%3A558048125436%3Ahid%3A453456672%3Az%3A120%3Ai%3A20231019212224%3Aet%3A1697743344%3Ac%3A1%3Arn%3A865246543%3Arqn%3A1%3Au%3A1697743344670733575%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C1345%2C39%2C91%2C0%2C%2C324%2C0%2C1879%2C1879%2C25%2C1878%3Aco%3A0%3Acpf%3A1%3Ans%3A1697743341644%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697743345%3At%3Anewsblog.pl%20%E2%80%93%20Nowo%C5%9Bci%20ze%20%C5%9Bwiata%20IT%2FRecenzje%2FPorady%2FWywiady&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
Request Chain 82
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGB8dKQIPcdWtV42XieDgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
Request Chain 83
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOTAJHIirXLPMKYgFrb66Kw&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOTAJHIirXLPMKYgFrb66Kw%26google_cver%3D1
Request Chain 84
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MzA3NDYxMTY2NjU3OTkxNA%3D%3D
Request Chain 137
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CVy0o8IExZaGNFbqE5LcPhfmFkAHikonWc8LQq6GIEsSboPK7MBABIKiUyExg6eTJhdgaoAGzo-LtA8gBCakCvRX-0Srhjz6oAwHIA8sEqgSNAk_Qr6bR8hRA0FTFiO8GRwfV0RPUgWq93jRCV6yXOn3HydJticTfynm4yqgpGVdNiecveRL2iByM-81_3amFv_MbmbsgSEiGtLezQFxgN9JgVuduq2MrvOCOUru3J7twflzlPv-4PpSPc9i4Z9zbGNUdMQ4RGVUQ1HoCn9VKA1-_vYlvIC3FTqo8AbYnCoqFX2LBd5nvTnW5aoZCos0Uu3d51ogrYp8xRh9tBeAHue4RYWad4sUt8EhhNppoKbyp0PNqP6d8t4sgpifMhVvE-l7LDIG-ULnJ5yBKzdXxDiSn0F4uc6ooRJXdZzRIMsKR6LZ0z7RYl8YTjcIhLW2bzkPBxHSt2gfdqWRoLPN9wASJi6OjigSIBcSXwfZAkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8LW-3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQi4YG0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJowFodHRwczovL2FsbGVncm8ucGwva2F0ZWdvcmlhL3J0di1pLWFnZD9zdGFuPW5vd2Umb2ZmZXJUeXBlQnV5Tm93PTEmdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPV9lbGt0cmtfcnR2YWdkX3BsYV9wbWF4JmV2X2NhbXBhaWduX2lkPTE3OTY2MzM1ODI5gAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTg0Nzc0MTg0MTAzNjg5MjYYAA&sigh=TBDIhF2MCKw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNJYeAhWL1vqRTowwoz4go9nBfDxTmdhBs0hENVnUw-e4vcOVu9x-bg8wGs5IyUW5Lt4VnJA2PsFSkVG6DLKVXv6Ty6_StDBgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222599077658356180414%22,%22debug_reporting%22:true,%22destination%22:%22https://allegro.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221035506099%22],%224%22:[%2210-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228646590382726694129%22}&andc=true
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
Request Chain 148
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGB8dKQIPcdWtV42XieDgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOTAJHIirXLPMKYgFrb66Kw&google_cver=1
Request Chain 150
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MzA3NDYxMTY2NjU3OTkxNA%3D%3D
Request Chain 158
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDLXYT9B4BfhFdDN53h_FoQ&google_cver=1&google_push=AXcoOmQWmliByq01Vz6nuXmDaUhYeZMuVsYia5bP_dU6gemZ3EHx1DBtrdtpurhpUYjhHrsn3KIEqvuHLWM6U2_NLTMMpLKZ-J-e-Fn3k80n_SirRWBMwEd7aTNGeiy6IydJob82kPF20mXI7PImjiPWvJJIwg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDLXYT9B4BfhFdDN53h_FoQ&google_cver=1&google_push=AXcoOmQWmliByq01Vz6nuXmDaUhYeZMuVsYia5bP_dU6gemZ3EHx1DBtrdtpurhpUYjhHrsn3KIEqvuHLWM6U2_NLTMMpLKZ-J-e-Fn3k80n_SirRWBMwEd7aTNGeiy6IydJob82kPF20mXI7PImjiPWvJJIwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Y3BoM3BZbUgxUVR5QmM1&google_gid=CAESEDLXYT9B4BfhFdDN53h_FoQ&google_cver=1&google_push=AXcoOmQWmliByq01Vz6nuXmDaUhYeZMuVsYia5bP_dU6gemZ3EHx1DBtrdtpurhpUYjhHrsn3KIEqvuHLWM6U2_NLTMMpLKZ-J-e-Fn3k80n_SirRWBMwEd7aTNGeiy6IydJob82kPF20mXI7PImjiPWvJJIwg
Request Chain 159
  • https://um.simpli.fi/gp_match?google_gid=CAESEGZM_b-OoycBRJ9fkbjYvKk&google_cver=1&google_push=AXcoOmTF8pHIHjKKwOICAWfE35CT5CD0cyG6WuQxKN-7BewZTbUXmd86q7QutiMp-e4Xk-Olx7vFVs8mt28SJcl6dRA1TDf8oBX63GWufWzfifMfIEUo5s4BwM9FeFgYmzSoOJyEGrT8Rz9wikz53CvuVo-s5bE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=43994DBC53874C12BE29F2CA464290E5&google_push=AXcoOmTF8pHIHjKKwOICAWfE35CT5CD0cyG6WuQxKN-7BewZTbUXmd86q7QutiMp-e4Xk-Olx7vFVs8mt28SJcl6dRA1TDf8oBX63GWufWzfifMfIEUo5s4BwM9FeFgYmzSoOJyEGrT8Rz9wikz53CvuVo-s5bE
Request Chain 162
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBEQ3Jbm6AiEMg_IXVvWihA&google_cver=1&google_push=AXcoOmQlQFriG_53PhSoWyTPh3e8WgfwzjXVye6yJFjJywDnbadi5-ta73IKuFlYT_oVBwhKRIVkDkjle1wuAXSBPb951zbvkVOFwp0emeVqZb7WI-tIG82Imu-rucMyN42VLhO2XJZZw5zwEkDJFZT6NDSE_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQlQFriG_53PhSoWyTPh3e8WgfwzjXVye6yJFjJywDnbadi5-ta73IKuFlYT_oVBwhKRIVkDkjle1wuAXSBPb951zbvkVOFwp0emeVqZb7WI-tIG82Imu-rucMyN42VLhO2XJZZw5zwEkDJFZT6NDSE_g&google_hm=eS1RcWF6Nm1aRTJwR1hnLkM0QlZJZlNSc0RhajRvcHJpT35B HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_error=5
Request Chain 164
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEG5GJlbL3hiRL4rnWfkJsdY&google_cver=1&google_push=AXcoOmReDzJGGGX6jS-oUk4aelASH1Ba5gRlI8TUBWtPlFO8WQh6W_eGeQ4SkWcAMchVhLF0vttk8NO12GDTvsuGBmyHmFaVX7vYaoEop7Wt_GPRKVGkLlCDhLVh9vWTSO9sjd4JdvbSQIx2NYv3T4vevC4mz9k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmReDzJGGGX6jS-oUk4aelASH1Ba5gRlI8TUBWtPlFO8WQh6W_eGeQ4SkWcAMchVhLF0vttk8NO12GDTvsuGBmyHmFaVX7vYaoEop7Wt_GPRKVGkLlCDhLVh9vWTSO9sjd4JdvbSQIx2NYv3T4vevC4mz9k&google_hm=UYMTEk-cTjuZT7wIDDexNFg HTTP 302
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_error=5
Request Chain 180
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC3p6bPugEQoAYYogMyCAkQQkAv6CiM HTTP 301
  • https://tpc.googlesyndication.com/simgad/9789635066219908180
Request Chain 181
  • https://redirector.gvt1.com/videoplayback?id=26ef25c07f6efc90&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1697750544&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=763AAD8AB0BDD7D72A079D12EE4EE97A906C1767.34FC5F4D3C56BA63C36F66F21FE9D4964EED99AF&key=ck2 HTTP 302
  • https://r6---sn-5uh5o-f5fs.gvt1.com/videoplayback?id=26ef25c07f6efc90&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1697750544&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5224ADBC4486981020D9D8BCE6E2114274C45A6E.83C17379DB0C5B9CC168B2BDFC07648A089C828C&key=cms1&cms_redirect=yes&mh=Cs&mip=176.67.86.88&mm=28&mn=sn-5uh5o-f5fs&ms=nvh&mt=1697742980&mv=m&mvi=6&pl=24

190 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsblog.pl/
Redirect Chain
  • http://newsblog.pl/
  • https://newsblog.pl/
88 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e4a391491137c6c356462dbf8b58181bbdb060948ddf5fd9b9cd6128720356

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
818b63ae6d50fbda-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 19:22:23 GMT
link
<https://newsblog.pl/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hBULKw6uWadvNANDk3xFn%2BAUooMV0kxptAKieD03%2FIwyQUDXZAm7D5nAbUO5BFH1IUzpGkAmdaMLq%2BAqDHD9x4eESeeD9r6Kri94jkljQv4VL6VdNj4yZCqWK5ysw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
818b63adbf23355e-WAW
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 19 Oct 2023 19:22:21 GMT
Expires
Thu, 19 Oct 2023 20:22:21 GMT
Location
https://newsblog.pl/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AX1ma2Oh04kkBWeNN6PwPODsnLGCnas6cYPJa5MxbWv%2BNLm8crB8moYYmrbF303pCWox1bpDftKpG4METSoaP2Bz8VoCa8Ivd2vVcdKSrMKefFk55PV0qnwVGH6z3w%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style.min.css
newsblog.pl/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Aug 2023 07:15:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46
etag
W/"64d33cfc-19824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9slQlBBQ1cRzRddBtIei%2F8ZtMmuhGGzSIn3EsizcmiM4enf3JfsQYOVhBMkOHrC3LuQN1Mj0lfJd0vPs04Gbb2TNYaL6ytb4M2IJXQMQPUk8j0uP8NwfaF1d86rrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
818b63b6da68fbda-WAW
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Oct 2023 07:21:37 GMT
front.css
newsblog.pl/wp-content/plugins/wpreactions-pro/assets/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/plugins/wpreactions-pro/assets/css/front.css?v=2.6.82&ver=6.3.2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
677715463ac1daa6cbefa1fe44b4f72c4c2dec548954c183a8b3e37f9a76a303

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46
cf-polished
origSize=27814
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 04 Mar 2022 18:34:33 GMT
server
cloudflare
etag
W/"62225bb9-6ca6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOGz6E%2BRWH3%2BgjAd8GIZGtr2vwk0S9DGmmJHKMXjKfAcx1tZlfucZhaYJLwhDC2JIhDOP5Iu%2Blyq%2F%2BhFFwHDPjNKfo7uMV%2BrjrFeiIDuCnobM5onyNxY3JEu28CLig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
818b63b6da6bfbda-WAW
expires
Fri, 20 Oct 2023 07:21:37 GMT
common.css
newsblog.pl/wp-content/plugins/wpreactions-pro/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/plugins/wpreactions-pro/assets/css/common.css?v=2.6.82&ver=6.3.2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b85867ad63bec884a25c0f3d924b6936017c1714ffcf9bee9b9e77d573b3ea

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46
cf-polished
origSize=4214
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 04 Mar 2022 18:34:33 GMT
server
cloudflare
etag
W/"62225bb9-1076"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FGMxUmHmrjKzvDOAlcPmq%2Bfwp5cQ2FU18eVUg5yHJa86dAB%2B03qP1FoVzu%2F%2BZRGEP4Bc0y%2FSCdKFZDZoFLfd8y6vTbsg%2B3MF7FwDpNLNNczrMPnXK0tiARYi3mbZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
818b63b6da6dfbda-WAW
expires
Fri, 20 Oct 2023 07:21:37 GMT
all.min.css
newsblog.pl/wp-content/plugins/wpreactions-pro/assets/vendor/fontawesome/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/plugins/wpreactions-pro/assets/vendor/fontawesome/css/all.min.css?v=2.6.82&ver=6.3.2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b394b9b659e379ea790fadc93e3feafdeec997a9d1bc5965de45f23f4aed4c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 Mar 2022 18:34:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46
etag
W/"62225bb9-e637"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9dtphNuqs0pexTqjJ4ZxfaCNEB0aoE77Fg4XcIVotpdyufucmCHjPZvZa2tfpnUQKReDsTc4SW5eBrF0qee6vp0ozc0feY%2FD1fc8a%2ByTkgc9FnBZFf%2Bwq5fHTPdew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
818b63b6da6ffbda-WAW
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Oct 2023 07:21:37 GMT
all.min.css
newsblog.pl/wp-content/themes/bam/assets/fonts/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/themes/bam/assets/fonts/css/all.min.css?ver=5.15.4
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Jun 2023 19:15:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
39557
etag
W/"649f29b6-e7a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wqu2H8%2F31n34v%2B%2BnyiXMCABzIOc54OyKfz5wtNM9pKgqmdzszFfpaP58NLXMVDz3z0rIIHfSVvPEn1GvU4oqAF5C6WydNqV3%2BxTgM%2Fxo%2BVryseaGFb%2BL33eAuS1%2BXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
818b63b6da70fbda-WAW
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Oct 2023 20:23:06 GMT
style.css
newsblog.pl/wp-content/themes/bam/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/themes/bam/style.css?ver=6.3.2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9884aee2199a880eabea8058c1f9ec32b0e47b2be0334ebc0511129d8150363c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46
cf-polished
origSize=56028
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 30 Jun 2023 19:15:02 GMT
server
cloudflare
etag
W/"649f29b6-dadc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSE%2FuauIysZrjmMEUhmw%2BGtjdP1We8jRVb4lvxSIZVTMCZfkGQ1ZuwZE2iJIDeUQ6wRSBUS76ewrfosh5VwBSI9eAzLsBfCwVQMgvzcGeqUsuP%2BORG5bUG8dcLtdaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
818b63b6da73fbda-WAW
expires
Fri, 20 Oct 2023 07:21:37 GMT
front.min.css
newsblog.pl/wp-content/plugins/cookie-notice/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.11
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 19:15:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
42783
etag
W/"651db9bd-14d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MecRY22JgNh8e1zfz%2BJrCznc3xfFU%2FEliF3LrugXBRyVC9H9DSUy3hXNG6EhPdRO9uW%2Fr15gWGzmWRoOxV%2FMswTjBmkJTkmDMrVKtbbHY9CYbCMBNysyYvlRYff%2BmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
818b63b6da74fbda-WAW
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Oct 2023 19:29:20 GMT
newsblogpl.png
newsblog.pl/wp-content/uploads/2021/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2021/12/newsblogpl.png
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
484f006d04d484d54db0bf460397d76a7e1e2f6d56e388e32661c24b3d14539e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301834
alt-svc
h3=":443"; ma=86400
content-length
8320
last-modified
Thu, 02 Dec 2021 19:52:19 GMT
server
cloudflare
etag
"61a923f3-2080"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcV9pBHZjEE7f3%2BsZuRVZ1sYtJO9RzIwztI3cHLE5VR193B8xOYXZOMYy5pnCXuEPYuhOPCLUaiGUPlWAb4W8ff6UzlPPCOFAX7B8dkRYckr5Rt2ni2g8pt8bUlGcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b6da77fbda-WAW
expires
Wed, 15 Nov 2023 07:31:49 GMT
jak-naprawic-blad-brak-karty-sim-mm-2.jpg
newsblog.pl/wp-content/uploads/2023/10/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/jak-naprawic-blad-brak-karty-sim-mm-2.jpg?v=1697740856
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cb2438e7cd7b7a870e4d8c1266dd7f2d524acaedc92eb685e39e9c357f403a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2019
alt-svc
h3=":443"; ma=86400
content-length
21626
last-modified
Thu, 19 Oct 2023 18:40:59 GMT
server
cloudflare
etag
"6531783b-547a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIDmGdKie0PPRjk7R9z9nbd6%2FLT6NM18eQI6H84FQpxygLzaLm313mNZbPrhzgMsOAhT%2FLQoEvBV7SjK7h3WNJ7ZphGilAQsH3z7RCY%2FbkYkltPvAxBuiD2iZnN0Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b6da75fbda-WAW
expires
Sat, 18 Nov 2023 18:48:44 GMT
co-to-jest-ftdibus-sys-w-systemie-windows-i-dlaczego-wylacza-integralnosc-pamieci.png
newsblog.pl/wp-content/uploads/2023/10/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/co-to-jest-ftdibus-sys-w-systemie-windows-i-dlaczego-wylacza-integralnosc-pamieci.png?v=1697733353
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
231421b3e29f706488b17a32e111a4c898e209f07312df06a4936390d1215e1d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9696
alt-svc
h3=":443"; ma=86400
content-length
6244
last-modified
Thu, 19 Oct 2023 16:35:56 GMT
server
cloudflare
etag
"65315aec-1864"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3K0%2BD2uZsAQzSzuYLqqvflxwiciItVUEpXJDSM4FrnjVaHHsczOEQWtA%2FUob0FWxyAU9KFg9VRBwLQIKz4WAgcLWrYf3OQTck1tJx5WT60jdC7aHU7JKWfbl5lMnrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b71c713506-WAW
expires
Sat, 18 Nov 2023 16:40:47 GMT
13-rozwiazan-do-zarzadzania-praca-umozliwiajacych-synchronizacje-zespolow-890x530.jpg
newsblog.pl/wp-content/uploads/2023/10/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/13-rozwiazan-do-zarzadzania-praca-umozliwiajacych-synchronizacje-zespolow-890x530.jpg?v=1697730651
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c06207800de27e9b60f6f94c65bc8102a41d008ef35893096184d04e4bca7b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11017
alt-svc
h3=":443"; ma=86400
content-length
81650
last-modified
Thu, 19 Oct 2023 15:50:53 GMT
server
cloudflare
etag
"6531505d-13ef2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RlLvLMzoJ6zB4SnHtsDenl%2BhTzNKPVp%2By6g9DOab%2FskQZNRNEqqKk%2FcYDmZhxgS4AgLQgZaYAMP6zEjaxbJBGElBKzL1OqG6MCs8D0C60kRheMTNp%2BlW%2BhXmYcOAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b71c743506-WAW
expires
Sat, 18 Nov 2023 16:18:46 GMT
close.png
newsblog.pl/wp-content/plugins/floating-ads-bottom/images/ 		718 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/plugins/floating-ads-bottom/images/close.png
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301834
alt-svc
h3=":443"; ma=86400
content-length
718
last-modified
Wed, 23 Dec 2020 09:03:58 GMT
server
cloudflare
etag
"5fe307fe-2ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDrZ6DY5BGqGsLdpXZAwmTTfNpfMmaYNlHXIrH7TfqwZLXSDCajCITnB%2BYBmG2pFBtvZkPGpLBC%2Ft4KhdnQ4HBMUWWwU576q27bKS6gB8C16T32K2MDlPWwKe3%2FDUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b71c773506-WAW
expires
Wed, 15 Nov 2023 07:31:49 GMT
style.css
newsblog.pl/wp-content/plugins/wp-auto-affiliate-links/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/plugins/wp-auto-affiliate-links/css/style.css?ver=6.3.2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc63c2cc175ac9c7f9f49e230dfde30409811ac8fa77f3fd081caa397208525a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17
cf-polished
origSize=3192
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 29 Jul 2023 19:15:15 GMT
server
cloudflare
etag
W/"64c56543-c78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3TEFo4rc2e6%2B0krz3o66FI8LXba3XU4H9lD573%2BStV07C0GDTNPVCYu0on6SxbTK2WIFziBnGQCaJKbyca2W%2BMETuDIQ%2BRDnIc5g9bZG1SuWQVqCQmKhiYLMyvEWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
818b63b71c783506-WAW
expires
Fri, 20 Oct 2023 07:22:06 GMT
rocket-loader.min.js
newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2023 11:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652d1f47-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAv7hgc%2Bc%2B7B%2BisqhkllWQe%2BferRBdnFeXseE91aCGLLF65ryZefoA6uiBJ5a2MAHdonmWK5fnTYf9ZMU2P3mFZrXoCYR1Li4SRovaPGxpGIZsZ92M9PPc1FIPC0dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
818b63b71c7b3506-WAW
expires
Sat, 21 Oct 2023 19:22:23 GMT
fa-solid-900.woff2
newsblog.pl/wp-content/themes/bam/assets/fonts/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/themes/bam/assets/fonts/webfonts/fa-solid-900.woff2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/wp-content/themes/bam/assets/fonts/css/all.min.css?ver=5.15.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://newsblog.pl/wp-content/themes/bam/assets/fonts/css/all.min.css?ver=5.15.4
Origin
https://newsblog.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
last-modified
Fri, 30 Jun 2023 19:15:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209
etag
"649f29b6-131bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJG43Ul67cFp2%2Fypgt7uvasO0xQemgOjKX7U9ut9VimfqIPG9K%2FtLyB5cq7AS9G33VZAUFqcXDPffB3XMQTWn0dvUfgYqIRz1h6YioRHCuxsWJ3CCC5Xd62CYiFcDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
818b63b7bd663506-WAW
alt-svc
h3=":443"; ma=86400
content-length
78268
fa-regular-400.woff2
newsblog.pl/wp-content/themes/bam/assets/fonts/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/themes/bam/assets/fonts/webfonts/fa-regular-400.woff2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/wp-content/themes/bam/assets/fonts/css/all.min.css?ver=5.15.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer
https://newsblog.pl/wp-content/themes/bam/assets/fonts/css/all.min.css?ver=5.15.4
Origin
https://newsblog.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
last-modified
Fri, 30 Jun 2023 19:15:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1891
etag
"649f29b6-33a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWKIdZ6zJ3nrlKRIdczRGu3AwWMDYvbq9iOUROV3N5eZ1ZTMNQtN6d4NEdI7le4clPabOuLNDwoiW7UAYjnucFK9ZAsOJohnHFN5wrtmuhoYiLN7U4JQDMJKp4p4Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
818b63b7bd6c3506-WAW
alt-svc
h3=":443"; ma=86400
content-length
13224
czy-warto-kupic-lustro-lululemon-w-2023-roku-890x530.jpg
newsblog.pl/wp-content/uploads/2023/10/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/czy-warto-kupic-lustro-lululemon-w-2023-roku-890x530.jpg?v=1697726150
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
285c029d20ccafe127e629119de97aae44d2beba9f18c33e77b54a5fe280d6f9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15287
alt-svc
h3=":443"; ma=86400
content-length
78504
last-modified
Thu, 19 Oct 2023 14:35:53 GMT
server
cloudflare
etag
"65313ec9-132a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPUrIA%2Bls0jG7AiTg3j0cbtq6%2FZLFAmyoxPZDwuBWOmwqFF0KmmNrSa901UoqG%2BqwWzevliRke02UnnBxu%2FpKY6nHF5HuKrKMZEuhfdje3LpA%2FA2T3v1bDJ1jalXpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b83e2e3506-WAW
expires
Sat, 18 Nov 2023 15:07:36 GMT
voice-over-new-radio-vonr-wyjasnione-w-mniej-niz-5-minut-890x142.png
newsblog.pl/wp-content/uploads/2023/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/voice-over-new-radio-vonr-wyjasnione-w-mniej-niz-5-minut-890x142.png?v=1697720510
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f251e3845ff9732ff88157427adc268544e9c2d510475c578dea91b71dce7a3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18567
alt-svc
h3=":443"; ma=86400
content-length
17237
last-modified
Thu, 19 Oct 2023 13:01:52 GMT
server
cloudflare
etag
"653128c0-4355"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXgy%2FKudr02uWlfRV1xfOE156o4HQX2%2FVVzTV3UflMff2Lqu5a21%2Fkud9sMIg8QndvkpaKy3RdOM8CSSevHcT%2FqJA6%2FPf9Q%2BueDkSYwBpKOid5P6KZ9aIUX5HaTm1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b84e3d3506-WAW
expires
Sat, 18 Nov 2023 14:12:56 GMT
czy-pojazdy-elektryczne-beda-kiedykolwiek-tak-niedrogie-jak-zwykle-samochody.png
newsblog.pl/wp-content/uploads/2023/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/czy-pojazdy-elektryczne-beda-kiedykolwiek-tak-niedrogie-jak-zwykle-samochody.png?v=1697718950
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a724a8b6da1e73d32a3b95a6267dfc95b2bacde30600efba825e3f5d0a32b29c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23621
alt-svc
h3=":443"; ma=86400
content-length
20455
last-modified
Thu, 19 Oct 2023 12:35:52 GMT
server
cloudflare
etag
"653122a8-4fe7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OX1didB24LcFpJzRIsnhmKT1TJnv2QxATt%2FwSydz4Zs1XXeg8Wy77vIkWMpCxigXKW%2BIshIIN6NidbeC8lB7XFiQZR77TdrOcMUyN1b9mKQaZBl8XbAOOw4qxNv6YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b85e6b3506-WAW
expires
Sat, 18 Nov 2023 12:48:42 GMT
strategie-narzedzia-i-najlepsze-praktyki-dla-marketerow-890x530.jpg
newsblog.pl/wp-content/uploads/2023/10/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/strategie-narzedzia-i-najlepsze-praktyki-dla-marketerow-890x530.jpg?v=1697715950
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac04b5f64f341789a941b5cc68e7e7e500fcb52181f2a7d41b77cd0de2745595

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27050
alt-svc
h3=":443"; ma=86400
content-length
63085
last-modified
Thu, 19 Oct 2023 11:45:52 GMT
server
cloudflare
etag
"653116f0-f66d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OplBeuji5RWhVwsy7TDTrwGalxc04%2FPr%2F%2FW6296g0udn6xcBpFFpZnsdJkTFSkuLPUysCqKN3p7RS0cC90tW8T2rVVe%2FBOpJtDnRLGb6nGNWRMRtaO65QkdYq%2Fu%2FBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b86e8c3506-WAW
expires
Sat, 18 Nov 2023 11:51:33 GMT
8-najlepszych-narzedzi-do-migracji-baz-danych-zapewniajacych-plynny-transfer-danych.jpg
newsblog.pl/wp-content/uploads/2023/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/8-najlepszych-narzedzi-do-migracji-baz-danych-zapewniajacych-plynny-transfer-danych.jpg?v=1697714752
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55af3cc22655ef1e5a51d9bf91c50e1ebbff345d1abcc6854fe4f93b0375a3dc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27050
alt-svc
h3=":443"; ma=86400
content-length
20141
last-modified
Thu, 19 Oct 2023 11:26:03 GMT
server
cloudflare
etag
"6531124b-4ead"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rV6UKFHbVJtWo6hUCO%2BxhaW%2BeIr1bMibQ9rJf7Jr4f5C%2FZ9CKUkvSq5wdGB3y07xmJBJjOltQIpaZHro0%2Bwc8SYlexUz6cvpQbIhml0iujkrHJLBA14QSepCq5Hylg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b87e973506-WAW
expires
Sat, 18 Nov 2023 11:51:33 GMT
jak-usunac-podpis-wyslane-z-mojego-iphonea-na-swoim-iphonie-890x530.jpg
newsblog.pl/wp-content/uploads/2023/10/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/jak-usunac-podpis-wyslane-z-mojego-iphonea-na-swoim-iphonie-890x530.jpg?v=1697711451
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a169acafc13872aa37ae4c6cded9de814b40d8023af37f9fd61fc9ea5d4fdf0d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30797
alt-svc
h3=":443"; ma=86400
content-length
44562
last-modified
Thu, 19 Oct 2023 10:30:52 GMT
server
cloudflare
etag
"6531055c-ae12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qTzMtrxvGnLOsDtvVPgrkZX2Wc%2FclzU7qbYdbdwfl1gZcSiaEacjRzMyZVwbYPp2S77MReghqkQqiq996DWHdqKw0xEXjRq0uA3FQX395jYT3TjxTC9l7OSWp%2Bx%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b87e983506-WAW
expires
Sat, 18 Nov 2023 10:49:06 GMT
czy-to-najlepsza-platforma-do-nauki-online.webp
newsblog.pl/wp-content/uploads/2023/10/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/czy-to-najlepsza-platforma-do-nauki-online.webp
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2cf102d89eabc17a09cad04dcd8cacc8b801b42e88b43d56022f0df43ab86e1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
last-modified
Thu, 19 Oct 2023 08:55:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1578
etag
"6530ef19-9ce6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eo%2B3jVQ9IQfdeH1yvW5Js2PWI6U%2FpzGyqi4%2FtAKxr%2F0F2CCCB9EcKKe3nSfOpAd%2B%2BelbTT5bi0YU5qlL38f%2Bq1yGo4d8VLkw17Lv%2FAciRzgwYNJaOGrgPm3IClV%2Bhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
818b63b87e9b3506-WAW
alt-svc
h3=":443"; ma=86400
content-length
40166
jak-wyswietlic-swoje-stare-listy-odtwarzania-spakowane-w-spotify-890x530.jpg
newsblog.pl/wp-content/uploads/2023/10/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/jak-wyswietlic-swoje-stare-listy-odtwarzania-spakowane-w-spotify-890x530.jpg?v=1697704250
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4884d0e626b5cc19230a7299d9c4cd78a961211b7e7a70563f00fc95e69e788b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38196
alt-svc
h3=":443"; ma=86400
content-length
62483
last-modified
Thu, 19 Oct 2023 08:30:52 GMT
server
cloudflare
etag
"6530e93c-f413"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxsUqf4fY%2BFIabAqGEzlmz7ry%2FaQtxR9uyrX%2FShqAxZKZJsdMbasSr9wpmVFw51Z29hVIqgqtVhE%2BQx%2Fx5cd12Ei2j69GanEd6b0lmHa%2Bd8ShwzeSmYDMi0lCJFhyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b87e9c3506-WAW
expires
Sat, 18 Nov 2023 08:45:47 GMT
jak-napisac-rekomendacje-na-linkedin-i-zbudowac-swoja-reputacje-w-internecie.png
newsblog.pl/wp-content/uploads/2023/10/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/jak-napisac-rekomendacje-na-linkedin-i-zbudowac-swoja-reputacje-w-internecie.png?v=1697702751
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12b2877e96785c91d676fd954c8d63f9970606bb72783f146d69628002bb14c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39386
alt-svc
h3=":443"; ma=86400
content-length
54659
last-modified
Thu, 19 Oct 2023 08:05:56 GMT
server
cloudflare
etag
"6530e364-d583"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XH5C7juxGntl6xmiT1iMHH9xWfYOMvxa1YZzhxSertPHkKYzYZp%2BYjIm7BN8t7bAD3Tagh5qBrfkN2ro%2FSby1TlcRFOFKAVt4uSM6W5ZisP4jr6l20ih28SShkjcFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b87e9d3506-WAW
expires
Sat, 18 Nov 2023 08:25:57 GMT
jak-podejsc-do-przejscia-ze-scruma-do-safe.jpg
newsblog.pl/wp-content/uploads/2023/10/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/jak-podejsc-do-przejscia-ze-scruma-do-safe.jpg?v=1697701549
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27eaf8fae9fe065ba6fec8cd8ee5dcb732c564f6b1613037241c4778ed29dc19

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41709
alt-svc
h3=":443"; ma=86400
content-length
44442
last-modified
Thu, 19 Oct 2023 07:46:04 GMT
server
cloudflare
etag
"6530debc-ad9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojKmT80sP5W5KkZ7%2BcD54DkaZkGgDH9qcbAdWwVJiweE18fCn0APISOv0SPvCFh0yjusXJav1GVwP2coHQMKbLKv12KTImZdj4j7ZnzjjOKpnHpAuIdLFXfKQuMLAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b87e9e3506-WAW
expires
Sat, 18 Nov 2023 07:47:14 GMT
droga-do-eleganckiego-tekstu-responsywnego.jpg
newsblog.pl/wp-content/uploads/2023/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsblog.pl/wp-content/uploads/2023/10/droga-do-eleganckiego-tekstu-responsywnego.jpg?v=1697697049
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e16a97e2de08a13ca6c27ac18df101d20acbd6a79a6554da6f892830e6be75a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44737
alt-svc
h3=":443"; ma=86400
content-length
22092
last-modified
Thu, 19 Oct 2023 06:30:51 GMT
server
cloudflare
etag
"6530cd1b-564c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRhiqpNoJ%2FEGKlXHa%2BZ6qlfVIXSYzg%2BUbUg0JyQPBOn%2Fwe6ranHkeUdBMOt6p16A0L12XhjcT%2Fotb8C86tL8OQBgicg6meqXTWiNrVTtN0vdwDXWj%2FfOuHgGpat4DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
818b63b87e9f3506-WAW
expires
Sat, 18 Nov 2023 06:56:46 GMT
skip-link-focus-fix.js
newsblog.pl/wp-content/themes/bam/assets/js/ 		426 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/themes/bam/assets/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40511
cf-polished
origSize=685
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 30 Jun 2023 19:15:02 GMT
server
cloudflare
etag
W/"649f29b6-2ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ5OSTa4lTyw83GY1GE04J6KyjiTcDtjrPncNZNiIeChCiiRGGQaqtAlT8iIu8PmAM4vyQ3jtXYJ%2B%2BUCUrFn5SmGegv%2B96RMcnWB7KY9Hh5AfK4RjTimA%2FBgkAu%2BDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
818b63b92fba3506-WAW
expires
Thu, 19 Oct 2023 20:07:12 GMT
main.js
newsblog.pl/wp-content/themes/bam/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/themes/bam/assets/js/main.js?ver=6.3.2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bde6f2598d0878bdd05bd3a8a7d7b2a74a53198ba98071f6dd90806fe2365a3a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46
cf-polished
origSize=6749
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 30 Jun 2023 19:15:02 GMT
server
cloudflare
etag
W/"649f29b6-1a5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kogNwdoo7X9IyGwnDSX3VF5PpYL39eL76WZrRvO6NLKU06Nm%2BEXEs%2FVXs8gjdXp8OSXR4fVBRudS6CTAdlIUE9rMU4xwbHqqL%2F5ht%2FFkkwCThYdBKnDlf7xIiaZVhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
818b63b92fbc3506-WAW
expires
Fri, 20 Oct 2023 07:21:37 GMT
front.js
newsblog.pl/wp-content/plugins/wpreactions-pro/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/plugins/wpreactions-pro/assets/js/front.js?v=2.6.82&ver=6.3.2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fd85855f901dbedc50daf4fa500c5c4d177517d9f8040cfd60c368e8efcee6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46
cf-polished
origSize=21813
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 04 Mar 2022 18:34:33 GMT
server
cloudflare
etag
W/"62225bb9-5535"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MhSwZ2zCk7WJQAM8D6kyO%2BuNY7H%2BZ1lzfu9xFjBkfgTBiMAh%2BdCVhAqavINacOkj5U8bO0afJPDjai%2BKT30asJersEl6Ga2H7ugOktAoTLXMOWKjX6GnoxaTuChIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
818b63b92fbd3506-WAW
expires
Fri, 20 Oct 2023 07:21:37 GMT
lottie.min.js
newsblog.pl/wp-content/plugins/wpreactions-pro/assets/vendor/lottie/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/plugins/wpreactions-pro/assets/vendor/lottie/lottie.min.js?v=2.6.82&ver=6.3.2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bccdb9d5ae278996857f388e8a088a552af3f9b961b1a89e7dfd9ef0fcc8400

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 Mar 2022 18:34:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46
etag
W/"62225bb9-3ccf9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qd1Z32Vj7RBLp2xklE2njd2dSfHT1lWu83tph%2F9IEm%2B%2BMDrNoRrQd%2FBvwGRcpbxC%2BnTBXdmXkt7H9qc2j3e%2B3dJi37Sujq6ZTrY5KQnFYFJ9eiTDqJ%2BQ0uAcSkwzYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
818b63b92fc03506-WAW
alt-svc
h3=":443"; ma=86400
expires
Fri, 20 Oct 2023 07:21:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e111108c22cfabd436103523388eca3345c36df7c1eb67289a07ba0574bbcb33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51504
x-xss-protection
0
server
cafe
etag
906128603304121055
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:22:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8477418410368926
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
41f97c67a1b415041ae228959caecc77dcd757a3178c3175691a480baed717a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsblog.pl/
Origin
https://newsblog.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51488
x-xss-protection
0
server
cafe
etag
12041905136686456857
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:22:23 GMT
ps.js
js.streampsh.top/ps/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.streampsh.top/ps/ps.js?id=DbQP4jqYt0Wyjh2ZRwj9LQ
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fde89ed4dbb4eb9044becd9ccd514d9c1ce02e8cdf903bd9e607fe0682c3f22b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxK%2B%2BLkNv4%2FoZ2Xn0THvP%2B9Wjvay9Ix2P%2FAfJLBxAZYHGH%2FC0676SCSNccPW9p1KMpg47zNBEipODtey04T17pUqfKQ%2FyAAdvlNEDEHpR1UnP%2B%2BY25bsRxjxfGA979i9TX39"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
818b63b9bf0935d0-WAW
alt-svc
h3=":443"; ma=86400
front.min.js
newsblog.pl/wp-content/plugins/cookie-notice/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.11
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 19:15:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
42782
etag
W/"651db9bd-21fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FumRPtDX%2BfmLuC5cIPpPpKZTYm1JZCXysM9ZKce1bOpJMwDvVJctchLSch%2BOHnsjqPADCJz9ZBDiUkKBSQutRfIKGxiQeFUy%2FdQxPMWWp7NRpcRpyVDiqzhvhp3FEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
818b63b92fc13506-WAW
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Oct 2023 19:29:21 GMT
jquery-migrate.min.js
newsblog.pl/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Aug 2023 07:15:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40512
etag
W/"64d33cfc-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zA6z0lU1%2F%2FF25%2BeA5vlVOorGP%2B6aMeoZRN7zoQ7BWMaAXzTQxlkJ4r2iz33E0nDkud3AHPb9p9pkmx5KXMkOFTT1k5ortEYGENLfoT1pbjClK6fPjT8zlcVtip5Bjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
818b63b92fc33506-WAW
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Oct 2023 20:07:11 GMT
jquery.min.js
newsblog.pl/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Aug 2023 07:15:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40512
etag
W/"64d33cfc-155ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS5G0y3DzZ%2FhVxgLtmOM9GKJ7Miq2cgQ6kRD3HkPDBnnhEURqK3w09sXAGJMqmvMif9FLl5XhPtZrj7HXF7GUJa6VLkhL8uMP1xY3w3SQGX%2F1OmY7c%2F7kVlfdY%2BX2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
818b63b92fc43506-WAW
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Oct 2023 20:07:11 GMT
0ad0266b-c4e2-4a81-8b4f-672611e50b95
https://newsblog.pl/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://newsblog.pl/0ad0266b-c4e2-4a81-8b4f-672611e50b95
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
config.js
nxt-psh.com/ps/ 		366 B
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nxt-psh.com/ps/config.js?id=DbQP4jqYt0Wyjh2ZRwj9LQ
Requested by
Host: js.streampsh.top
URL: https://js.streampsh.top/ps/ps.js?id=DbQP4jqYt0Wyjh2ZRwj9LQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.194.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28191615ad584e701c9eea9dd088d8812f9750ada00eb4e770aa75932a75cbe1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyH%2BuknS6VHLq1JcZzWQhokik6IfZCXZhdBCFeiTeRxSN42lYQkrw8rNC6wykiLmSMzzYpJ%2FEESRVFc9PNzGdWtNISql18DhMXAsQCuMxZ20x8ix5Xyz9cpmyLCwrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
818b63babcbd34fd-WAW
alt-svc
h3=":443"; ma=86400
tag.js
mc.yandex.ru/metrika/ 		199 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
4d4945def0503ff7eeba273247516447a41ba4d0dc21993d7f681a6635ec8c7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Oct 2023 14:14:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"652fe83f-1116c"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
69996
expires
Thu, 19 Oct 2023 20:22:23 GMT
wp-emoji-release.min.js
newsblog.pl/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsblog.pl/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.66.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 20:15:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
43111
etag
W/"64249c7d-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMGBklmX8qZhxeVG8dVgBH0FdSDtKkOwzd2imR8tl54kjM98nbvIoXt%2BWx8cTqnApqmO9M3evEh95rmE6kMH%2FYeyT3Ok0%2FoZID792pBTVAtoRSOdlqwN2jC2nFP45w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
818b63ba59d33506-WAW
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Oct 2023 19:23:52 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8477418410368926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d002d18330c9ef9a8b829c1aefa1fb3366e89f3bf5ca3da0d1c956f85b68cb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137110
x-xss-protection
0
server
cafe
etag
13760890690662502486
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:22:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 41A8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8477418410368926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsblog.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
4747
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 18:03:16 GMT
etag
2603938475786422795
expires
Thu, 02 Nov 2023 18:03:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
firebase-app.js
www.gstatic.com/firebasejs/8.4.1/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.4.1/firebase-app.js
Requested by
Host: js.streampsh.top
URL: https://js.streampsh.top/ps/ps.js?id=DbQP4jqYt0Wyjh2ZRwj9LQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6763
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 06:56:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 01:40:02 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.4.1/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
Requested by
Host: js.streampsh.top
URL: https://js.streampsh.top/ps/ps.js?id=DbQP4jqYt0Wyjh2ZRwj9LQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 23:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
418235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10908
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 06:56:17 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Oct 2024 23:11:49 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=newsblog.pl&callback=_gfp_s_&client=ca-pub-8477418410368926
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
78e6b67e1bf0a4ac43c67d860377b33383cd3464096e154f6a488505b6950e5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0DA2 		387 KB
84 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&adk=1812271804&adf=3025194257&lmt=1697736144&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnewsblog.pl%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343802&bpp=8&bdt=649&idt=298&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3758523756016&frm=20&pv=2&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=366
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
041a1e6b7cb87b0e41ab9807dfc3deaca0b04845bd8936d6ce4ceafc399bbadb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsblog.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
85934
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:22:24 GMT
expires
Thu, 19 Oct 2023 19:22:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=floating_ads_bottom_textcss_container&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
5efda6e77d707f1cd68380ebe8a0fc569df42eb60ebc890544f0f69165823c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12152
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D696 		112 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&slotname=2282450815&adk=40390786&adf=3094035350&pi=t.ma~as.2282450815&w=490&fwrn=4&fwrnh=100&lmt=1697736144&rafmt=1&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343810&bpp=2&bdt=656&idt=371&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9W43jTYYy9&p=https%3A//newsblog.pl&dtd=381
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2f73beaee05c349a08b7592376d8e5c285362c3a59d277d771fd68cd2d7e3949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsblog.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45272
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:22:24 GMT
expires
Thu, 19 Oct 2023 19:22:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A9BC 		137 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d700b0cb40cd4aabd91502d7ecc53596d59019a1bb7bd9861e6deffe510c9e3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsblog.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44287
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:22:25 GMT
expires
Thu, 19 Oct 2023 19:22:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10161.mWrb1xzkk0fm-GjubeSuaaw5eXaxOYdQustY4h00NlFHNG3_JQtduVlNMUA4V2KE.6SPthPKxbsRpLZyYdh1xGpoDYF0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10161.j32bC32ODUCxLhk8Md4KmtBeCzknQv_x4HXkMB4lS77hMQ_1rIP9emB5DH-tmdu46Zl3QoYQTaIE7pbhji7ljEb6PNcbuwk6DL4q3ZWTAuPb2HGfwcX1a-jxro9KVAXmbx1LM-pU9N...
43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10161.j32bC32ODUCxLhk8Md4KmtBeCzknQv_x4HXkMB4lS77hMQ_1rIP9emB5DH-tmdu46Zl3QoYQTaIE7pbhji7ljEb6PNcbuwk6DL4q3ZWTAuPb2HGfwcX1a-jxro9KVAXmbx1LM-pU9NoQBhIIXsS8O3-BqRHvTQIXUJ520mHkmPr_wrw8rMf0Nx7mmV-4kt-JRJdm89wAIasM1JDCGJYOrCwcjzo5YWdlPD_V9W9gUDI%2C.4vuyj_G9qKWgP9S8js78LDZFZlA%2C
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:24 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10161.j32bC32ODUCxLhk8Md4KmtBeCzknQv_x4HXkMB4lS77hMQ_1rIP9emB5DH-tmdu46Zl3QoYQTaIE7pbhji7ljEb6PNcbuwk6DL4q3ZWTAuPb2HGfwcX1a-jxro9KVAXmbx1LM-pU9NoQBhIIXsS8O3-BqRHvTQIXUJ520mHkmPr_wrw8rMf0Nx7mmV-4kt-JRJdm89wAIasM1JDCGJYOrCwcjzo5YWdlPD_V9W9gUDI%2C.4vuyj_G9qKWgP9S8js78LDZFZlA%2C
date
Thu, 19 Oct 2023 19:22:24 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Oct 2023 14:14:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"652fe83f-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 19 Oct 2023 20:22:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 19:22:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4FDE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsblog.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
25608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 12:15:36 GMT
expires
Fri, 18 Oct 2024 12:15:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1A8E 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f4.1e100.net
Software
GSE /
Resource Hash
9abf925c254914514bc99708340162dc29286ef9938622914ed3584638a95466
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YDI7qG8YdgB1YPZN9ySGMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsblog.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YDI7qG8YdgB1YPZN9ySGMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:22:24 GMT
expires
Thu, 19 Oct 2023 19:22:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 4FDE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
36144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Oct 2024 09:20:00 GMT
1
mc.yandex.com/watch/52665877/
Redirect Chain
  • https://mc.yandex.com/watch/52665877?wmode=7&page-url=https%3A%2F%2Fnewsblog.pl%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1777%3Afu%3A0%3Aen%3Autf-8%...
  • https://mc.yandex.com/watch/52665877/1?wmode=7&page-url=https%3A%2F%2Fnewsblog.pl%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1777%3Afu%3A0%3Aen%3Autf-...
439 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/52665877/1?wmode=7&page-url=https%3A%2F%2Fnewsblog.pl%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1140%3Acn%3A1%3Adp%3A0%3Als%3A558048125436%3Ahid%3A453456672%3Az%3A120%3Ai%3A20231019212224%3Aet%3A1697743344%3Ac%3A1%3Arn%3A865246543%3Arqn%3A1%3Au%3A1697743344670733575%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C1345%2C39%2C91%2C0%2C%2C324%2C0%2C1879%2C1879%2C25%2C1878%3Aco%3A0%3Acpf%3A1%3Ans%3A1697743341644%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697743345%3At%3Anewsblog.pl%20%E2%80%93%20Nowo%C5%9Bci%20ze%20%C5%9Bwiata%20IT%2FRecenzje%2FPorady%2FWywiady&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8416e74d3e21b201d0cf74b83f9befe353bcb3d4726a49dadbd4ebd5a1ae8a89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 19-Oct-2023 19:22:24 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsblog.pl
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Thu, 19-Oct-2023 19:22:24 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:24 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 19-Oct-2023 19:22:24 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/52665877/1?wmode=7&page-url=https%3A%2F%2Fnewsblog.pl%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1140%3Acn%3A1%3Adp%3A0%3Als%3A558048125436%3Ahid%3A453456672%3Az%3A120%3Ai%3A20231019212224%3Aet%3A1697743344%3Ac%3A1%3Arn%3A865246543%3Arqn%3A1%3Au%3A1697743344670733575%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C1345%2C39%2C91%2C0%2C%2C324%2C0%2C1879%2C1879%2C25%2C1878%3Aco%3A0%3Acpf%3A1%3Ans%3A1697743341644%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697743345%3At%3Anewsblog.pl%20%E2%80%93%20Nowo%C5%9Bci%20ze%20%C5%9Bwiata%20IT%2FRecenzje%2FPorady%2FWywiady&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://newsblog.pl
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 19-Oct-2023 19:22:24 GMT
generate_204
tpc.googlesyndication.com/ Frame 4FDE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?m_sxmA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
css
fonts.googleapis.com/ Frame A9BC 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:42:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:22:25 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame A9BC 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame A9BC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame A9BC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame A9BC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A9BC 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:22:25 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame A9BC 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:16:14 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2B7F 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARi0jaH1ATAB&v=APEucNXu0dVOoJsjQniOVUyxRLn49h0lDlR54dlD_eNqLNpVZyWGMasl53ExPIQ59EAcqbZI7c_SSh-hWMvfWPl0iV3wTfjbfYFoqAtG6huhhM9tNWo59KaB7TS3_yd6GWEYGrhPaorA7tAxlOkSmhj4cY4eIAbK8yE3B0cRHR8rAAJKP8kv_0w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&slotname=2282450815&adk=40390786&adf=3094035350&pi=t.ma~as.2282450815&w=490&fwrn=4&fwrnh=100&lmt=1697736144&rafmt=1&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343810&bpp=2&bdt=656&idt=371&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9W43jTYYy9&p=https%3A//newsblog.pl&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&slotname=2282450815&adk=40390786&adf=3094035350&pi=t.ma~as.2282450815&w=490&fwrn=4&fwrnh=100&lmt=1697736144&rafmt=1&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343810&bpp=2&bdt=656&idt=371&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9W43jTYYy9&p=https%3A//newsblog.pl&dtd=381
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:22:25 GMT
expires
Thu, 19 Oct 2023 19:22:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3A1E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 20:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 20:02:15 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 3A1E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:04:41 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 3A1E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:04:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3A1E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
97228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 16:21:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 3A1E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&slotname=2282450815&adk=40390786&adf=3094035350&pi=t.ma~as.2282450815&w=490&fwrn=4&fwrnh=100&lmt=1697736144&rafmt=1&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343810&bpp=2&bdt=656&idt=371&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9W43jTYYy9&p=https%3A//newsblog.pl&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 3A1E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&slotname=2282450815&adk=40390786&adf=3094035350&pi=t.ma~as.2282450815&w=490&fwrn=4&fwrnh=100&lmt=1697736144&rafmt=1&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343810&bpp=2&bdt=656&idt=371&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9W43jTYYy9&p=https%3A//newsblog.pl&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A1E 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&slotname=2282450815&adk=40390786&adf=3094035350&pi=t.ma~as.2282450815&w=490&fwrn=4&fwrnh=100&lmt=1697736144&rafmt=1&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343810&bpp=2&bdt=656&idt=371&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9W43jTYYy9&p=https%3A//newsblog.pl&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:22:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A1E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSCKhmYqXMYf50y735QGWft7DgD5xZnY_jskSLvgZSNHQuWeCLJZivBtFSB0FmnBdGNYKgj7fSgHfz-SWXI2c4g3xBtCtKJGIS592qMV-gMyJArX0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&slotname=2282450815&adk=40390786&adf=3094035350&pi=t.ma~as.2282450815&w=490&fwrn=4&fwrnh=100&lmt=1697736144&rafmt=1&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343810&bpp=2&bdt=656&idt=371&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9W43jTYYy9&p=https%3A//newsblog.pl&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1A8E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=3193503963006260&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 		158 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/reactive_library_fy2021.js?bust=31078916
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
57d4ea46f56cdb09ee5c6d97830314e3f49979f55374eb046875f4a19e7c3f5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55129
x-xss-protection
0
server
cafe
etag
16678084745173018260
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:22:25 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A9BC 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS00zxj47JY48B9wqmFSKlAhjTj7BtPouv0h2WLD84NVqi8__qMrqHoc4SE0s8&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
04e07b0b81b12fa8de1fac21b87a28d5f314a51e79b43ce1f7f58824912e089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 03:15:04 GMT
x-content-type-options
nosniff
age
58041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33217
x-xss-protection
0
last-modified
Sat, 12 Nov 2022 13:59:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 18 Oct 2024 03:15:04 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A9BC 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ4E56JGRUFCJehek8RY7YT0fqx5mr9JlFtI8xm7lYCojOME3BlCH1XkpLxUA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
d45a9318be3e2c2a4c5c6490f0f513307d8728b5cad41f002f4950f58c724035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 17:50:04 GMT
x-content-type-options
nosniff
age
178341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22457
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 01:38:54 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 16 Oct 2024 17:50:04 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame A9BC 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT-RHNaVaexxybCza_EVAy1Kqd3WZbS39WJ_8xRfdCK6M0QOvd_jg9qgrI3W7M&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
14b9d08d33adf53f11533be80f80b804e6fbf4d0f5d5317468e63ef0b9a917b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 10:07:15 GMT
x-content-type-options
nosniff
age
378910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27476
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 17:12:06 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 14 Oct 2024 10:07:15 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame A9BC 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTMnvWQUpRlm7_Q-b9Vy8fhrsCbI3whXahq55kSwT2sg6V6sCtn&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
sffe /
Resource Hash
3bd62df1ca32ea464412aff15d9cde043377a23bbe9a3f1c2dc456348c0f6de2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 08:05:56 GMT
x-content-type-options
nosniff
age
472589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8616
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 13:32:23 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 13 Oct 2024 08:05:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 2B7F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARi0jaH1ATAB&v=APEucNXu0dVOoJsjQniOVUyxRLn49h0lDlR54dlD_eNqLNpVZyWGMasl53ExPIQ59EAcqbZI7c_SSh-hWMvfWPl0iV3wTfjbfYFoqAtG6huhhM9tNWo59KaB7TS3_yd6GWEYGrhPaorA7tAxlOkSmhj4cY4eIAbK8yE3B0cRHR8rAAJKP8kv_0w
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qnv1e8PJOeofN77tc56H5ZS402k3rvXdraZWtqQyZj11z8T2yRtVSEClMs8IFnPZG7kfHQ5jRlVBNsIP%2BkDUykytFVSeDwk%2Bv%2Bn6PecUl2Tkh9UGw38%2FRCVbLazLR5rbjsxy5JeQIP5DPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818b63c54e62349e-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2B7F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGB8dKQIPcdWtV42XieDgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARi0jaH1ATAB&v=APEucNXu0dVOoJsjQniOVUyxRLn49h0lDlR54dlD_eNqLNpVZyWGMasl53ExPIQ59EAcqbZI7c_SSh-hWMvfWPl0iV3wTfjbfYFoqAtG6huhhM9tNWo59KaB7TS3_yd6GWEYGrhPaorA7tAxlOkSmhj4cY4eIAbK8yE3B0cRHR8rAAJKP8kv_0w
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoB9FooR5y2TaTzfRL0n3uJGsKH4XsufP9qYkfEKB1Gn7kkGA2CftARNVKUjb9JT1FdmWqNXg0Q0lGBd1h3QRlgdDNrF35XYD2se4jQ%2BIS5UTB6oFgRL9x%2BGblc60P%2BifpIDDc8d9KBGEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818b63c66e6134da-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 2B7F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOTAJHIirXLPMKYgFrb66Kw&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOTAJHIirXLPMKYgFrb66Kw%26google_cver%3D1
43 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOTAJHIirXLPMKYgFrb66Kw%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARi0jaH1ATAB&v=APEucNXu0dVOoJsjQniOVUyxRLn49h0lDlR54dlD_eNqLNpVZyWGMasl53ExPIQ59EAcqbZI7c_SSh-hWMvfWPl0iV3wTfjbfYFoqAtG6huhhM9tNWo59KaB7TS3_yd6GWEYGrhPaorA7tAxlOkSmhj4cY4eIAbK8yE3B0cRHR8rAAJKP8kv_0w
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:25 GMT
an-x-request-uuid
061fe53f-40a9-469e-b75c-7ebbcfa0cdc7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.67.86.88; 176.67.86.88; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:25 GMT
an-x-request-uuid
8357d217-542f-4481-b61f-70c01cfac357
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOTAJHIirXLPMKYgFrb66Kw%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
176.67.86.88; 176.67.86.88; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B7F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MzA3NDYxMTY2NjU3OTkxNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MzA3NDYxMTY2NjU3OTkxNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARi0jaH1ATAB&v=APEucNXu0dVOoJsjQniOVUyxRLn49h0lDlR54dlD_eNqLNpVZyWGMasl53ExPIQ59EAcqbZI7c_SSh-hWMvfWPl0iV3wTfjbfYFoqAtG6huhhM9tNWo59KaB7TS3_yd6GWEYGrhPaorA7tAxlOkSmhj4cY4eIAbK8yE3B0cRHR8rAAJKP8kv_0w
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:25 GMT
an-x-request-uuid
d2bfcbad-132b-43f0-b380-aabe5348e0ab
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MzA3NDYxMTY2NjU3OTkxNA%3D%3D
x-proxy-origin
176.67.86.88; 176.67.86.88; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 88DD 		114 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
682041fd00a54d208bf9738426d26f913827fb09281ea8d972d175a251bc9859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsblog.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46927
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:22:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=3193503963006260&bg=!t7SltPvNAAbFpEfJ5aQ7ADQBe5WfOOCLoUvDfipn9Ba_UB6KogVyZBDHdE3HdkIhoqf9_j-MFxPSUd9JEd8g-R48056UAgAAAFJSAAAAB2gBB5kC6Mc-fHFPQ9xVXFfxvSQUbEY3FCD9A9bq9uNwMU2w9vEKEm0SpM90OLZCztcmmLp8XsFFUKVURNfimR4Ag8gCiH1aaqwDhOhrmLoQYXVfZSk7eQREDmoln4Z8wrnQpb-oFH2sfa5PPleZ5lKKKKL-Ir710IKt9XH_-tfQecfHKcck3ke97Rg8rm326Dn6LeAkHQza3tVVciYWLWhsM4WmM9M25kPqpzFWDC09Z_uHqa3seHPgMHAo05jMTUJj1BLLFlYUmTb2nlE8P7PwNmAbq6IXlw_CQ4sOcpyuPN3iJmWBwzksCYeDUIfExNocq_3C5I-TJK1tvn8VA2N0jcZ93X7TL11GVaW3YSRDEZEujtZb5AWGcW2IVnyODEVy3QHm14eLWBZluuSt1kXe20LvQKtizF1yt9LhyLWJbU0Apy8qpPMR8TA-aSSfGrXlnXglhAsSOBpd0AEoTqukrZ97V1zRAbjOBtthbPimzPTNgCORuCZyWbb1Tg2d7yrJjRNUs1tbLrYzOlS8IU3W499fYRyBvP88_7LvYoGwRmwHv51TyHeEuxEJeCkspFvXnxJryldw3TnTPhAUiU32_lBkqs0PeogrKoPmd3OgTOtrBBcYainvgr_FkNi6I_kYrEwrmBpt5EySlJ-J88BM-hFsOmbtuf6XVVhTFEQ9f1vjC-OeYRDmDQdRIpxZR6px8zwtOc5rJTSE45eBJGdfjEjaZU6EZY2N7So_ljDLZJU0nCzrH5DxzZmVEV3PJzZt4aCrkv46Wg7tk-omS6qMdC8sfJ0s4hjdoXSUJEYC79n53Ub710LVLbmrqt16bkR_gGCmE4ICIqIZnNrnXJAFXIWGlCzKQq9C5VK6XpKhShRFeyGv_GM6xC0ZdotwzV73PPxhlMJRV-YfJ2DMUwBsW9_QQPsyjuFxowtxh74E7y03bIxocF8g4H3fvxhHQGVjnBCq6C1scfE44TQIhEVfZEYK6OZXYVkove6cVQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://newsblog.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
truncated
/ Frame 3A1E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
722f6d7af8aff3a53c3b9876977906cf0e0e288eafd067c0a24c0ccbdd93c0c6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A9BC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ed5cad1bd9d0e372e3ca4763e25d1cae439c7bdf1245dee7c1a7bb23e7a675

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B4A2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
97227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 16:21:58 GMT
expires
Thu, 17 Oct 2024 16:21:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
655dd7e2938c91fbeaa74bb53faf93b42588df3291de5f0410c261dac92fc37c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
294226
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2062
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 09:38:39 GMT
expires
Tue, 15 Oct 2024 09:38:39 GMT
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3A1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv482luZ792S7szTcUsFHjddr7iBqK4CvX4ZIpJF__stf4Y-0DhU52slaIUI21sLkzQ877V73ZFzrtfrQyV9bQUD5jGQEhh_iT_o4nMByRspcZAF2fE4Bs8A4ic5cfZZTAiZYKCCmneffQFj1oYvA0bV-qZkA_wZnd4-E5Y2A-Rp5mFlgJyr7P7pA5oQM2xMBCCzKyPONpT1baQCoEg2FyOZy0Aq-qSAXpbWzNHb3KQlLsMzV1T4dM-pvBJgCsIUfjeObCxKFtXD0KjLqSPKg_jHD7DvLAQLh839lT8S34mBlmAjR81gfrj8Aaqjq1aqhkatnzRsNIpj_rlSCzvQPqsgVwO9-s-L0Fkd4e9zoUbtepsTWXyUCyLdwctLJ-oFR0DhhVhH-2NmoQzWbpIydgPbRS2s8y9-bbfFcUS2FdfS9ZCkaWb47rTg_pz6IUpd99FkjIh_iIY9RX1l65Uhd0NgJSmzNSY5upe7tWL9xu1hmsoPcn5swCoFZDDWFOJELx9qB8n3C98aZyj-XBcToi5ZxRtSH-EPnNoKan2yZugtjRyTdFQpXoNsYmYKaHLif5IVxmJ2pDFKesYNMecFR1fW1wEXFieS6KIC_K6K9W0C_qmG2Xqr-IjzHnlfeAGOmzjItWgc_Kyi-0bp7-lshFTyYnGoWrrfVsD32wxbDC32MbSFrbGhYuiNtI0b_yt1o0ThHKy8Oqsx-4nbakwZ7-UzhuOm3Ze4L5cjOqyONoL0d2xvuDroMs6YDT1V17sQrwc7KJasejwV6Ye-TEAwYB6mF7YN40yTPYqhxpjND3EUzRP8DpHQfpA9Z1wQ73JwUs9_l43rrLmIsQtD_LQTD0FtI7YlngLg6q7jRuXbAIPQG19mhrTlbv2TWMqPvIu8zX8u5PrOS5QBcqhxuGc008NFAUdwMAAAeOdSy-dX1bX3A8X0l2rGbdQqxIHpD2Kut0bIDvEhkrdLHy3j4_uiBhdwaQ7p-wsWEGMknKQ2hGj-L8kA810EoQB_3SUNCvor82AlaZ3jvNwMfJYd7OiaVDwu_o23eJbLm0UfUflbJfTwSFNK7gQCDa9J09hTWTyZx0nCSgRhDhVQpUasntru1m4X1M4d1Vzy78uMNYVGtfXSQw4sVuM71moDgQPSMaY70CP1eNn_uwGQtdK4TQqRGcciu7d1_W0bT148Mg5wjX3FTF7IgtHc6rY0hIXbqAZR7c17rAvnsGBQnyDKjcYKEfBkYMJucyARWltKUdGyBuz4LyAJ271oD0Docb-u--HjoF00iCYjVS_QJZ2_h9o-dQEiF9KArs4cUmqGeeJvS-ejkYIBNxOeYE&sai=AMfl-YTG47yzbJFKzX4yLOYR6jwfTR1raHc8C9wam5256Be6DtJjq5az1A9JE83SOGg3td4r86NUDsemceTNBqTEshQ5pX2BrCcD1mWyBd05X-TTWBO2YHmAOtLgEp10Kp39h0sgE9zR07U4jwmXwnTAK92iUUpb5Z60VuR227MgOl4zMAKE9VsSsSb0yxca4MR48JVljNeJPnpsGrt3WazwLUWxloEe8JEO8B3IUSXRJDeX8WevT9EEci4F0sNyg8nhXCkRrQr0HpPNJXD5TwAkUqh4L_RToWs5rqzRZxCIdJn-kwLajj-EwqsU1NUJMFFZ_0HY6T3bLS7aWHRukxO_rHuOpPqarDrlTv3kWyym6GsNGm8aQWdk3jro6p-fZruBVjcUbSzaGEwjiwjz8cmOcnnZIdIwg7T14s3lzvVM8cmDvU7G4dddsfmF8qVrPq7T94na4KJ4H5Qn8Oh5k0ouNkSIzyw6nVq1I2DzmxVa&sig=Cg0ArKJSzCULR2e-gbcREAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=435&cbvp=1&cstd=424&cisv=r20231017.76966&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 19:22:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 0773 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsblog.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
30224
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 10:58:41 GMT
etag
2603938475786422795
expires
Thu, 02 Nov 2023 10:58:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame D45F 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8477418410368926&plah=newsblog.pl&bust=31078916
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsblog.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
30224
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 10:58:41 GMT
etag
2603938475786422795
expires
Thu, 02 Nov 2023 10:58:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4667 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27635
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:03:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 19:22:25 GMT
parseData.js
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		917 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/parseData.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
8d59b8a4a61a669d41c2e088ec97d46465d54464ca283b126c59c8dd982cccfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 06:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
371
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 06:11:48 GMT
data.js
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/data.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
be6f43ffe07dee38b8ab34a08d9943c26cd2c1efc7bb0da77329ac509f31c98c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294226
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1252
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
Main.js
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/Main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
9dbad397de673f5e93af50f9fcba17acfe0edd55db465f4e9bd0f51df9bbe08f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294226
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
770
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
bg_1.jpg
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/bg_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
fb159baab95e622f82a9d954bb37999df895ae33b6e5727db845e7e91148c7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
x-content-type-options
nosniff
age
294226
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51378
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
hand.png
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/hand.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
e3ffe8a175dc8193552aecb55c311ba2c6ff1ba9edbfd259ea022ab099668908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
x-content-type-options
nosniff
age
294226
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3489
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
bg_mask.png
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/bg_mask.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
a03c30bb4cc6ce5da423ca0b5bd47b9a77909edf60d75bf24b040889314f4ff0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
x-content-type-options
nosniff
age
294227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7158
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
branding.png
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/branding.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
a6d57a6420d9c827ef9f0a6b0e65a6ff6d5c5b6b3f6a9b9a35ed83a8747597ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
x-content-type-options
nosniff
age
294227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3861
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
copy1.png
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/copy1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
5035abcc8ed5bd2656f7761aba8262f030d6369460b4ab0664030966ad413383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
x-content-type-options
nosniff
age
294227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2062
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
copy2.png
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/copy2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
4b325195b8656820d08b63d93c6acc66c5e8ecdbb3613ac490e70d1437bd8b36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
x-content-type-options
nosniff
age
294227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2076
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
copy3.png
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/copy3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
cc6c467374b0c5de280d8a27c3d99f4f15f1b0d1a87138d5647ffb8e4a09ade7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
x-content-type-options
nosniff
age
294227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2604
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
cta.png
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
aefb731eb611b6a2eeb1c52413e5fc858e1dea0cfcd730ee1ba4e6b676b8d35d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
x-content-type-options
nosniff
age
294227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1683
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
disclaimerbtn.png
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		553 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/disclaimerbtn.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
a5d6d290e59be45c467b48178beb643033532efe1a7a00a75328794386983e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
x-content-type-options
nosniff
age
294227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
553
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
frame.png
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		423 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/frame.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
3b73ec2e904bc1b88c92fb3921ac9a09b6a6cf2ae9e814783f19f2b89ca47900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:39 GMT
x-content-type-options
nosniff
age
294227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
423
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:39 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A9BC 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:07:38 GMT
x-content-type-options
nosniff
age
18888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 14:07:38 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etB77TKx9.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A9BC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etB77TKx9.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
61751bf96552243553e61b2eccb722252c81974d766c87d453c4757446819d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 21:22:35 GMT
x-content-type-options
nosniff
age
597591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15012
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:33:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 21:22:35 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A9BC 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 09:20:48 GMT
x-content-type-options
nosniff
age
468098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 09:20:48 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDvD9oS_a.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A9BC 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDvD9oS_a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
7bcab07242bdf7781dea3588e71bcdc04a80f8a4d33323cb716cb0b5ddb1fc17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:28:31 GMT
x-content-type-options
nosniff
age
590035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 23:28:31 GMT
css2
fonts.googleapis.com/ Frame 0773 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:46:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:22:25 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0773 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:08:26 GMT
x-content-type-options
nosniff
age
65639
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 18 Oct 2024 01:08:26 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0773 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:48:20 GMT
x-content-type-options
nosniff
age
77645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 17 Oct 2024 21:48:20 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 0773 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
98fefe7f547279bd255dc14dc672ff50e5b5d330f6ae9d2fc3b0784be4b40de4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:32:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
71395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6582
x-xss-protection
0
server
cafe
etag
15902073051392820161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 23:32:31 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 0773 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:06:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4543
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8598
x-xss-protection
0
server
cafe
etag
10300645532664441910
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:06:42 GMT
css
fonts.googleapis.com/ Frame D45F 		4 KB
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:46:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:22:26 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame D45F 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame D45F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame D45F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame D45F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D45F 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:22:26 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame D45F 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:16:14 GMT
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame B4A2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
313510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6704 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARijwor6ATAB&v=APEucNWwQA-Dlwx9ktPLloWjcYwZecXJJRiYY1NAP8hHsCAWSznp4bzoQVREqc7Od7JifX0uCzUv_3Hs-XUoMNKgBQMsxh5vg5M1AQdyFHAy03WO35jordekBLZ6i3LuZStthd-WOpa4ev2zCqUankpPDq5WsGvZOObSknRw1Bgzz3sXhp8nVRQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:22:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0FDA 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 20:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84011
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 20:02:15 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 0FDA 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:04:41 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 0FDA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:04:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0FDA 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
97229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 16:21:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 0FDA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D574 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
10829
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 20 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 0FDA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:27 GMT
l
www.google.com/ads/measurement/ Frame 0FDA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJiIMXePXRy8sSFThB6Z-H9vdaHOXMFAHYhBlVdSTXrg3eORsxWIgbOY7bVpay8VWQM-eGSDv0imQMQpLuOtYofmdTew
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0FDA 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:22:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FDA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BI8jNluwXw6h4lGFoivxTMmqkXcE5BHFRO-krOP-Om-GYUnrVgMOxdqJpTfWpEpNXumhmQh4xSpnkr_rWW-OBLUFeV3lrft504Mf8YzqE0VAEtuf8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
INGMe-Regular_lite_rrso.woff
s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/ Frame 4667 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/INGMe-Regular_lite_rrso.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
5dc85686fa8738346a1b37288675d57432525d0b37c4cf15d3d3dd7fa21a43fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16285287639528860580/pl_loans_336x280_edukacja_1814/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:38:40 GMT
x-content-type-options
nosniff
age
294226
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6792
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:38:40 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame A9BC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CVy0o8IExZaGNFbqE5LcPhfmFkAHikonWc8LQq6GIEsSboPK7MBABIKiUyExg6eTJhdgaoAGzo-LtA8gBCakCvRX-0Srhjz6oAwHIA8sEqgSNAk_Qr6bR8hRA0FTFiO8GRwfV0RPUgWq93jR...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222599077658356180414%22,%22debug_reporting%22:true,%22destination%22:%22https://allegro.pl%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222599077658356180414%22,%22debug_reporting%22:true,%22destination%22:%22https://allegro.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221035506099%22],%224%22:[%2210-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228646590382726694129%22}&andc=true
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:26 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"2599077658356180414","debug_reporting":true,"destination":"https://allegro.pl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1035506099"],"4":["10-19"],"6":["true"]},"priority":"500","source_event_id":"8646590382726694129"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 19 Oct 2023 19:22:26 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 19:22:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2599077658356180414","debug_reporting":true,"destination":"https://allegro.pl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1035506099"],"4":["10-19"],"6":["true"]},"priority":"500","source_event_id":"8646590382726694129"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame ADE0 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 12:45:24 GMT
4ed6cf481704aeb182b0f1535c272bdb.js
www.gstatic.com/mysidia/ Frame ADE0 		156 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4ed6cf481704aeb182b0f1535c272bdb.js?tag=gpa/dynamic_fig_web_banner_v2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
f3b4d0295867e049e19d4e3bba27032e162831f65cb81a2b52888e95090d2b43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58578
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 15 Jan 2024 03:13:23 GMT
css
fonts.googleapis.com/ Frame ADE0 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
e5688319ea093a91c367a5f64f22b2012affd2a2bf80a8e31a6f4e02c67fb1ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:37:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:22:26 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame ADE0 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame ADE0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame ADE0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame ADE0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:01:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ADE0 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:22:26 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame ADE0 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:16:14 GMT
rum
dsum-sec.casalemedia.com/ Frame 6704
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARijwor6ATAB&v=APEucNWwQA-Dlwx9ktPLloWjcYwZecXJJRiYY1NAP8hHsCAWSznp4bzoQVREqc7Od7JifX0uCzUv_3Hs-XUoMNKgBQMsxh5vg5M1AQdyFHAy03WO35jordekBLZ6i3LuZStthd-WOpa4ev2zCqUankpPDq5WsGvZOObSknRw1Bgzz3sXhp8nVRQ
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naBvvfsKtREloeACWSJ9nSMJ%2F1ud02FjIFXpXnjs2moC%2B5HVjYx%2BlPZQh6A7HkeP73qjV2IIHWnZBY2UYxAVHL8sCEVZd1gfE%2Bi51nc1yD1jTHv7FoZkqSWOhzY%2F%2Fy4uDouywmvDMgfDMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818b63cb8df834da-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6704
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGB8dKQIPcdWtV42XieDgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARijwor6ATAB&v=APEucNWwQA-Dlwx9ktPLloWjcYwZecXJJRiYY1NAP8hHsCAWSznp4bzoQVREqc7Od7JifX0uCzUv_3Hs-XUoMNKgBQMsxh5vg5M1AQdyFHAy03WO35jordekBLZ6i3LuZStthd-WOpa4ev2zCqUankpPDq5WsGvZOObSknRw1Bgzz3sXhp8nVRQ
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq0Tnr%2FxRrqmemfxKErQg0h7%2B6jj3vIcokV6ADV7Kbf0aTNkM1ZHao4DJpiIJ5z5gga8kTB27apIwrfZTLnp3rvShioGOlK84XFPBvsa3mhXzFQ504%2BJVchqCbCFdB%2F67RxRWR5MtqPXrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818b63cc4ef434da-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBE5yck44YxvATVgnqrKXBE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6704
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOTAJHIirXLPMKYgFrb66Kw&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOTAJHIirXLPMKYgFrb66Kw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARijwor6ATAB&v=APEucNWwQA-Dlwx9ktPLloWjcYwZecXJJRiYY1NAP8hHsCAWSznp4bzoQVREqc7Od7JifX0uCzUv_3Hs-XUoMNKgBQMsxh5vg5M1AQdyFHAy03WO35jordekBLZ6i3LuZStthd-WOpa4ev2zCqUankpPDq5WsGvZOObSknRw1Bgzz3sXhp8nVRQ
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
an-x-request-uuid
b549e7e1-142f-4b35-ab87-ea8197fd976e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.67.86.88; 176.67.86.88; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOTAJHIirXLPMKYgFrb66Kw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6704
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MzA3NDYxMTY2NjU3OTkxNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MzA3NDYxMTY2NjU3OTkxNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN6iqQEQpIatARijwor6ATAB&v=APEucNWwQA-Dlwx9ktPLloWjcYwZecXJJRiYY1NAP8hHsCAWSznp4bzoQVREqc7Od7JifX0uCzUv_3Hs-XUoMNKgBQMsxh5vg5M1AQdyFHAy03WO35jordekBLZ6i3LuZStthd-WOpa4ev2zCqUankpPDq5WsGvZOObSknRw1Bgzz3sXhp8nVRQ
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
an-x-request-uuid
6e569262-ad76-4cb7-b04e-9214ed99cfb2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MzA3NDYxMTY2NjU3OTkxNA%3D%3D
x-proxy-origin
176.67.86.88; 176.67.86.88; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3A1E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv482luZ792S7szTcUsFHjddr7iBqK4CvX4ZIpJF__stf4Y-0DhU52slaIUI21sLkzQ877V73ZFzrtfrQyV9bQUD5jGQEhh_iT_o4nMByRspcZAF2fE4Bs8A4ic5cfZZTAiZYKCCmneffQFj1oYvA0bV-qZkA_wZnd4-E5Y2A-Rp5mFlgJyr7P7pA5oQM2xMBCCzKyPONpT1baQCoEg2FyOZy0Aq-qSAXpbWzNHb3KQlLsMzV1T4dM-pvBJgCsIUfjeObCxKFtXD0KjLqSPKg_jHD7DvLAQLh839lT8S34mBlmAjR81gfrj8Aaqjq1aqhkatnzRsNIpj_rlSCzvQPqsgVwO9-s-L0Fkd4e9zoUbtepsTWXyUCyLdwctLJ-oFR0DhhVhH-2NmoQzWbpIydgPbRS2s8y9-bbfFcUS2FdfS9ZCkaWb47rTg_pz6IUpd99FkjIh_iIY9RX1l65Uhd0NgJSmzNSY5upe7tWL9xu1hmsoPcn5swCoFZDDWFOJELx9qB8n3C98aZyj-XBcToi5ZxRtSH-EPnNoKan2yZugtjRyTdFQpXoNsYmYKaHLif5IVxmJ2pDFKesYNMecFR1fW1wEXFieS6KIC_K6K9W0C_qmG2Xqr-IjzHnlfeAGOmzjItWgc_Kyi-0bp7-lshFTyYnGoWrrfVsD32wxbDC32MbSFrbGhYuiNtI0b_yt1o0ThHKy8Oqsx-4nbakwZ7-UzhuOm3Ze4L5cjOqyONoL0d2xvuDroMs6YDT1V17sQrwc7KJasejwV6Ye-TEAwYB6mF7YN40yTPYqhxpjND3EUzRP8DpHQfpA9Z1wQ73JwUs9_l43rrLmIsQtD_LQTD0FtI7YlngLg6q7jRuXbAIPQG19mhrTlbv2TWMqPvIu8zX8u5PrOS5QBcqhxuGc008NFAUdwMAAAeOdSy-dX1bX3A8X0l2rGbdQqxIHpD2Kut0bIDvEhkrdLHy3j4_uiBhdwaQ7p-wsWEGMknKQ2hGj-L8kA810EoQB_3SUNCvor82AlaZ3jvNwMfJYd7OiaVDwu_o23eJbLm0UfUflbJfTwSFNK7gQCDa9J09hTWTyZx0nCSgRhDhVQpUasntru1m4X1M4d1Vzy78uMNYVGtfXSQw4sVuM71moDgQPSMaY70CP1eNn_uwGQtdK4TQqRGcciu7d1_W0bT148Mg5wjX3FTF7IgtHc6rY0hIXbqAZR7c17rAvnsGBQnyDKjcYKEfBkYMJucyARWltKUdGyBuz4LyAJ271oD0Docb-u--HjoF00iCYjVS_QJZ2_h9o-dQEiF9KArs4cUmqGeeJvS-ejkYIBNxOeYE&sai=AMfl-YTG47yzbJFKzX4yLOYR6jwfTR1raHc8C9wam5256Be6DtJjq5az1A9JE83SOGg3td4r86NUDsemceTNBqTEshQ5pX2BrCcD1mWyBd05X-TTWBO2YHmAOtLgEp10Kp39h0sgE9zR07U4jwmXwnTAK92iUUpb5Z60VuR227MgOl4zMAKE9VsSsSb0yxca4MR48JVljNeJPnpsGrt3WazwLUWxloEe8JEO8B3IUSXRJDeX8WevT9EEci4F0sNyg8nhXCkRrQr0HpPNJXD5TwAkUqh4L_RToWs5rqzRZxCIdJn-kwLajj-EwqsU1NUJMFFZ_0HY6T3bLS7aWHRukxO_rHuOpPqarDrlTv3kWyym6GsNGm8aQWdk3jro6p-fZruBVjcUbSzaGEwjiwjz8cmOcnnZIdIwg7T14s3lzvVM8cmDvU7G4dddsfmF8qVrPq7T94na4KJ4H5Qn8Oh5k0ouNkSIzyw6nVq1I2DzmxVa&sig=Cg0ArKJSzCULR2e-gbcREAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1226&vt=11&dtpt=791&dett=3&cstd=424&cisv=r20231017.76966&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame 1599 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=200&slotname=4241805211&adk=237228131&adf=2432224579&pi=t.ma~as.4241805211&w=800&lmt=1697736144&format=800x200&url=https%3A%2F%2Fnewsblog.pl%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743343812&bpp=1&bdt=659&idt=399&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MOfDG1xNw3&p=https%3A//newsblog.pl&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
313510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
truncated
/ Frame 0FDA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ef455cf272c4d30f81b34738b10171435125bc137c8c640241ef69c02cde156

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222599077658356180414%22,%22debug_reporting%22:true,%22destination%22:%22https://allegro.pl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221035506099%22],%224%22:[%2210-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228646590382726694129%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 19:22:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
8106b630679a31b93e0f9d0d2887094cddff99bfa0533c83fd57345999754a3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
105236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1842
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 14:08:30 GMT
expires
Thu, 17 Oct 2024 14:08:30 GMT
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0FDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstxpIYcXO5Fb2vIYgvAcrwH03lg7oxPr2PHm8u0udf7tbr1QmgmPye1ui-V296G0XmtQ4cK6kIiVa9z-zd2XVX3UtfddwubQjr-uOToYTVxAblg_Wf-lL1Yr49feA7RLc_cUABXojj91zF5RNaL1zX2E3ZXalY2j5DY_uE44gKJAu8IgWGbdbcVMrzsoJ0U-ufobWGskbDnUuhFigl0o8jjhA7Wt1Gbglt55a2mS_bFsExN4yiLNCQbt3O7n655Db1V25I64r0RqjgXNuWPr36szAL1YAJkgo_v7t-iczjLjpNivNl7VfaONMPRwcD37mZjBxNfWtvDQTx4WEK9tRrWemO69jmVg0cCIRfvg9mkdfLyRPoPv_fg-eDGmZWPmgEa9Vpf8XroTz5Dq-ot6D7xYKya6yafuuROZsbXrXfvMcO-fZky_qw4cVBOscUhnuzwWSW2fdSD_REEPFOw2eRsqCNQz-B3PT_LbiiwVsStuwxNpYCQpN5myPSasxMjG0I0Ph3XvnpCl_9xizsT2W529Q-We38PDZmxkDRakD-RY_pwv5DL5CQRW-hZK5zZd11dckJjQSZRhshGBdJmmEjfUBdOvUleStGv3f4elu7keXAlPJUMkjZfrIJdOw6_q_KRWpG_pLapI1t-U3e6L_V0JO5mVd5S31fJ16Bguueq8BHLqR3qWs2-mBzPpfltzibDmxEIhvj7MBqMCBxe3J7DjLqd4yEvmmoXuHHXYxua7fDzVJp8wpEL7OEHYhWu-jDx5WcdZZxagoR9LiXay1K0lbNhzhKy4zF6qh-y460cdA_fx9u-cGAD3Jeeb87bEKKcy6dRH02EsgDRSrBPTTrrSkxxhp7-f1NJT3a-VKFNlbgyNUkNA3akJBa7jxOKhjlw_ONUpYKC8-Gr2yLnLjB3PWCVFP1KMr1DJcwQU5k0k-xZDuI2HxtVSxTubjzt6bzvON5IB_OiGT132Z3uh67OyG_-Zufe-ciQHjBAxjCKzGPX05E9OXKM8QVSkk2NBO4kMPCjRiDsw69Ua2siZw4316vFzKOAiP9o3DvE1s2LplZIKy3EyxvuNHCDG39O2uTvQJts_3v2VzYiqY0VydDgj2l6eEIoPsLrPxYP1ox92apU2a6sHfLLy00gpmYj_LJp9YoVI2aghZBLAvEQQTvvY_oR2-tIpscYaUE0YViayEDw3_QCJsLHQwoYbfH7vclkWSCQulwF8dDZTsh_dgWN2HAtyVXIUif6vEJpW59FjFQOTASykTkqzgdRtBB-2d5YXj_feIRVH6je2yIq8Bz-g73YOIBSAzaTpnFmTRCu5gl7etvrq-eycA2QSYuC30f9khhu0u03wkrE6UTo30TaE2fsiRml7_NbK8z7m8yx6nUBHVhOsGS8aBh9BPT8712abVg&sai=AMfl-YS3U6ap87LMoBWTP78u23S3t_PVoyGnN77cSa7VcETZB9XUb_PLS51_PXHMB-l3Vp3YXZqghZIt7R9UoMG67rYJ_GyokqMbWkNzgnC9Heop8zo71hrvzK7gGZN99B9A8d62FyRKEqM9UCu02uuBa8vd-V1jzY5H95IruTSasVsAb--10xYJLxfBS33vFfdf8sKNMOnerui6BjCVbQJKBwbpWZZ6nCP7p61SOFDSfKZ0pZ4JbRt3hcY8jAo5F8vaz70lOso_l5keXRyipw5XpHdhn8HeyhnCS8Xh-HFdrx-7RZiDJF4Cc9gRIOCiAzDsQUoE1J_gtPIO8JfiQC-k7tNFBxuZjxHqLMElk-u0woWi-NQoCmrLgevLhsB8KPNFZwaT60E6MyUjTh6qCB51SvARJYctfhMpNQZ-rKiMyuC2JqQINg&sig=Cg0ArKJSzH8cAqaod_ozEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=459&cbvp=1&cstd=454&cisv=r20231017.83289&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 19:22:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F991 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
97228
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 16:21:58 GMT
expires
Thu, 17 Oct 2024 16:21:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame D574
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDLXYT9B4BfhFdDN53h_FoQ&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDLXYT9B4BfhFdDN53h_FoQ&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Y3BoM3BZbUgxUVR5QmM1&google_gid=CAESEDLXYT9B4BfhFdDN53h_FoQ&google_cver=1&google_push=AXcoOmQWmliByq01Vz6nuXmDaUhYeZMuVsYia5bP_dU6gem...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Y3BoM3BZbUgxUVR5QmM1&google_gid=CAESEDLXYT9B4BfhFdDN53h_FoQ&google_cver=1&google_push=AXcoOmQWmliByq01Vz6nuXmDaUhYeZMuVsYia5bP_dU6gemZ3EHx1DBtrdtpurhpUYjhHrsn3KIEqvuHLWM6U2_NLTMMpLKZ-J-e-Fn3k80n_SirRWBMwEd7aTNGeiy6IydJob82kPF20mXI7PImjiPWvJJIwg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:22:25 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Y3BoM3BZbUgxUVR5QmM1&google_gid=CAESEDLXYT9B4BfhFdDN53h_FoQ&google_cver=1&google_push=AXcoOmQWmliByq01Vz6nuXmDaUhYeZMuVsYia5bP_dU6gemZ3EHx1DBtrdtpurhpUYjhHrsn3KIEqvuHLWM6U2_NLTMMpLKZ-J-e-Fn3k80n_SirRWBMwEd7aTNGeiy6IydJob82kPF20mXI7PImjiPWvJJIwg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D574
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGZM_b-OoycBRJ9fkbjYvKk&google_cver=1&google_push=AXcoOmTF8pHIHjKKwOICAWfE35CT5CD0cyG6WuQxKN-7BewZTbUXmd86q7QutiMp-e4Xk-Olx7vFVs8mt28SJcl6dRA1TDf8oBX63G...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=43994DBC53874C12BE29F2CA464290E5&google_push=AXcoOmTF8pHIHjKKwOICAWfE35CT5CD0cyG6WuQxKN-7BewZTbUXmd86q7QutiMp-e4Xk-Olx7vFVs8mt28SJcl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=43994DBC53874C12BE29F2CA464290E5&google_push=AXcoOmTF8pHIHjKKwOICAWfE35CT5CD0cyG6WuQxKN-7BewZTbUXmd86q7QutiMp-e4Xk-Olx7vFVs8mt28SJcl6dRA1TDf8oBX63GWufWzfifMfIEUo5s4BwM9FeFgYmzSoOJyEGrT8Rz9wikz53CvuVo-s5bE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 19 Oct 2023 19:22:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=43994DBC53874C12BE29F2CA464290E5&google_push=AXcoOmTF8pHIHjKKwOICAWfE35CT5CD0cyG6WuQxKN-7BewZTbUXmd86q7QutiMp-e4Xk-Olx7vFVs8mt28SJcl6dRA1TDf8oBX63GWufWzfifMfIEUo5s4BwM9FeFgYmzSoOJyEGrT8Rz9wikz53CvuVo-s5bE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 18 Oct 2023 19:22:26 GMT
google
match.adsrvr.org/track/cmf/ Frame D574 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIUH4i-zgutTWMS4Cw5HtOE&google_cver=1&google_push=AXcoOmS2nDbN1SHGCVFu1hcZlLOO3vF2y9vdRjsI8jvMn1sTBmKJ-SR1krz0NxEPzxA6VLc3HfaHqiAXIl67NKQOzt5X8kwX6ZTg53GnhzxMGVPkZCmGeUUDk6oJy4eoA0AlCOJlYldeiUYeVfrm0hu-4QtED7s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame D574 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHz3E6Eu6ZbTxw6GeggTtw0&google_cver=1&google_push=AXcoOmTHiWe-8dnOR6XsbqJ2LLaboPl4sbKwM2C3fLz67kI1frx96tMTXtPERFSw_DQNBHQLQn69nZmTb2niMp9QSQoGlwflp9FHWSTtHXBm5Hfha2csuSIVSJ_aC_euGYu3GIAeLS_ig5d-5q4qPNxjMxWJ8Ag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
adx
pr-bh.ybp.yahoo.com/sync/ Frame D574
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBEQ3Jbm6AiEMg_IXVvWihA&google_cver=1&google_push=AXcoOmQlQFriG_53PhSoWyTPh3e8WgfwzjXVye6yJFjJywDnbadi5-ta73IKuFlYT_oVBwhKRIVkDkjle1wuAXSBPb951zb...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQlQFriG_53PhSoWyTPh3e8WgfwzjXVye6yJFjJywDnbadi5-ta73IKuFlYT_oVBwhKRIVkDkjle1wuAXSBPb951zbvkVOFwp0emeVqZb7WI-tIG82Imu-rucMyN42VL...
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_error=5
0
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adx?google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H2
Server
54.229.245.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-245-224.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pr-bh.ybp.yahoo.com/sync/adx?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame D574 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIRQRgxCSB_es3PvNuY9vgo&google_push=AXcoOmRDQyM1E-jeG7WQZU0qoaq9HQCZ-Hun1PGxlZGjZm8qfsBK214mysyVv6k_OTG-lSKsD2DyW38X0aFBbZ85VWlaieuyZ1cIZd5X-8yfgUQQatipN_VNc_VPYt1ed6w8vYCgYjvPvKFFVP4P0HvBB3QFX7M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:26 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cm
ius.ctnsnet.com/int/ Frame D574
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEG5GJlbL3hiRL4rnWfkJsdY&google_cver=1&google_push=AXcoOmReDzJGGGX6jS-oUk4aelASH1Ba5gRlI8TUBWtPlFO8WQh6W_eGeQ4SkWcAMc...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmReDzJGGGX6jS-oUk4aelASH1Ba5gRlI8TUBWtPlFO8WQh6W_eGeQ4SkWcAMchVhLF0vttk8NO12GDTvsuGBmyHmFaVX7vYaoEop7Wt_GPRKV...
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_error=5
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H2
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
via
1.1 google
server
Apache-Coyote/1.1
content-type
image/gif
p3p
CP="NOI DSP COR NID CUR OUR NOR"
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D574 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LoZSWcRi6f8mCiiRgmjWh5OogR3xlEkG1QHx2nVykeNoyMFJ71FnZHgCz4oqStYXp0mnes7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8477418410368926&output=html&h=280&adk=3192147209&adf=3739213377&pi=t.aa~a.4134018108~rp.4&w=490&fwrn=4&fwrnh=100&lmt=1697736145&rafmt=1&to=qs&pwprc=7405416302&format=490x280&url=https%3A%2F%2Fnewsblog.pl%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743345322&bpp=1&bdt=2169&idt=1&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b1d88cb205cbb00-220ec65af6e20098%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_MaiHs8mMpIIwC00ndYImjjtRb6YwA&gpic=UID%3D00000c9cad393a78%3AT%3D1697743344%3ART%3D1697743344%3AS%3DALNI_Makx0yivCm6JMPoTHDSZqzauPZJmQ&prev_fmts=0x0%2C490x280%2C800x200&nras=2&correlator=3758523756016&frm=20&pv=1&ga_vid=1153318665.1697743344&ga_sid=1697743344&ga_hid=1031216775&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077327%2C44805112%2C44805534%2C44805681%2C31078297%2C31078916%2C44803791&oid=2&pvsid=3193503963006260&tmod=2140151901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PNG8qGDEXd&p=https%3A//newsblog.pl&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame BF73 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27635
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:03:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 19:22:26 GMT
parseData.js
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		917 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/parseData.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
8d59b8a4a61a669d41c2e088ec97d46465d54464ca283b126c59c8dd982cccfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105235
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
371
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
data.js
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		791 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/data.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
fb1c047eca22933fad3678dffa447ad833745e2ae0b4d14a476b3b658d152e54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105235
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
512
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
Main.js
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		2 KB
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/Main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
0995f8e56171bd4419118867e4bd6321ef761d9c82f4499abcd7297bcde91e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105235
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
722
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
bg1.jpg
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/bg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
9c6de5e4de988ae2e264a629e81be95df41c04bb70d0c63343b4eb4efeed6bae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
x-content-type-options
nosniff
age
105235
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32323
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
branding.png
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/branding.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
f0333a58c2644c2aa817bf8c2d377724f8d61e60dbed56a9f96fe58d8eaee951
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
x-content-type-options
nosniff
age
105235
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4268
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
copy1.png
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/copy1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
0f97c019cf60cba5deef1b8fd1f75fbc0cbe92b644c53d3b7017e761e948a14a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
x-content-type-options
nosniff
age
105235
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2592
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
copy2.png
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/copy2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
f3c255d2653a430143c81c0564a15836c83a1c6b6965397c9130ee472955a95c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
x-content-type-options
nosniff
age
105235
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2684
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
copy3.png
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/copy3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
ac677702ea2099eb0ffb959a56265257f0ce2c9f1732c07cfd858930300b2374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
x-content-type-options
nosniff
age
105236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3028
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
cta.png
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
112ac8e55219f80143e21983c479fc2d15898ad96bf79ed3ac3edb24abc7daf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
x-content-type-options
nosniff
age
105236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1947
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
disclaimerbtn.png
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		871 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/disclaimerbtn.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
f51f1b5df5012c0c804b88442852957373287da4cbde52411ac785937cfc1241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
x-content-type-options
nosniff
age
105236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
871
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
frame.png
s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/ Frame BF73 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/frame.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
a92158e3d88dfd0e0fd6af2911a18cbe6d0d8c49f478cccfbe4783e470daf9cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10488170209920088758/pl_accounts_336x280_kolarze_55/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:08:31 GMT
x-content-type-options
nosniff
age
105236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3734
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:42:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 14:08:31 GMT
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame 3883 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
313510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
csi
csi.gstatic.com/ Frame ADE0 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnxkjy84&c=244138353747&slotId=122069176873.5&qqid=CJjC0-fqgoIDFfMI-QAdwC8OxA&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4ed6cf481704aeb182b0f1535c272bdb.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.35 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sfo03s26-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9789635066219908180
tpc.googlesyndication.com/simgad/ Frame ADE0
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC3p6bPugEQoAYYogMyCAkQQkAv6CiM
  • https://tpc.googlesyndication.com/simgad/9789635066219908180
42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9789635066219908180
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
4750837aadfa9131d3eba86c73f1436cd538b9537938f751ad46c318e7594d47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 12:12:47 GMT
x-content-type-options
nosniff
age
284979
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42653
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 09:18:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 15 Oct 2024 12:12:47 GMT

Redirect headers

date
Thu, 19 Oct 2023 13:54:18 GMT
x-content-type-options
nosniff
server
cafe
age
19688
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/9789635066219908180
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 18 Nov 2023 13:54:18 GMT
videoplayback
r6---sn-5uh5o-f5fs.gvt1.com/ Frame ADE0
Redirect Chain
  • https://redirector.gvt1.com/videoplayback?id=26ef25c07f6efc90&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1697750544&sparams=ip,ipbits,expire,id,...
  • https://r6---sn-5uh5o-f5fs.gvt1.com/videoplayback?id=26ef25c07f6efc90&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1697750544&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r6---sn-5uh5o-f5fs.gvt1.com/videoplayback?id=26ef25c07f6efc90&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1697750544&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5224ADBC4486981020D9D8BCE6E2114274C45A6E.83C17379DB0C5B9CC168B2BDFC07648A089C828C&key=cms1&cms_redirect=yes&mh=Cs&mip=176.67.86.88&mm=28&mn=sn-5uh5o-f5fs&ms=nvh&mt=1697742980&mv=m&mvi=6&pl=24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
194.9.25.81 , Poland, ASN41406 (ATMAN-PROJECTS, PL),
Reverse DNS
rev-194-9-25-81.atman.pl
Software
gvs 1.0 /
Resource Hash
8956b5d3d4f6ceb046d96808ca406cc3f9818ae81bfc53dbc4b50e48fd565395
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 19 Oct 2023 19:22:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Oct 2023 09:29:08 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-1437285/1437286
cache-control
private, max-age=6897
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1437286
expires
Thu, 19 Oct 2023 19:22:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:27 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r6---sn-5uh5o-f5fs.gvt1.com/videoplayback?id=26ef25c07f6efc90&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1697750544&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5224ADBC4486981020D9D8BCE6E2114274C45A6E.83C17379DB0C5B9CC168B2BDFC07648A089C828C&key=cms1&cms_redirect=yes&mh=Cs&mip=176.67.86.88&mm=28&mn=sn-5uh5o-f5fs&ms=nvh&mt=1697742980&mv=m&mvi=6&pl=24
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
703
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame F991 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
313511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0FDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstxpIYcXO5Fb2vIYgvAcrwH03lg7oxPr2PHm8u0udf7tbr1QmgmPye1ui-V296G0XmtQ4cK6kIiVa9z-zd2XVX3UtfddwubQjr-uOToYTVxAblg_Wf-lL1Yr49feA7RLc_cUABXojj91zF5RNaL1zX2E3ZXalY2j5DY_uE44gKJAu8IgWGbdbcVMrzsoJ0U-ufobWGskbDnUuhFigl0o8jjhA7Wt1Gbglt55a2mS_bFsExN4yiLNCQbt3O7n655Db1V25I64r0RqjgXNuWPr36szAL1YAJkgo_v7t-iczjLjpNivNl7VfaONMPRwcD37mZjBxNfWtvDQTx4WEK9tRrWemO69jmVg0cCIRfvg9mkdfLyRPoPv_fg-eDGmZWPmgEa9Vpf8XroTz5Dq-ot6D7xYKya6yafuuROZsbXrXfvMcO-fZky_qw4cVBOscUhnuzwWSW2fdSD_REEPFOw2eRsqCNQz-B3PT_LbiiwVsStuwxNpYCQpN5myPSasxMjG0I0Ph3XvnpCl_9xizsT2W529Q-We38PDZmxkDRakD-RY_pwv5DL5CQRW-hZK5zZd11dckJjQSZRhshGBdJmmEjfUBdOvUleStGv3f4elu7keXAlPJUMkjZfrIJdOw6_q_KRWpG_pLapI1t-U3e6L_V0JO5mVd5S31fJ16Bguueq8BHLqR3qWs2-mBzPpfltzibDmxEIhvj7MBqMCBxe3J7DjLqd4yEvmmoXuHHXYxua7fDzVJp8wpEL7OEHYhWu-jDx5WcdZZxagoR9LiXay1K0lbNhzhKy4zF6qh-y460cdA_fx9u-cGAD3Jeeb87bEKKcy6dRH02EsgDRSrBPTTrrSkxxhp7-f1NJT3a-VKFNlbgyNUkNA3akJBa7jxOKhjlw_ONUpYKC8-Gr2yLnLjB3PWCVFP1KMr1DJcwQU5k0k-xZDuI2HxtVSxTubjzt6bzvON5IB_OiGT132Z3uh67OyG_-Zufe-ciQHjBAxjCKzGPX05E9OXKM8QVSkk2NBO4kMPCjRiDsw69Ua2siZw4316vFzKOAiP9o3DvE1s2LplZIKy3EyxvuNHCDG39O2uTvQJts_3v2VzYiqY0VydDgj2l6eEIoPsLrPxYP1ox92apU2a6sHfLLy00gpmYj_LJp9YoVI2aghZBLAvEQQTvvY_oR2-tIpscYaUE0YViayEDw3_QCJsLHQwoYbfH7vclkWSCQulwF8dDZTsh_dgWN2HAtyVXIUif6vEJpW59FjFQOTASykTkqzgdRtBB-2d5YXj_feIRVH6je2yIq8Bz-g73YOIBSAzaTpnFmTRCu5gl7etvrq-eycA2QSYuC30f9khhu0u03wkrE6UTo30TaE2fsiRml7_NbK8z7m8yx6nUBHVhOsGS8aBh9BPT8712abVg&sai=AMfl-YS3U6ap87LMoBWTP78u23S3t_PVoyGnN77cSa7VcETZB9XUb_PLS51_PXHMB-l3Vp3YXZqghZIt7R9UoMG67rYJ_GyokqMbWkNzgnC9Heop8zo71hrvzK7gGZN99B9A8d62FyRKEqM9UCu02uuBa8vd-V1jzY5H95IruTSasVsAb--10xYJLxfBS33vFfdf8sKNMOnerui6BjCVbQJKBwbpWZZ6nCP7p61SOFDSfKZ0pZ4JbRt3hcY8jAo5F8vaz70lOso_l5keXRyipw5XpHdhn8HeyhnCS8Xh-HFdrx-7RZiDJF4Cc9gRIOCiAzDsQUoE1J_gtPIO8JfiQC-k7tNFBxuZjxHqLMElk-u0woWi-NQoCmrLgevLhsB8KPNFZwaT60E6MyUjTh6qCB51SvARJYctfhMpNQZ-rKiMyuC2JqQINg&sig=Cg0ArKJSzH8cAqaod_ozEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1204&vt=11&dtpt=745&dett=3&cstd=454&cisv=r20231017.83289&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: newsblog.pl
URL: https://newsblog.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:22:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A9BC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiPbZTGmUDGup-iXIkkgGpGB7HeiRJRSybXKTzGHf091EDxpGknGxYiHHFduCSxDDlm2nFBz2FoA1Bmsi70CYa3Hx9Cs4-XRO5hFtLzn3bSpAskkB58-yoVGOcfwWPBwmukRXvgzgeTeE0&sai=AMfl-YThT8zazfpmnrMOtkv9wBI4prZvelilwULDV5cdVkhFW7oy35CH91c-pt-5SfwVEdrwvihrxDjhnY6pI_MGJtWM_AZ5zAZpbyL3yv8EkSkcSpMyaQegSBPaebMwD_ijiOS5wKx3fcNgrRBr&sig=Cg0ArKJSzI7xCxDhe7xYEAE&cid=CAQSSwDICaaNJYeAhWL1vqRTowwoz4go9nBfDxTmdhBs0hENVnUw-e4vcOVu9x-bg8wGs5IyUW5Lt4VnJA2PsFSkVG6DLKVXv6Ty6_StDBgB&id=lidar2&mcvt=1026&p=0,0,200,800&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=237228131&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697743344217&rpt=2059&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B4A2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYMKu8IExZeT9Eou_5LcPlMuouAsAAAAAOAHgBAI&bg=!mpmlmdbNAAZy-tsgUvo7ADQBe5WfOBagiXxdDN7ogbOTUqX0FFWACpio_9K1A2f0k8PG6-vFeBe0am9UIhMVoFx-XgJgAgAAA8BSAAAACmgBB5kDOCEzRwc3ftUFhIXWW1mH5-SNgKIlxVJIt9wbAtGV7ylGBtywnEtyivsg0CWzUcUTP4RFLK66lJ399nHB0MB9APnHcVQRPgHbB9v3tVP98ZvhfzQlYk2NXrqEkgMrVYUbvo0jJX0QlSkgkEzfepzCiThpLgMYiI4wf0ireSOkMjw5RDviiuVmvBfzHk6u3TDx81IZCiweWlwAwXQkHUVUrOHwByFz-aAXunjFucI58jxjQT0K5KvxTDTx_cxSS86ZeoNo3czE0deJHRBNwPc95mKRX4AsCKQ3Rr3QrBTuvkRO8obUcNFB54BVNDAzALn6QGbIi-_cPsgGrPak6xq496Kyp65rM7DP1s5L7jwM8HR3cjPevzIEfSr6wTUP5l7xwVqeQlt3b1WMppPvsGAXHsBfHKubH-buFdN0SPlES8hzu13jMZyAMGsb0BBTWQyqURkORsr831Ujii0sQOb1F9jbhHkRCXSKsCflyunxoIfEquM21TNg-2hFXrRSNW-QTOSEskIsmlZKntIC0_Smg799lT2_LcrojlgEw12Qq8k7xFGl4K1Mx9aJBOvPwjdGTS4wqpVFDfKJk23ykbjJYXNjbfIzMpEfReBIQhvhGi2sXAe6EQUppN4i5h3H0qRAK_FxzgzobD8cFGxy1bkswAT1DCQEiV8bXIoUS6D5LD4Oa3AzZUYg0Or9nFS1ECJbHwuThIARFZ-mOLG1XHKNWK9XW427hhoto7cl9_EndVmROoh-ry3_vcqWdU50DQ93sRyw3mmCbkPAb5ax6oiU7Fo9L4JVQQ39MLfr-GSgaxwYB0n--_gY8GuiTu0L9u-GCv6sSXAbXuATHGumpcHZTeOEG1qdlCsWbkFtWaZ1RYu5L6-szrKu1hMHyymcFbRHwT7RHwIasXQ1V9e_sSf9BS5szMasaPtE38vjV2zBiv0j4isWwdH9fZlDzFCG03A57WUJ6nbhrv5e8a3P_gMu1D_oyTgULRHRhaUQzJOoV1KfX5A51cdYe9qGmwCf4u-zhONkrRT7jusi5y1Ea6e6zhon5DfK0-rClgn2qS9m5Z9KtDp2BFUEFEkHwUPMDj3ON02ARBoNYVSp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F991 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BijjN8YExZaOhHqXH7wL7kJiIDAAAAAA4AeAEAg&bg=!KSqlKmXNAAZy-tsgUvo7ADQBe5WfOEL-NR5F8xFtVdKn5bbTvxHxHU41tUvJ77v3QE0RRsloDq22SZA06e_L0gKsZTi_AgAAAPhSAAAACmgBB5kDQYCzgK46ps4mZ4a8PSEyD5IE87P1KorsqdaGXWmRr7-JK0b29KeaxDEpATciOFqUPZC0Q-zmhN2GKZOkEnIlWgEx9MiryBWV0WCNgKz4a0CAjIh5GmDv158In1Py_-TwBOxZA57q-3qMvWRivQ0FcJ28zI515qpNB-hbc7qD9X07I56QH4_Co40IalViu7oKHF7nE_aDTIUFT30ReoFjJJrOK82yZoALIejkm0FE0vx4sCcdMNv2Ed8poaz39Lm5QadiOelttDy5OKNCZKe1vKm6H5PvUIUTGXn2r2OBmSaw8FMpFztilZVGY4LbR84gOpVDw30TPcIVJUYU_tL7gRuxZClZJA9MUvp-T3JvyRyc0-yDQUv7iMdVH3LcaekjfUOArcIj2_Kn_eqGo0U0eK4-KEpXw8zYmd0LKzBf_2l6pb1m9OX5nlGtLVDfpXxLMxGaNcZiRDmuzP9Bf778V_2mQjmCvugNJ_5HwNEqW_HVumU-aXoxDlwJxTPp2LHwOBdtVIlivsnfs-G0ZlFpSGu_de0XH8zg0_cDwFCkWyynEjzQKM8ZZsziZLiCJr_cTDdPeyowi1DI7Fa_i04mBxDhBrYibLvhdCrISZKV2_mYTr4idsBV-4Iz0nMj0i8HtVOevuU2EeqS9vmNpBJ-dpIonri8a4gM6RDSHZS61Asn6XMpVmCZqhy731aYGZ9hjS_jYLAzzcuJJQQRQk_4JXjlAhTXjHgc9Jex22zU-wfhJQPSai_maIQUmbWngZdy1SjBI8kU3cfWD7xiN07VIy8B8l_m0-2wiZCVJjtx3cO19hR6AnokoN_IwX0JSRfxiavPSMW4rIiZs_1gOBE54-i5qyXUmGaZr0g_HXbowfToDSCYstoJefUTKSpukhbQqIzJAjrvF15c6efdqu6vnhLTPCCGUQrcM6E4aSDBeNSqNAot3d2H0ld_aeyDb07Hg0m_3eo22uR_HaQE_harxDdSmABGiSltoacr5vHDVB0Lypf-K48cSDEerP320LQra_iDBm0l8qH0espU_HGd_4PiZSgsqqjRxl1azNsn731vLGwf1xP1SgmTGBNsHJlPT12t9mUppnCTM9oPg8Qr06jz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame DEBC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
313511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
52665877
mc.yandex.com/webvisor/ 		43 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/52665877?wv-part=1&wmode=0&wv-hit=453456672&page-url=https%3A%2F%2Fnewsblog.pl%2F&rn=373602031&wv-type=7&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1697743348%3Aw%3A1600x1200%3Av%3A1140%3Az%3A120%3Ai%3A20231019212228%3Au%3A1697743344670733575%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Ast%3A1697743348&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsblog.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:28 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 19-Oct-2023 19:22:28 GMT
content-type
image/gif
access-control-allow-origin
https://newsblog.pl
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 19-Oct-2023 19:22:28 GMT
52665877
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/52665877?wv-part=1&wmode=0&wv-hit=453456672&page-url=https%3A%2F%2Fnewsblog.pl%2F&rn=226339369&wv-type=7&browser-info=we%3A1%3Aet%3A1697743349%3Aw%3A1600x1200%3Av%3A1140%3Az%3A120%3Ai%3A20231019212228%3Au%3A1697743344670733575%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Ast%3A1697743349&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsblog.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:28 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 19-Oct-2023 19:22:28 GMT
content-type
image/gif
access-control-allow-origin
https://newsblog.pl
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 19-Oct-2023 19:22:28 GMT
csi
csi.gstatic.com/ Frame ADE0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnxkjy91&c=244138353747&slotId=122069176873.5&qqid=CJjC0-fqgoIDFfMI-QAdwC8OxA&umsem=0&ple=1&ape=1&met.4=vil.lnxkjyw7~vfl.lnxkjz2n~vfl.lnxkjz2n
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4ed6cf481704aeb182b0f1535c272bdb.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.35 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sfo03s26-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:22:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
52665877
mc.yandex.com/webvisor/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.com
URL
https://mc.yandex.com/webvisor/52665877?wv-part=2&wmode=0&wv-hit=453456672&page-url=https%3A%2F%2Fnewsblog.pl%2F&rn=654844871&wv-type=7&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1697743349%3Aw%3A1600x1200%3Av%3A1140%3Az%3A120%3Ai%3A20231019212229%3Au%3A1697743344670733575%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Ast%3A1697743349&t=gdpr(14)ti(2)

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| __cfQR object| _wpemojiSettings undefined| $ function| jQuery object| cnArgs object| a5_0xa7a5 function| a5_0xce9c object| adsbygoogle function| ym object| a function| b object| lottie object| bodymovin object| wpreactions object| bam function| bamToggleAttribute function| bamDomReady boolean| __cfRLUnblockHandlers object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| config object| firebase function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter52665877 object| GoogleGcLKhOms object| google_llp object| googletag

33 Cookies

Domain/Path Name / Value
js.streampsh.top/ Name: __psu
Value: cec0d20d-bafd-4cdb-902f-0281bb963e1f
nxt-psh.com/ Name: __psu
Value: 26469826-2854-4c7e-afaf-34bd67266556
.yandex.ru/ Name: i
Value: n9xCVgTfZjlG97GIHHhm+zcXyfIsH3IMitvQHYxvHbfiMfz0cDe965fBB0VcyPEjBFwVws1/dqIvDG6bag6jzxWUhlo=
.yandex.ru/ Name: yandexuid
Value: 9542906941697743343
.newsblog.pl/ Name: _ym_uid
Value: 1697743344670733575
.newsblog.pl/ Name: _ym_d
Value: 1697743344
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3136314837fake
.newsblog.pl/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3151895379fake
.yandex.com/ Name: yandexuid
Value: 9542906941697743343
.yandex.com/ Name: yuidss
Value: 9542906941697743343
.yandex.com/ Name: i
Value: n9xCVgTfZjlG97GIHHhm+zcXyfIsH3IMitvQHYxvHbfiMfz0cDe965fBB0VcyPEjBFwVws1/dqIvDG6bag6jzxWUhlo=
.yandex.com/ Name: yp
Value: 1697829744.yu.2988503791697743344
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 624502331697743344
.yandex.com/ Name: ymex
Value: 1700335344.oyu.2988503791697743344#1729279344.yrts.1697743344
.yandex.com/ Name: bh
Value: KgI/MA==
.newsblog.pl/ Name: _ym_visorc
Value: w
.doubleclick.net/ Name: IDE
Value: AHWqTUm1HX63dOAjmVaQBoE9v4Bh-NlEGmCJrNaZl8Tv9Gic5iK4GcitTnz7G7pd
.casalemedia.com/ Name: CMID
Value: ZTGB8dKQIPcdWtV42XieDgAA
.casalemedia.com/ Name: CMPS
Value: 1153
.casalemedia.com/ Name: CMPRO
Value: 1153
.newsblog.pl/ Name: __gads
Value: ID=3ad7853651e5ca0a:T=1697743344:RT=1697743344:S=ALNI_MaKQlPz0fQXWZspQS8XK5CpLVuwgw
.newsblog.pl/ Name: __gpi
Value: UID=00000cbbaef1dec9:T=1697743344:RT=1697743344:S=ALNI_MZd644Lan8OqTtoSVaUWcxHNEu9xA
.adnxs.com/ Name: uuid2
Value: 9093074611666579914
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImOc$v26!2(6)(<j<dINiYhTyXnfi8FW/8O*xrddaZMdG-1R7$8[t1-=b[b6S<rt@JUx(j#iP(Md+>)fy)n-BUIp
.ctnsnet.com/ Name: gid_CAESEG5GJlbL3hiRL4rnWfkJsdY
Value: 1
.w55c.net/ Name: wfivefivec
Value: cph3pYmH1QTyBc5
.simpli.fi/ Name: suid
Value: 43994DBC53874C12BE29F2CA464290E5
.yahoo.com/ Name: A3
Value: d=AQABBPKBMWUCEN2lz-lgJ6P-rc0ofAVfOL8FEgEBAQHTMmU7ZQAAAAAA_eMAAA&S=AQAAAp9ap76BDfQ5D8-43jjGdFk
.googleadservices.com/ Name: ar_debug
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.ctnsnet.com/ Name: cid
Value: 518313124f9c4e3b994fbc080c37b134

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ius.ctnsnet.com
js.streampsh.top
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
newsblog.pl
nxt-psh.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r6---sn-5uh5o-f5fs.gvt1.com
redirector.gvt1.com
s0.2mdn.net
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
mc.yandex.com
104.18.26.193
104.21.66.238
142.250.184.194
142.250.184.206
142.250.184.238
142.250.185.110
142.250.185.131
142.250.185.194
142.250.186.162
142.250.186.42
142.250.186.67
142.250.186.98
142.251.32.35
15.197.193.217
172.217.16.142
172.217.23.102
172.217.23.98
172.67.172.12
172.67.194.119
18.195.155.219
194.9.25.81
216.58.206.33
216.58.206.36
34.160.236.64
34.91.62.186
35.186.193.173
37.252.171.52
52.29.172.170
54.229.245.224
93.158.134.119
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
041a1e6b7cb87b0e41ab9807dfc3deaca0b04845bd8936d6ce4ceafc399bbadb
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04e07b0b81b12fa8de1fac21b87a28d5f314a51e79b43ce1f7f58824912e089a
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
0995f8e56171bd4419118867e4bd6321ef761d9c82f4499abcd7297bcde91e83
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f251e3845ff9732ff88157427adc268544e9c2d510475c578dea91b71dce7a3
0f97c019cf60cba5deef1b8fd1f75fbc0cbe92b644c53d3b7017e761e948a14a
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
112ac8e55219f80143e21983c479fc2d15898ad96bf79ed3ac3edb24abc7daf1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14b9d08d33adf53f11533be80f80b804e6fbf4d0f5d5317468e63ef0b9a917b8
14cb2438e7cd7b7a870e4d8c1266dd7f2d524acaedc92eb685e39e9c357f403a
15b85867ad63bec884a25c0f3d924b6936017c1714ffcf9bee9b9e77d573b3ea
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1bccdb9d5ae278996857f388e8a088a552af3f9b961b1a89e7dfd9ef0fcc8400
231421b3e29f706488b17a32e111a4c898e209f07312df06a4936390d1215e1d
27eaf8fae9fe065ba6fec8cd8ee5dcb732c564f6b1613037241c4778ed29dc19
28191615ad584e701c9eea9dd088d8812f9750ada00eb4e770aa75932a75cbe1
285c029d20ccafe127e629119de97aae44d2beba9f18c33e77b54a5fe280d6f9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e16a97e2de08a13ca6c27ac18df101d20acbd6a79a6554da6f892830e6be75a
2ef455cf272c4d30f81b34738b10171435125bc137c8c640241ef69c02cde156
2f73beaee05c349a08b7592376d8e5c285362c3a59d277d771fd68cd2d7e3949
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b73ec2e904bc1b88c92fb3921ac9a09b6a6cf2ae9e814783f19f2b89ca47900
3bd62df1ca32ea464412aff15d9cde043377a23bbe9a3f1c2dc456348c0f6de2
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
41f97c67a1b415041ae228959caecc77dcd757a3178c3175691a480baed717a6
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
4750837aadfa9131d3eba86c73f1436cd538b9537938f751ad46c318e7594d47
484f006d04d484d54db0bf460397d76a7e1e2f6d56e388e32661c24b3d14539e
4884d0e626b5cc19230a7299d9c4cd78a961211b7e7a70563f00fc95e69e788b
4b325195b8656820d08b63d93c6acc66c5e8ecdbb3613ac490e70d1437bd8b36
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d4945def0503ff7eeba273247516447a41ba4d0dc21993d7f681a6635ec8c7b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5035abcc8ed5bd2656f7761aba8262f030d6369460b4ab0664030966ad413383
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c06207800de27e9b60f6f94c65bc8102a41d008ef35893096184d04e4bca7b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55af3cc22655ef1e5a51d9bf91c50e1ebbff345d1abcc6854fe4f93b0375a3dc
57d4ea46f56cdb09ee5c6d97830314e3f49979f55374eb046875f4a19e7c3f5f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5dc85686fa8738346a1b37288675d57432525d0b37c4cf15d3d3dd7fa21a43fe
5efda6e77d707f1cd68380ebe8a0fc569df42eb60ebc890544f0f69165823c26
61751bf96552243553e61b2eccb722252c81974d766c87d453c4757446819d30
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655dd7e2938c91fbeaa74bb53faf93b42588df3291de5f0410c261dac92fc37c
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
677715463ac1daa6cbefa1fe44b4f72c4c2dec548954c183a8b3e37f9a76a303
682041fd00a54d208bf9738426d26f913827fb09281ea8d972d175a251bc9859
722f6d7af8aff3a53c3b9876977906cf0e0e288eafd067c0a24c0ccbdd93c0c6
78e6b67e1bf0a4ac43c67d860377b33383cd3464096e154f6a488505b6950e5a
7bcab07242bdf7781dea3588e71bcdc04a80f8a4d33323cb716cb0b5ddb1fc17
8106b630679a31b93e0f9d0d2887094cddff99bfa0533c83fd57345999754a3e
8416e74d3e21b201d0cf74b83f9befe353bcb3d4726a49dadbd4ebd5a1ae8a89
8956b5d3d4f6ceb046d96808ca406cc3f9818ae81bfc53dbc4b50e48fd565395
89ed5cad1bd9d0e372e3ca4763e25d1cae439c7bdf1245dee7c1a7bb23e7a675
8d59b8a4a61a669d41c2e088ec97d46465d54464ca283b126c59c8dd982cccfb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9884aee2199a880eabea8058c1f9ec32b0e47b2be0334ebc0511129d8150363c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98fefe7f547279bd255dc14dc672ff50e5b5d330f6ae9d2fc3b0784be4b40de4
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abf925c254914514bc99708340162dc29286ef9938622914ed3584638a95466
9c6de5e4de988ae2e264a629e81be95df41c04bb70d0c63343b4eb4efeed6bae
9dbad397de673f5e93af50f9fcba17acfe0edd55db465f4e9bd0f51df9bbe08f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a03c30bb4cc6ce5da423ca0b5bd47b9a77909edf60d75bf24b040889314f4ff0
a169acafc13872aa37ae4c6cded9de814b40d8023af37f9fd61fc9ea5d4fdf0d
a5d6d290e59be45c467b48178beb643033532efe1a7a00a75328794386983e98
a6d57a6420d9c827ef9f0a6b0e65a6ff6d5c5b6b3f6a9b9a35ed83a8747597ab
a724a8b6da1e73d32a3b95a6267dfc95b2bacde30600efba825e3f5d0a32b29c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
a92158e3d88dfd0e0fd6af2911a18cbe6d0d8c49f478cccfbe4783e470daf9cb
ac04b5f64f341789a941b5cc68e7e7e500fcb52181f2a7d41b77cd0de2745595
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
ac677702ea2099eb0ffb959a56265257f0ce2c9f1732c07cfd858930300b2374
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aefb731eb611b6a2eeb1c52413e5fc858e1dea0cfcd730ee1ba4e6b676b8d35d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bde6f2598d0878bdd05bd3a8a7d7b2a74a53198ba98071f6dd90806fe2365a3a
be6f43ffe07dee38b8ab34a08d9943c26cd2c1efc7bb0da77329ac509f31c98c
c12b2877e96785c91d676fd954c8d63f9970606bb72783f146d69628002bb14c
c2e4a391491137c6c356462dbf8b58181bbdb060948ddf5fd9b9cd6128720356
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
cc6c467374b0c5de280d8a27c3d99f4f15f1b0d1a87138d5647ffb8e4a09ade7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d002d18330c9ef9a8b829c1aefa1fb3366e89f3bf5ca3da0d1c956f85b68cb1b
d1b394b9b659e379ea790fadc93e3feafdeec997a9d1bc5965de45f23f4aed4c
d2cf102d89eabc17a09cad04dcd8cacc8b801b42e88b43d56022f0df43ab86e1
d45a9318be3e2c2a4c5c6490f0f513307d8728b5cad41f002f4950f58c724035
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d700b0cb40cd4aabd91502d7ecc53596d59019a1bb7bd9861e6deffe510c9e3e
d7fd85855f901dbedc50daf4fa500c5c4d177517d9f8040cfd60c368e8efcee6
dc63c2cc175ac9c7f9f49e230dfde30409811ac8fa77f3fd081caa397208525a
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e111108c22cfabd436103523388eca3345c36df7c1eb67289a07ba0574bbcb33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ffe8a175dc8193552aecb55c311ba2c6ff1ba9edbfd259ea022ab099668908
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e5688319ea093a91c367a5f64f22b2012affd2a2bf80a8e31a6f4e02c67fb1ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0333a58c2644c2aa817bf8c2d377724f8d61e60dbed56a9f96fe58d8eaee951
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f3b4d0295867e049e19d4e3bba27032e162831f65cb81a2b52888e95090d2b43
f3c255d2653a430143c81c0564a15836c83a1c6b6965397c9130ee472955a95c
f51f1b5df5012c0c804b88442852957373287da4cbde52411ac785937cfc1241
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
fb159baab95e622f82a9d954bb37999df895ae33b6e5727db845e7e91148c7cd
fb1c047eca22933fad3678dffa447ad833745e2ae0b4d14a476b3b658d152e54
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fde89ed4dbb4eb9044becd9ccd514d9c1ce02e8cdf903bd9e607fe0682c3f22b