urlscan.io logo urlscan.io
SecurityTrails logo

qrntwski.ugu.pl Open in urlscan Pro
178.33.52.226  Public Scan

Go To Rescan Add Verdict Report
URL: http://qrntwski.ugu.pl/
Submission: On June 18 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 6 countries across 14 domains to perform 73 HTTP transactions. The main IP is 178.33.52.226, located in Murs-Erigne, France and belongs to OVH, FR. The main domain is qrntwski.ugu.pl.
This is the only time qrntwski.ugu.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    178.33.52.226 (Murs-Erigne, France)

ASN16276 (OVH, FR)
PTR: users1.ugu.pl
qrntwski.ugu.pl
4    78.47.91.49 (Germany)

ASN24940 (HETZNER-AS, DE)
static.stooq.pl
static.stooq.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    212.77.101.20 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
cw.money.pl
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
11    193.17.41.93 (Poland)

ASN31080 (O2-AS, PL)
static1.money.pl
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
7    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
4    185.33.223.178 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
googleads4.g.doubleclick.net
14    37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
Domain Requested by
14 s1.adform.net track.adform.net
s1.adform.net
qrntwski.ugu.pl
11 static1.money.pl cw.money.pl
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 track.adform.net googleads.g.doubleclick.net
s1.adform.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 cw.money.pl qrntwski.ugu.pl
3 www.googletagservices.com qrntwski.ugu.pl
securepubads.g.doubleclick.net
6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 www.google.com 6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net 6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
qrntwski.ugu.pl
2 6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.google-analytics.com qrntwski.ugu.pl
www.google-analytics.com
2 static.stooq.com qrntwski.ugu.pl
2 static.stooq.pl qrntwski.ugu.pl
1 s0.2mdn.net s1.adform.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 qrntwski.ugu.pl
73 22

This site contains links to these domains. Also see Links.

Domain
stooq.pl
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://qrntwski.ugu.pl/
Frame ID: 103B7183E3FA1255273003D7342BCBFC
Requests: 17 HTTP requests in this frame

Frame: http://cw.money.pl/indeksy_gpw.html
Frame ID: F69928AA341EC28E86C0E9E35A1CB818
Requests: 3 HTTP requests in this frame

Frame: http://cw.money.pl/mapki_pogoda_mala.html
Frame ID: AC9DF83590338A1BF09DED3EB9F006C5
Requests: 4 HTTP requests in this frame

Frame: http://cw.money.pl/wiadomosci_kraj.html
Frame ID: DAA6315F6CD1C4088FD47A6EC8A3ABBE
Requests: 4 HTTP requests in this frame

Frame: http://cw.money.pl/wiadomosci_swiat.html
Frame ID: EBB70C616BFF1F234C4FA7DDF26E8FE3
Requests: 4 HTTP requests in this frame

Frame: https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CAEE5F5FD02F2E0B5463B9F27E2CD2FE
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYY3Mz7nAEwAQ&v=APEucNXHHWhRJHjCQnfQ2Z17vcxiaDpov8loXYQ_TWmyOjQAJdkjcQTBnhXhaXY0JB6d6qw7Knhhk3GUOc8vTM6R6bUX_tQCws96uHThLsSZNJWGQUzx65TIepMPLEW2qNr6HINjT-43SsuluxjzJJh2v67MWGbc9OTg12WPEuXYAyoS2L7MfAk
Frame ID: 0E367D7770F8FBA979B7F26AC2EB6E41
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 062E7B8D869A31F155DEDC658F687175
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF3EA7843F841936DF5AE485067FA8D2
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/143915/9216004/9216004.js?ADFassetID=9216004&bv=257
Frame ID: 036B76DE9032F9185780FB9045A83A93
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

73
Requests

70 %
HTTPS

50 %
IPv6

14
Domains

22
Subdomains

23
IPs

6
Countries

452 kB
Transfer

1082 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 38
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBk1tDHMmNWvvDIHNM-dUKM&google_cver=1
Request Chain 39
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMy3H1UqFxxfzED.3DyN6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBk1tDHMmNWvvDIHNM-dUKM&google_cver=1&google_hm=2
Request Chain 40
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEM45PiTA4HSoY6BDH4Ualn0&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM45PiTA4HSoY6BDH4Ualn0%26google_cver%3D1
Request Chain 41
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyMTM5NzU5MDE1NTM4Mzk3OA%3D%3D

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qrntwski.ugu.pl/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://qrntwski.ugu.pl/
Protocol
HTTP/1.1
Server
178.33.52.226 Murs-Erigne, France, ASN16276 (OVH, FR),
Reverse DNS
users1.ugu.pl
Software
Apache /
Resource Hash
c0ec44f4575f5910328aa02dace59ca7d14ca4f91b726df40a4c78baee81c42a

Request headers

Host
qrntwski.ugu.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:16 GMT
Server
Apache
X-Adverts
ugu.pl/0.3
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2544
Connection
close
Content-Type
text/html
wc.js
static.stooq.pl/pp/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.stooq.pl/pp/wc.js
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
HTTP/1.1
Server
78.47.91.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
c6a22f2c0374aa4368e5198e91a3629d2e0161549624cf1ecb57a41c6b2e3341

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:16 GMT
Last-Modified
Fri, 18 Jun 2021 15:08:27 GMT
Server
nginx
ETag
"60ccb6eb-652"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1618
cc.js
static.stooq.pl/pp/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.stooq.pl/pp/cc.js
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
HTTP/1.1
Server
78.47.91.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
c3d3c280035b927616d0ca3a8ccb9b67990bd30e5d60fe0943187eaa711e8dcd

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:16 GMT
Last-Modified
Fri, 18 Jun 2021 15:08:27 GMT
Server
nginx
ETag
"60ccb6eb-665"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1637
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
692ed6f5fb5ae582c77bad065c4cd169e718f52f05f47f4190e12c5405327f2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"905 / 426 of 1000 / last-modified: 1624014547"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
21452
X-XSS-Protection
0
Expires
Fri, 18 Jun 2021 15:09:16 GMT
indeksy_gpw.html
cw.money.pl/ Frame F699 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cw.money.pl/indeksy_gpw.html
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
HTTP/1.1
Server
212.77.101.20 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
Software
nginx /
Resource Hash
7a22cf54a7e1cd208306c07b3a5ba02d221adfe666f1b59f4182154ba860b631

Request headers

Host
cw.money.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://qrntwski.ugu.pl/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://qrntwski.ugu.pl/

Response headers

Server
nginx
Date
Fri, 18 Jun 2021 15:09:16 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
837
Connection
keep-alive
Content-Encoding
gzip
Vary
Accept-Encoding
mapki_pogoda_mala.html
cw.money.pl/ Frame AC9D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cw.money.pl/mapki_pogoda_mala.html
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
HTTP/1.1
Server
212.77.101.20 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
Software
nginx /
Resource Hash
3896ca9d9fe2190ef9e74084ce76851821eee6dc8234c20a2038ee673cbffabc

Request headers

Host
cw.money.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://qrntwski.ugu.pl/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://qrntwski.ugu.pl/

Response headers

Server
nginx
Date
Fri, 18 Jun 2021 15:09:16 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
851
Connection
keep-alive
Content-Encoding
gzip
Vary
Accept-Encoding
%5Espx_1d_l.png
static.stooq.com/c/ 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.stooq.com/c/%5Espx_1d_l.png
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
HTTP/1.1
Server
78.47.91.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
05c2866536d1933fe1745da7ff285285176b19c45bfec4739347b8300c982a04

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:16 GMT
Last-Modified
Fri, 18 Jun 2021 15:08:26 GMT
Server
nginx
ETag
"60ccb6ea-32e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
814
eurusd_1d_l.png
static.stooq.com/c/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.stooq.com/c/eurusd_1d_l.png
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
HTTP/1.1
Server
78.47.91.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
af66905f979121c1672fe7cd094daa635a5ab814061409453b8fc3906d908795

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:16 GMT
Last-Modified
Fri, 18 Jun 2021 15:08:26 GMT
Server
nginx
ETag
"60ccb6ea-45d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1117
wiadomosci_kraj.html
cw.money.pl/ Frame DAA6 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cw.money.pl/wiadomosci_kraj.html
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
HTTP/1.1
Server
212.77.101.20 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
Software
nginx /
Resource Hash
fcfc2a5e742669c147f88df265b0a17060b58be928918596e01cdeb166bfbf92

Request headers

Host
cw.money.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://qrntwski.ugu.pl/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://qrntwski.ugu.pl/

Response headers

Server
nginx
Date
Fri, 18 Jun 2021 15:09:17 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
2228
Connection
keep-alive
Content-Encoding
gzip
Vary
Accept-Encoding
wiadomosci_swiat.html
cw.money.pl/ Frame EBB7 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cw.money.pl/wiadomosci_swiat.html
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
HTTP/1.1
Server
212.77.101.20 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
Software
nginx /
Resource Hash
7d0412698e9ab06654b7ae9b30e9c9278dbfaac3a9306ea0cd5cbdd2bffe3259

Request headers

Host
cw.money.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://qrntwski.ugu.pl/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://qrntwski.ugu.pl/

Response headers

Server
nginx
Date
Fri, 18 Jun 2021 15:09:17 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
2139
Connection
keep-alive
Content-Encoding
gzip
Vary
Accept-Encoding
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
640
date
Fri, 18 Jun 2021 14:58:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 18 Jun 2021 16:58:37 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
pubads_impl_2021061503.js
securepubads.g.doubleclick.net/gpt/ 		325 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Jun 2021 21:10:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116743
x-xss-protection
0
expires
Fri, 18 Jun 2021 15:09:17 GMT
moneypl_pp2.gif
static1.money.pl/i/loga/ Frame F699 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.money.pl/i/loga/moneypl_pp2.gif
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/indeksy_gpw.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
97f4c286f54019fbb874f2fce6c9d026b6016dc6aa9993a567f7bd5405c12b61

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Last-Modified
Wed, 20 Feb 2019 15:36:58 GMT
Server
nginx
ETag
"42b8fe967bde79769819483f50cffd1d"
Content-Type
image/gif
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1358
Expires
Fri, 02 Jul 2021 15:09:17 GMT
swfobject.js
static1.money.pl/j/ Frame AC9D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static1.money.pl/j/swfobject.js
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/mapki_pogoda_mala.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
ed03c6362a5b7fa3c0e4ed7afc991fc6471a25f3d2af8d3f5111137ae1ae853b

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 15:37:02 GMT
Server
nginx
ETag
W/"5e4c8d122c50c2c810d19bc9cef61628"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Fri, 02 Jul 2021 15:09:17 GMT
moneypl_pp2.gif
static1.money.pl/i/loga/ Frame AC9D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.money.pl/i/loga/moneypl_pp2.gif
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/mapki_pogoda_mala.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
97f4c286f54019fbb874f2fce6c9d026b6016dc6aa9993a567f7bd5405c12b61

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Last-Modified
Wed, 20 Feb 2019 15:36:58 GMT
Server
nginx
ETag
"42b8fe967bde79769819483f50cffd1d"
Content-Type
image/gif
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1358
Expires
Fri, 02 Jul 2021 15:09:17 GMT
moneypl_pp2.gif
static1.money.pl/i/loga/ Frame DAA6 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.money.pl/i/loga/moneypl_pp2.gif
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_kraj.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
97f4c286f54019fbb874f2fce6c9d026b6016dc6aa9993a567f7bd5405c12b61

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Last-Modified
Wed, 20 Feb 2019 15:36:58 GMT
Server
nginx
ETag
"42b8fe967bde79769819483f50cffd1d"
Content-Type
image/gif
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1358
Expires
Fri, 02 Jul 2021 15:09:17 GMT
moneypl_pp2.gif
static1.money.pl/i/loga/ Frame EBB7 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.money.pl/i/loga/moneypl_pp2.gif
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_swiat.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
97f4c286f54019fbb874f2fce6c9d026b6016dc6aa9993a567f7bd5405c12b61

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Last-Modified
Wed, 20 Feb 2019 15:36:58 GMT
Server
nginx
ETag
"42b8fe967bde79769819483f50cffd1d"
Content-Type
image/gif
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1358
Expires
Fri, 02 Jul 2021 15:09:17 GMT
a3.gif
static1.money.pl/i/ Frame F699 		46 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.money.pl/i/a3.gif
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/indeksy_gpw.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
4ca63bc497ed178be3a527fc4232ae72a4ba9b6858554f028679c4f5542b274a

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Last-Modified
Wed, 20 Feb 2019 15:36:54 GMT
Server
nginx
ETag
"50b0df7abd5e56775031bf761ef653b9"
Content-Type
image/gif
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46
Expires
Fri, 02 Jul 2021 15:09:17 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=635579880&t=pageview&_s=1&dl=http%3A%2F%2Fqrntwski.ugu.pl%2F&ul=en-us&de=ISO-8859-2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=902120493&gjid=1336148414&cid=1529167819.1624028957&tid=UA-1665446-6&_gid=183269283.1624028957&_r=1&_slc=1&z=222425660
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://qrntwski.ugu.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
a3.gif
static1.money.pl/i/ Frame DAA6 		46 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.money.pl/i/a3.gif
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_kraj.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
4ca63bc497ed178be3a527fc4232ae72a4ba9b6858554f028679c4f5542b274a

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Last-Modified
Wed, 20 Feb 2019 15:36:54 GMT
Server
nginx
ETag
"50b0df7abd5e56775031bf761ef653b9"
Content-Type
image/gif
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46
Expires
Fri, 02 Jul 2021 15:09:17 GMT
a5.gif
static1.money.pl/i/ Frame DAA6 		46 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.money.pl/i/a5.gif
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_kraj.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
a7de4e3bef1ab6d526efc5fd7937168ea532f5c874434370e42eeb1c48e48b46

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Last-Modified
Wed, 20 Feb 2019 15:36:54 GMT
Server
nginx
ETag
"23029e5631945735f2bba9c7ad5a654f"
Content-Type
image/gif
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46
Expires
Fri, 02 Jul 2021 15:09:17 GMT
a3.gif
static1.money.pl/i/ Frame EBB7 		46 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.money.pl/i/a3.gif
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_swiat.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
4ca63bc497ed178be3a527fc4232ae72a4ba9b6858554f028679c4f5542b274a

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Last-Modified
Wed, 20 Feb 2019 15:36:54 GMT
Server
nginx
ETag
"50b0df7abd5e56775031bf761ef653b9"
Content-Type
image/gif
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46
Expires
Fri, 02 Jul 2021 15:09:17 GMT
a5.gif
static1.money.pl/i/ Frame EBB7 		46 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.money.pl/i/a5.gif
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/wiadomosci_swiat.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
a7de4e3bef1ab6d526efc5fd7937168ea532f5c874434370e42eeb1c48e48b46

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Last-Modified
Wed, 20 Feb 2019 15:36:54 GMT
Server
nginx
ETag
"23029e5631945735f2bba9c7ad5a654f"
Content-Type
image/gif
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46
Expires
Fri, 02 Jul 2021 15:09:17 GMT
a3.gif
static1.money.pl/i/ Frame AC9D 		46 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.money.pl/i/a3.gif
Requested by
Host: cw.money.pl
URL: http://cw.money.pl/mapki_pogoda_mala.html
Protocol
HTTP/1.1
Server
193.17.41.93 , Poland, ASN31080 (O2-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
4ca63bc497ed178be3a527fc4232ae72a4ba9b6858554f028679c4f5542b274a

Request headers

Referer
http://cw.money.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 15:09:17 GMT
Last-Modified
Wed, 20 Feb 2019 15:36:54 GMT
Server
nginx
ETag
"50b0df7abd5e56775031bf761ef653b9"
Content-Type
image/gif
Cache-Control
max-age=1209600
x-rgw-object-type
Normal
X-Proxy-Type
ceph
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46
Expires
Fri, 02 Jul 2021 15:09:17 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=qrntwski.ugu.pl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Jun 2021 15:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=qrntwski.ugu.pl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Jun 2021 15:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3886039952313360&correlator=2108122991874355&output=ldjh&impl=fifs&eid=31061039%2C21065725&vrg=2021061503&ptt=17&sc=0&sfv=1-0-38&ecs=20210618&iu_parts=1708342%2CUGU_PL_StronyUzytkownikow_CSWE_naglowek_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=23&abxe=1&lmt=1624028957&dt=1624028957694&dlt=1624028956757&idt=834&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=8&adks=2559276565&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fqrntwski.ugu.pl%2F&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1529167819.1624028957&ga_sid=1624028958&ga_hid=635579880&ga_fc=false&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1f4db5fe3e011a8915fab18c2ef8e99c18e92ec45752180c07d0daa5e6ac2b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7272
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://qrntwski.ugu.pl
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAEE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://qrntwski.ugu.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://qrntwski.ugu.pl/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 18 Jun 2021 15:09:17 GMT
expires
Sat, 18 Jun 2022 15:09:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:18 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842926269324"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28241
x-xss-protection
0
expires
Fri, 18 Jun 2021 15:09:18 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061503&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9642be2fef7b9fd43a0066cbb51ac89c5a71c37e412e686fbf472270518fb802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Jun 2021 15:09:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7915
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 18 Jun 2021 15:09:19 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0E36 		624 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYY3Mz7nAEwAQ&v=APEucNXHHWhRJHjCQnfQ2Z17vcxiaDpov8loXYQ_TWmyOjQAJdkjcQTBnhXhaXY0JB6d6qw7Knhhk3GUOc8vTM6R6bUX_tQCws96uHThLsSZNJWGQUzx65TIepMPLEW2qNr6HINjT-43SsuluxjzJJh2v67MWGbc9OTg12WPEuXYAyoS2L7MfAk
Requested by
Host: 6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
URL: https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COD5IRDDhCYY3Mz7nAEwAQ&v=APEucNXHHWhRJHjCQnfQ2Z17vcxiaDpov8loXYQ_TWmyOjQAJdkjcQTBnhXhaXY0JB6d6qw7Knhhk3GUOc8vTM6R6bUX_tQCws96uHThLsSZNJWGQUzx65TIepMPLEW2qNr6HINjT-43SsuluxjzJJh2v67MWGbc9OTg12WPEuXYAyoS2L7MfAk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 18 Jun 2021 15:09:19 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnvAkptgAV7JiQ-eoyFeF15HkHLhEjoxWrm8cy3_rIusvbEhRw_AVL4UeTc; expires=Wed, 13-Jul-2022 15:09:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Jun 2021 15:09:19 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CAEE 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgAHJvv7LdicC-U9pPmoofAymr4_hFn2RRjEzp-ooIXlgBtKfMm8-NM8ewbQZIGRVtyCDF6b8IkOwK2UqTZS462NZ41a0O1sYBweP9hd-Gul7Nx7KL_zgCmAgO05F1SyRJqqdB9H3TLV8pKh3sV0_EG24KMw&dbm_d=AKAmf-Cv_RrrBCBZOL1rffr_lnqEyZZbZOGdzN_ckQpwys4uglTwLJf_RaJfUDGDPodHQLNHf_MMiSvpHxxLgxm7Er-GwFcEIUVXRSP3IETgqEnA6icp6RvXewyt9QQ8jhVRPflamBNxTC3NDb1q6D_YVJatDJOP1nLTiVsxLCcIKi2fIArKHumfbzo105fEfGySyg4cnnfWGi3bF_FNGzLCb2BD3xkQI2JqPiI1lL9AyVTvFbbY-4Nxvp5HFIFnIq-uue7nyml_v1hHfM4LEWZEvt4lOaRYAKKxXfyStpy-VuwQjMTNQmeZQtlhCDK-NoLGh6qgj0Ip-lla78OU2Wog3_rM3XldrPUJBw7qRTOp1rqHSqTjtnTd78_xBWvWcyxPAal03DKQVPlp1TsOomZLlX80qRaK6bGg3-GxkW2U4dm7GVmlhxriJBs7PgzqBLI3MDGtKPS-ykkBmPJQR_xPvbjikpQUQsgZypQZNrNaZGcF5qNfbeGPeXetzMeaNlMivEItXKduKvW5ccQlcvog-kg_0LIfztSQ6yS9w1-NHeLPyTH7WP3R4zGKVnQwztozED9UEIpmHQXfBtiC0ufN3JbHMpzlGUpheGXjuBO3CwSIEV5DegLJs81QddcLHsvO2kBMGYUvudtfqv2WbDPx9TJcwOErqSOargcSDMTQujpEyXBZA7rJrMQUqNo-F1YEvxfyg7Rjuc2geMslp7-7aHeXtlrTyWIUPSb0P3u0JiyxS8TaFD6ILJHFNBaEO2VA662ShStXJWI91maenYOaMXg1Mnk-21nRV3tQ3PtanHmkDKlu8wIH0Ggl7IWgnf3IYdjUHexUadNWl0AUu0pnDKnIqrNUk6Eyrsep0-kB1m1tkx08D1WCIFkUsV3tOHsOvG8f9gQ2oCQCbuX3Z87qzzyqP442SFlzMSsFZPOxuTssxj20GolmLH923OUZ6V7xgKREWTL6oqAYfo5A0BNANOEV3WAr9KBLcC1sCdQhc0T8SerDP1VmLk_lf98d4kUtvU1Oba9dFsQSY5DTAof-ZmCzqPMPFq0UOE0alk6R-N6s2jbU7AHH4x98QewHcMlOJIaBpn5nGLxqo2XdZ7tWESFXkyHBJE6ejU1YgmICmwGI5SXGJ4vcuF5ap7DXfPAAnTDd_gfh8J7mjBigFwRn4nXN52cbqPLdTadfffCAOAm9HuEb88NXXEIvI_w6iXoGZxJxQcBTdN0OUEGLuGTjOaUlEd6h6phWSNRaVxvwLC4JgGCy6R_lW1Ay181ACTqBYJNjmoDnRrLZUBl8V3V2itcL0Dn0KoX0If0mqtao0v-JyXQIw6dsXKqYQLCVMozecelEnUNUvD5rBdmqFzWLD8y65gDy6l_3DDuv3vWgVi_NcMsJ2m7OwYPIR4MJRcBhtSqSkiJwm4UxbbSdkTfIJlTitADyVzCzN2HAJ9_tk_AihaLWL6kwebx1CRQ1Xf6rSyfPYYTtVLRIxLlExDKTUw1epOXAOt8TPbht30tv6hsjOKGPqw0kZUDbc0RHZorr9keSOEw0ZwBZCpRjryjBVTTv1-w9Kqcl1K-HCb3tcnKaW-yzgOjUcsqWqIN8EoKBuoA88zwueWvolnqLw0ZJC9HO1wjYKNc7t4ck-wVj-LBzj183j3J47W39k-zlYdWxbsY6Ll1iUPKN8G_umRZvFOrbQtG-_so9cL7Dth-Zwt7Gt-5i3tN1NGk56SofArWxV6eYK2vACUzIArBl4kEdQlMRcCtTuiAmvurGhG7ApFs4MUNB9GgxTCGtoBnJt5FPl_RcVvC2amTtHSpJQJtH_He1s-Xejoti5j-u5lntlPWJJL6kXD5chD5LSHLpWGYm3q1ctzkC5JhrWnKpUDqFyPkdkyMQG0v9dg-nGVYPuAkBvWYnRrvMt-WuOUtGfYL7Mdramg-C9D9Ym2PKPBHK-Wb7XQS4ggt9A8_f9sUC5xOra0QadmC-nlHo110OyLxoogJ5CPbjb9-1AdWgAzic73cSQ329m3KIfkOHvgb9NQ11ysiUXkyNogBHmoWLPnkG94DeRhLbMKuQ8GXg26ktE1ORpQYWaFhF-Da1cPWTc-rVTQcUWlf0VUdJ6ZI1bMapBQ29MtX-gVVRKw-T06jPS6iEt2F5MvfNXACbb5IQGyjd-TmHDGkyiypvqTbKaUyVE7yZnEkgWVbno90lqA_R5_iARJZS13Hl97G1l2QyJ3dZtsEsXVXbInkiQ5OgIvNI8OVcMHf51tEBRd4-WTBryydu2E4fzDX-JzZ03a6kgfkEafmm9fFQsf6B2LjSyU2AT9uSc9mg7-_yVSEHzPLR8DpgP5KD1ECU2XKrWQ1UDwvaRxeeHw7UX4GD_KWNbgON9FwdEJG5BWc1yl5j1VmOj3aXyIYBN1TuLwPYt-TX8vSgLmpVk58SInSj85zgQ5ItelTl16IW336a7MvbGaN-XSzVLrzyOIFVNsiiTQVXg4g9pQu1EgUSBXBzkHiXPIPoxuSIMQlX_CGH1yAdJ3uVzI4lTS6iutInEviT5JNsxtGAioLaQCeGtnE8GQ2HgGCe__EMIl4aR4DZtKOSwMwFXb9mmi1PBqgAbOrIHx-rjPCnI7P8P33084xNERRyfvYSgKBcxfLe_-V5uhm8-fu2HYg2b3hueSLVTHKn2NOD7BhQR0QYviIsUIwxYk1TmuAnAKHDrY190zImQE1KzbmWyqdr81b9vSdd1b9oW8C8rtpZdNqSmJdq4Fr07pi2zrNXcHVLVvvIYe2pCVN61nZsieLZSVj9wd6uQi0PGTc8dNCOCR2Pf54Kznkzc1tswLgS_h5OptJrUn4uwNr_09vUkS3sZQ_AdeEYDMM8KT8bK5cXNZXcPN4eN4SE8TKz9y4PhrqWWE8X2iEzj2bxifBps38HONtJz59N2e57MNCvCS9OctK0KlvtPZz77KU6FW0hqEPAqNlZIYxILdIoc8KAWV1T7FsoqmJ82SIRBG7PXX6cHDLtxuSSTZTOCnO1ZW26icf753XOuHJxpljtw8v1pYL3qzTjIXfL3e6E9x8m0o3STAymuV6iTIiF0ZffexNEj3S1DuDhkQm4dzr0nrhyY0OxtXoRHQ&cid=CAASFeRoN7CoUOybJvp4IUhk7TL-xpo-Qg&rfl=1%2Chttp%253A%252F%252Fqrntwski.ugu.pl%252F%240
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc1a469d17a8e3da6384b6d989e3999a95fb9bba3810aab04d3d6137ec3df8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12389
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CAEE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CCh2LIjXCCOb1BAgaCnGdPvf6Z_oFpCSpSeP4zS7aIYU2mvz3EezkYPT7c1KJ8rmPiXWj1xu4BHtdryPhy_utbQEhlk8gOXyyPHM5Wmuo65aDoips
Requested by
Host: 6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
URL: https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame CAEE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
URL: https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jul 2021 15:05:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAEE 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
URL: https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842920177421"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38075
x-xss-protection
0
expires
Fri, 18 Jun 2021 15:09:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame CAEE 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
URL: https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
10674426802404029766
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jul 2021 15:05:55 GMT
l
www.google.com/ads/measurement/ Frame CAEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgipjZtnu_M2k-rg62TvpbFfZvj2gLoqG5ATngrAIz7U1GFI-VpIyFqSLeEVAwy44mg01fwlTENHiiaD1ErruLajuYSg
Requested by
Host: 6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
URL: https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 0E36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBk1tDHMmNWvvDIHNM-dUKM&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBk1tDHMmNWvvDIHNM-dUKM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYY3Mz7nAEwAQ&v=APEucNXHHWhRJHjCQnfQ2Z17vcxiaDpov8loXYQ_TWmyOjQAJdkjcQTBnhXhaXY0JB6d6qw7Knhhk3GUOc8vTM6R6bUX_tQCws96uHThLsSZNJWGQUzx65TIepMPLEW2qNr6HINjT-43SsuluxjzJJh2v67MWGbc9OTg12WPEuXYAyoS2L7MfAk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Jun 2021 15:09:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Jun 2021 15:09:19 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBk1tDHMmNWvvDIHNM-dUKM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0E36
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMy3H1UqFxxfzED.3DyN6wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBk1tDHMmNWvvDIHNM-dUKM&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBk1tDHMmNWvvDIHNM-dUKM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYY3Mz7nAEwAQ&v=APEucNXHHWhRJHjCQnfQ2Z17vcxiaDpov8loXYQ_TWmyOjQAJdkjcQTBnhXhaXY0JB6d6qw7Knhhk3GUOc8vTM6R6bUX_tQCws96uHThLsSZNJWGQUzx65TIepMPLEW2qNr6HINjT-43SsuluxjzJJh2v67MWGbc9OTg12WPEuXYAyoS2L7MfAk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Jun 2021 15:09:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Jun 2021 15:09:19 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBk1tDHMmNWvvDIHNM-dUKM&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 0E36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEM45PiTA4HSoY6BDH4Ualn0&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM45PiTA4HSoY6BDH4Ualn0%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM45PiTA4HSoY6BDH4Ualn0%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYY3Mz7nAEwAQ&v=APEucNXHHWhRJHjCQnfQ2Z17vcxiaDpov8loXYQ_TWmyOjQAJdkjcQTBnhXhaXY0JB6d6qw7Knhhk3GUOc8vTM6R6bUX_tQCws96uHThLsSZNJWGQUzx65TIepMPLEW2qNr6HINjT-43SsuluxjzJJh2v67MWGbc9OTg12WPEuXYAyoS2L7MfAk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Jun 2021 15:09:19 GMT
X-Proxy-Origin
82.102.16.185; 82.102.16.185; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.145:80
AN-X-Request-Uuid
05754bf5-6873-43ee-a376-7fb7fdae16f9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Jun 2021 15:09:19 GMT
X-Proxy-Origin
82.102.16.185; 82.102.16.185; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid
6647be8e-af18-4332-a397-6e707bd634d6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM45PiTA4HSoY6BDH4Ualn0%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E36
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyMTM5NzU5MDE1NTM4Mzk3OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyMTM5NzU5MDE1NTM4Mzk3OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYY3Mz7nAEwAQ&v=APEucNXHHWhRJHjCQnfQ2Z17vcxiaDpov8loXYQ_TWmyOjQAJdkjcQTBnhXhaXY0JB6d6qw7Knhhk3GUOc8vTM6R6bUX_tQCws96uHThLsSZNJWGQUzx65TIepMPLEW2qNr6HINjT-43SsuluxjzJJh2v67MWGbc9OTg12WPEuXYAyoS2L7MfAk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Jun 2021 15:09:19 GMT
X-Proxy-Origin
82.102.16.185; 82.102.16.185; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid
9dd919e0-e1e0-45ca-b2d9-a9169dac07a8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyMTM5NzU5MDE1NTM4Mzk3OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 062E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://qrntwski.ugu.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://qrntwski.ugu.pl/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 18 Jun 2021 15:02:07 GMT
expires
Sat, 18 Jun 2022 15:02:07 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame EF3E 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
949910c402ea977e662f94d475c39e7277f312b005b11ecba357be7f8e299e09
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JoyDNyjqhqcEw79rpTgrHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://qrntwski.ugu.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://qrntwski.ugu.pl/

Response headers

expires
Fri, 18 Jun 2021 15:09:19 GMT
date
Fri, 18 Jun 2021 15:09:19 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-JoyDNyjqhqcEw79rpTgrHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
track.adform.net/adfscript/ Frame CAEE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=43836863;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsu4F4HTf0Z98n6Ln2BS7Kg_yP4PBGND54z9h5wZls7c684DF1mAhQthmIsfbN7x0tjYeeH5_0RpmQzTc3yODewvIdo-6A-YyJNsloK5XltnBPW_AyI-o18zNnujk9Of1BZEKb13Hqhau8prGLzLwY8GZhb1yaoBh7dGVu5eGec02VbtOPk0w0Y3lAezsF2MeXlcmaCSQOcmsYQudKbs13z8MfdMFJwpbEPS2ulrtWgWeNtuzblTrAojzTr7y05ggg0YvAMgYsRdViF8raxMju8-wibWljYtpHVog_poLq_xNST2bw2jvIU7VG8hwyxj1JJI9TBmT_1gemzu8cRzehDeVXDCTNT5rXUNOCq-Hl4U55qhbQ9M3DkL-SLb-RCCd6hSMC7IXRLyTWpR1xc5vmcf3ORrBjj7Eyor_s-BdO82JBiSHVxTO6WRQMjgZ-o72BOj1T8a_3lgNyY7BWutdgiiZX4r8owl9tWfoZLGW3nmne4WNBO98A3AVFpmsxeK9u80d65C_MhAxN5cVub3wocNxCu0txCn-B7tZUCtN9IOrFJOo0SoUkUhNLc-DPpOPwIlPL1Du_PUvO16mZHVfr-PGYi5i4_-hal-R4SCtSg8Mb-KKatGXZgd0elOJhMC-oz70JRntLi5GqQO_ufZC_RMOFKqv_pyMRGtqHkKbqUUjFA-qTHzcN7qGcoGdkGOqvP82TV_ZAMIuFYfVpeyuhNacMOqRcRVdwo1jDnbtK7mVecrMrlbgO9a5xrIE74SCPdfGdaRRALm6FZ7m6EuU3dUOSM-MMH5Zk09ZANeulYEteGPEiP43BpaGA7IoZ4Z3Ri34sfh9YDBbYHdecjCAhszilPdhv1k9lyf2KNp0RB5SM5EkbO1S2g-KS4cGglwzbENPYuwaMD50pUJsDN48CX9_O_J2gpsyrs_D1FyOdw2unuLiMJrOSnvuEwbKLjUBMrLxOAOi9pzii2mx9WECh1Um5SogKhNcWOyj-0SsKLkaYuMBsegaLGNdljHNqezxjAXlz-C3MTEfr28ksGu1B5XIhZITMVzjORGS4GIzByV1UQAQhVrYVbSdmQZVIWeV2rZAjZL_3kLNAFB-NR0x_moeJdh8Unrm6eMc7TiBdCw2RX1dA&sai=AMfl-YT-1k-zK0zNnkjKEAk1yayzaD9K7bwoQHlusqtUgC7gXm_qtIoNp0DIb3d_kJa6SqculIdixHGcDTIUAFuBo3Pex6_NN50bZ9FlZAk32j4eKxnMJwBI7s9GnK10zlIIpRLOW51fogs43TmMRrDoLEwbrJgTBNvNHzwPNvlkyl6WkIdOMQ&sig=Cg0ArKJSzJjXGz8xmMZHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgAHJvv7LdicC-U9pPmoofAymr4_hFn2RRjEzp-ooIXlgBtKfMm8-NM8ewbQZIGRVtyCDF6b8IkOwK2UqTZS462NZ41a0O1sYBweP9hd-Gul7Nx7KL_zgCmAgO05F1SyRJqqdB9H3TLV8pKh3sV0_EG24KMw&dbm_d=AKAmf-Cv_RrrBCBZOL1rffr_lnqEyZZbZOGdzN_ckQpwys4uglTwLJf_RaJfUDGDPodHQLNHf_MMiSvpHxxLgxm7Er-GwFcEIUVXRSP3IETgqEnA6icp6RvXewyt9QQ8jhVRPflamBNxTC3NDb1q6D_YVJatDJOP1nLTiVsxLCcIKi2fIArKHumfbzo105fEfGySyg4cnnfWGi3bF_FNGzLCb2BD3xkQI2JqPiI1lL9AyVTvFbbY-4Nxvp5HFIFnIq-uue7nyml_v1hHfM4LEWZEvt4lOaRYAKKxXfyStpy-VuwQjMTNQmeZQtlhCDK-NoLGh6qgj0Ip-lla78OU2Wog3_rM3XldrPUJBw7qRTOp1rqHSqTjtnTd78_xBWvWcyxPAal03DKQVPlp1TsOomZLlX80qRaK6bGg3-GxkW2U4dm7GVmlhxriJBs7PgzqBLI3MDGtKPS-ykkBmPJQR_xPvbjikpQUQsgZypQZNrNaZGcF5qNfbeGPeXetzMeaNlMivEItXKduKvW5ccQlcvog-kg_0LIfztSQ6yS9w1-NHeLPyTH7WP3R4zGKVnQwztozED9UEIpmHQXfBtiC0ufN3JbHMpzlGUpheGXjuBO3CwSIEV5DegLJs81QddcLHsvO2kBMGYUvudtfqv2WbDPx9TJcwOErqSOargcSDMTQujpEyXBZA7rJrMQUqNo-F1YEvxfyg7Rjuc2geMslp7-7aHeXtlrTyWIUPSb0P3u0JiyxS8TaFD6ILJHFNBaEO2VA662ShStXJWI91maenYOaMXg1Mnk-21nRV3tQ3PtanHmkDKlu8wIH0Ggl7IWgnf3IYdjUHexUadNWl0AUu0pnDKnIqrNUk6Eyrsep0-kB1m1tkx08D1WCIFkUsV3tOHsOvG8f9gQ2oCQCbuX3Z87qzzyqP442SFlzMSsFZPOxuTssxj20GolmLH923OUZ6V7xgKREWTL6oqAYfo5A0BNANOEV3WAr9KBLcC1sCdQhc0T8SerDP1VmLk_lf98d4kUtvU1Oba9dFsQSY5DTAof-ZmCzqPMPFq0UOE0alk6R-N6s2jbU7AHH4x98QewHcMlOJIaBpn5nGLxqo2XdZ7tWESFXkyHBJE6ejU1YgmICmwGI5SXGJ4vcuF5ap7DXfPAAnTDd_gfh8J7mjBigFwRn4nXN52cbqPLdTadfffCAOAm9HuEb88NXXEIvI_w6iXoGZxJxQcBTdN0OUEGLuGTjOaUlEd6h6phWSNRaVxvwLC4JgGCy6R_lW1Ay181ACTqBYJNjmoDnRrLZUBl8V3V2itcL0Dn0KoX0If0mqtao0v-JyXQIw6dsXKqYQLCVMozecelEnUNUvD5rBdmqFzWLD8y65gDy6l_3DDuv3vWgVi_NcMsJ2m7OwYPIR4MJRcBhtSqSkiJwm4UxbbSdkTfIJlTitADyVzCzN2HAJ9_tk_AihaLWL6kwebx1CRQ1Xf6rSyfPYYTtVLRIxLlExDKTUw1epOXAOt8TPbht30tv6hsjOKGPqw0kZUDbc0RHZorr9keSOEw0ZwBZCpRjryjBVTTv1-w9Kqcl1K-HCb3tcnKaW-yzgOjUcsqWqIN8EoKBuoA88zwueWvolnqLw0ZJC9HO1wjYKNc7t4ck-wVj-LBzj183j3J47W39k-zlYdWxbsY6Ll1iUPKN8G_umRZvFOrbQtG-_so9cL7Dth-Zwt7Gt-5i3tN1NGk56SofArWxV6eYK2vACUzIArBl4kEdQlMRcCtTuiAmvurGhG7ApFs4MUNB9GgxTCGtoBnJt5FPl_RcVvC2amTtHSpJQJtH_He1s-Xejoti5j-u5lntlPWJJL6kXD5chD5LSHLpWGYm3q1ctzkC5JhrWnKpUDqFyPkdkyMQG0v9dg-nGVYPuAkBvWYnRrvMt-WuOUtGfYL7Mdramg-C9D9Ym2PKPBHK-Wb7XQS4ggt9A8_f9sUC5xOra0QadmC-nlHo110OyLxoogJ5CPbjb9-1AdWgAzic73cSQ329m3KIfkOHvgb9NQ11ysiUXkyNogBHmoWLPnkG94DeRhLbMKuQ8GXg26ktE1ORpQYWaFhF-Da1cPWTc-rVTQcUWlf0VUdJ6ZI1bMapBQ29MtX-gVVRKw-T06jPS6iEt2F5MvfNXACbb5IQGyjd-TmHDGkyiypvqTbKaUyVE7yZnEkgWVbno90lqA_R5_iARJZS13Hl97G1l2QyJ3dZtsEsXVXbInkiQ5OgIvNI8OVcMHf51tEBRd4-WTBryydu2E4fzDX-JzZ03a6kgfkEafmm9fFQsf6B2LjSyU2AT9uSc9mg7-_yVSEHzPLR8DpgP5KD1ECU2XKrWQ1UDwvaRxeeHw7UX4GD_KWNbgON9FwdEJG5BWc1yl5j1VmOj3aXyIYBN1TuLwPYt-TX8vSgLmpVk58SInSj85zgQ5ItelTl16IW336a7MvbGaN-XSzVLrzyOIFVNsiiTQVXg4g9pQu1EgUSBXBzkHiXPIPoxuSIMQlX_CGH1yAdJ3uVzI4lTS6iutInEviT5JNsxtGAioLaQCeGtnE8GQ2HgGCe__EMIl4aR4DZtKOSwMwFXb9mmi1PBqgAbOrIHx-rjPCnI7P8P33084xNERRyfvYSgKBcxfLe_-V5uhm8-fu2HYg2b3hueSLVTHKn2NOD7BhQR0QYviIsUIwxYk1TmuAnAKHDrY190zImQE1KzbmWyqdr81b9vSdd1b9oW8C8rtpZdNqSmJdq4Fr07pi2zrNXcHVLVvvIYe2pCVN61nZsieLZSVj9wd6uQi0PGTc8dNCOCR2Pf54Kznkzc1tswLgS_h5OptJrUn4uwNr_09vUkS3sZQ_AdeEYDMM8KT8bK5cXNZXcPN4eN4SE8TKz9y4PhrqWWE8X2iEzj2bxifBps38HONtJz59N2e57MNCvCS9OctK0KlvtPZz77KU6FW0hqEPAqNlZIYxILdIoc8KAWV1T7FsoqmJ82SIRBG7PXX6cHDLtxuSSTZTOCnO1ZW26icf753XOuHJxpljtw8v1pYL3qzTjIXfL3e6E9x8m0o3STAymuV6iTIiF0ZffexNEj3S1DuDhkQm4dzr0nrhyY0OxtXoRHQ&cid=CAASFeRoN7CoUOybJvp4IUhk7TL-xpo-Qg&rfl=1%2Chttp%253A%252F%252Fqrntwski.ugu.pl%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3b250d880b43bbd7e6f85c9a2b9af88806c20183dc1432ea6a2be461dba516d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2091
expires
-1
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame CAEE 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgAHJvv7LdicC-U9pPmoofAymr4_hFn2RRjEzp-ooIXlgBtKfMm8-NM8ewbQZIGRVtyCDF6b8IkOwK2UqTZS462NZ41a0O1sYBweP9hd-Gul7Nx7KL_zgCmAgO05F1SyRJqqdB9H3TLV8pKh3sV0_EG24KMw&dbm_d=AKAmf-Cv_RrrBCBZOL1rffr_lnqEyZZbZOGdzN_ckQpwys4uglTwLJf_RaJfUDGDPodHQLNHf_MMiSvpHxxLgxm7Er-GwFcEIUVXRSP3IETgqEnA6icp6RvXewyt9QQ8jhVRPflamBNxTC3NDb1q6D_YVJatDJOP1nLTiVsxLCcIKi2fIArKHumfbzo105fEfGySyg4cnnfWGi3bF_FNGzLCb2BD3xkQI2JqPiI1lL9AyVTvFbbY-4Nxvp5HFIFnIq-uue7nyml_v1hHfM4LEWZEvt4lOaRYAKKxXfyStpy-VuwQjMTNQmeZQtlhCDK-NoLGh6qgj0Ip-lla78OU2Wog3_rM3XldrPUJBw7qRTOp1rqHSqTjtnTd78_xBWvWcyxPAal03DKQVPlp1TsOomZLlX80qRaK6bGg3-GxkW2U4dm7GVmlhxriJBs7PgzqBLI3MDGtKPS-ykkBmPJQR_xPvbjikpQUQsgZypQZNrNaZGcF5qNfbeGPeXetzMeaNlMivEItXKduKvW5ccQlcvog-kg_0LIfztSQ6yS9w1-NHeLPyTH7WP3R4zGKVnQwztozED9UEIpmHQXfBtiC0ufN3JbHMpzlGUpheGXjuBO3CwSIEV5DegLJs81QddcLHsvO2kBMGYUvudtfqv2WbDPx9TJcwOErqSOargcSDMTQujpEyXBZA7rJrMQUqNo-F1YEvxfyg7Rjuc2geMslp7-7aHeXtlrTyWIUPSb0P3u0JiyxS8TaFD6ILJHFNBaEO2VA662ShStXJWI91maenYOaMXg1Mnk-21nRV3tQ3PtanHmkDKlu8wIH0Ggl7IWgnf3IYdjUHexUadNWl0AUu0pnDKnIqrNUk6Eyrsep0-kB1m1tkx08D1WCIFkUsV3tOHsOvG8f9gQ2oCQCbuX3Z87qzzyqP442SFlzMSsFZPOxuTssxj20GolmLH923OUZ6V7xgKREWTL6oqAYfo5A0BNANOEV3WAr9KBLcC1sCdQhc0T8SerDP1VmLk_lf98d4kUtvU1Oba9dFsQSY5DTAof-ZmCzqPMPFq0UOE0alk6R-N6s2jbU7AHH4x98QewHcMlOJIaBpn5nGLxqo2XdZ7tWESFXkyHBJE6ejU1YgmICmwGI5SXGJ4vcuF5ap7DXfPAAnTDd_gfh8J7mjBigFwRn4nXN52cbqPLdTadfffCAOAm9HuEb88NXXEIvI_w6iXoGZxJxQcBTdN0OUEGLuGTjOaUlEd6h6phWSNRaVxvwLC4JgGCy6R_lW1Ay181ACTqBYJNjmoDnRrLZUBl8V3V2itcL0Dn0KoX0If0mqtao0v-JyXQIw6dsXKqYQLCVMozecelEnUNUvD5rBdmqFzWLD8y65gDy6l_3DDuv3vWgVi_NcMsJ2m7OwYPIR4MJRcBhtSqSkiJwm4UxbbSdkTfIJlTitADyVzCzN2HAJ9_tk_AihaLWL6kwebx1CRQ1Xf6rSyfPYYTtVLRIxLlExDKTUw1epOXAOt8TPbht30tv6hsjOKGPqw0kZUDbc0RHZorr9keSOEw0ZwBZCpRjryjBVTTv1-w9Kqcl1K-HCb3tcnKaW-yzgOjUcsqWqIN8EoKBuoA88zwueWvolnqLw0ZJC9HO1wjYKNc7t4ck-wVj-LBzj183j3J47W39k-zlYdWxbsY6Ll1iUPKN8G_umRZvFOrbQtG-_so9cL7Dth-Zwt7Gt-5i3tN1NGk56SofArWxV6eYK2vACUzIArBl4kEdQlMRcCtTuiAmvurGhG7ApFs4MUNB9GgxTCGtoBnJt5FPl_RcVvC2amTtHSpJQJtH_He1s-Xejoti5j-u5lntlPWJJL6kXD5chD5LSHLpWGYm3q1ctzkC5JhrWnKpUDqFyPkdkyMQG0v9dg-nGVYPuAkBvWYnRrvMt-WuOUtGfYL7Mdramg-C9D9Ym2PKPBHK-Wb7XQS4ggt9A8_f9sUC5xOra0QadmC-nlHo110OyLxoogJ5CPbjb9-1AdWgAzic73cSQ329m3KIfkOHvgb9NQ11ysiUXkyNogBHmoWLPnkG94DeRhLbMKuQ8GXg26ktE1ORpQYWaFhF-Da1cPWTc-rVTQcUWlf0VUdJ6ZI1bMapBQ29MtX-gVVRKw-T06jPS6iEt2F5MvfNXACbb5IQGyjd-TmHDGkyiypvqTbKaUyVE7yZnEkgWVbno90lqA_R5_iARJZS13Hl97G1l2QyJ3dZtsEsXVXbInkiQ5OgIvNI8OVcMHf51tEBRd4-WTBryydu2E4fzDX-JzZ03a6kgfkEafmm9fFQsf6B2LjSyU2AT9uSc9mg7-_yVSEHzPLR8DpgP5KD1ECU2XKrWQ1UDwvaRxeeHw7UX4GD_KWNbgON9FwdEJG5BWc1yl5j1VmOj3aXyIYBN1TuLwPYt-TX8vSgLmpVk58SInSj85zgQ5ItelTl16IW336a7MvbGaN-XSzVLrzyOIFVNsiiTQVXg4g9pQu1EgUSBXBzkHiXPIPoxuSIMQlX_CGH1yAdJ3uVzI4lTS6iutInEviT5JNsxtGAioLaQCeGtnE8GQ2HgGCe__EMIl4aR4DZtKOSwMwFXb9mmi1PBqgAbOrIHx-rjPCnI7P8P33084xNERRyfvYSgKBcxfLe_-V5uhm8-fu2HYg2b3hueSLVTHKn2NOD7BhQR0QYviIsUIwxYk1TmuAnAKHDrY190zImQE1KzbmWyqdr81b9vSdd1b9oW8C8rtpZdNqSmJdq4Fr07pi2zrNXcHVLVvvIYe2pCVN61nZsieLZSVj9wd6uQi0PGTc8dNCOCR2Pf54Kznkzc1tswLgS_h5OptJrUn4uwNr_09vUkS3sZQ_AdeEYDMM8KT8bK5cXNZXcPN4eN4SE8TKz9y4PhrqWWE8X2iEzj2bxifBps38HONtJz59N2e57MNCvCS9OctK0KlvtPZz77KU6FW0hqEPAqNlZIYxILdIoc8KAWV1T7FsoqmJ82SIRBG7PXX6cHDLtxuSSTZTOCnO1ZW26icf753XOuHJxpljtw8v1pYL3qzTjIXfL3e6E9x8m0o3STAymuV6iTIiF0ZffexNEj3S1DuDhkQm4dzr0nrhyY0OxtXoRHQ&cid=CAASFeRoN7CoUOybJvp4IUhk7TL-xpo-Qg&rfl=1%2Chttp%253A%252F%252Fqrntwski.ugu.pl%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8638
x-xss-protection
0
server
cafe
etag
15675381762197352129
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jul 2021 15:06:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/ Frame CAEE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgAHJvv7LdicC-U9pPmoofAymr4_hFn2RRjEzp-ooIXlgBtKfMm8-NM8ewbQZIGRVtyCDF6b8IkOwK2UqTZS462NZ41a0O1sYBweP9hd-Gul7Nx7KL_zgCmAgO05F1SyRJqqdB9H3TLV8pKh3sV0_EG24KMw&dbm_d=AKAmf-Cv_RrrBCBZOL1rffr_lnqEyZZbZOGdzN_ckQpwys4uglTwLJf_RaJfUDGDPodHQLNHf_MMiSvpHxxLgxm7Er-GwFcEIUVXRSP3IETgqEnA6icp6RvXewyt9QQ8jhVRPflamBNxTC3NDb1q6D_YVJatDJOP1nLTiVsxLCcIKi2fIArKHumfbzo105fEfGySyg4cnnfWGi3bF_FNGzLCb2BD3xkQI2JqPiI1lL9AyVTvFbbY-4Nxvp5HFIFnIq-uue7nyml_v1hHfM4LEWZEvt4lOaRYAKKxXfyStpy-VuwQjMTNQmeZQtlhCDK-NoLGh6qgj0Ip-lla78OU2Wog3_rM3XldrPUJBw7qRTOp1rqHSqTjtnTd78_xBWvWcyxPAal03DKQVPlp1TsOomZLlX80qRaK6bGg3-GxkW2U4dm7GVmlhxriJBs7PgzqBLI3MDGtKPS-ykkBmPJQR_xPvbjikpQUQsgZypQZNrNaZGcF5qNfbeGPeXetzMeaNlMivEItXKduKvW5ccQlcvog-kg_0LIfztSQ6yS9w1-NHeLPyTH7WP3R4zGKVnQwztozED9UEIpmHQXfBtiC0ufN3JbHMpzlGUpheGXjuBO3CwSIEV5DegLJs81QddcLHsvO2kBMGYUvudtfqv2WbDPx9TJcwOErqSOargcSDMTQujpEyXBZA7rJrMQUqNo-F1YEvxfyg7Rjuc2geMslp7-7aHeXtlrTyWIUPSb0P3u0JiyxS8TaFD6ILJHFNBaEO2VA662ShStXJWI91maenYOaMXg1Mnk-21nRV3tQ3PtanHmkDKlu8wIH0Ggl7IWgnf3IYdjUHexUadNWl0AUu0pnDKnIqrNUk6Eyrsep0-kB1m1tkx08D1WCIFkUsV3tOHsOvG8f9gQ2oCQCbuX3Z87qzzyqP442SFlzMSsFZPOxuTssxj20GolmLH923OUZ6V7xgKREWTL6oqAYfo5A0BNANOEV3WAr9KBLcC1sCdQhc0T8SerDP1VmLk_lf98d4kUtvU1Oba9dFsQSY5DTAof-ZmCzqPMPFq0UOE0alk6R-N6s2jbU7AHH4x98QewHcMlOJIaBpn5nGLxqo2XdZ7tWESFXkyHBJE6ejU1YgmICmwGI5SXGJ4vcuF5ap7DXfPAAnTDd_gfh8J7mjBigFwRn4nXN52cbqPLdTadfffCAOAm9HuEb88NXXEIvI_w6iXoGZxJxQcBTdN0OUEGLuGTjOaUlEd6h6phWSNRaVxvwLC4JgGCy6R_lW1Ay181ACTqBYJNjmoDnRrLZUBl8V3V2itcL0Dn0KoX0If0mqtao0v-JyXQIw6dsXKqYQLCVMozecelEnUNUvD5rBdmqFzWLD8y65gDy6l_3DDuv3vWgVi_NcMsJ2m7OwYPIR4MJRcBhtSqSkiJwm4UxbbSdkTfIJlTitADyVzCzN2HAJ9_tk_AihaLWL6kwebx1CRQ1Xf6rSyfPYYTtVLRIxLlExDKTUw1epOXAOt8TPbht30tv6hsjOKGPqw0kZUDbc0RHZorr9keSOEw0ZwBZCpRjryjBVTTv1-w9Kqcl1K-HCb3tcnKaW-yzgOjUcsqWqIN8EoKBuoA88zwueWvolnqLw0ZJC9HO1wjYKNc7t4ck-wVj-LBzj183j3J47W39k-zlYdWxbsY6Ll1iUPKN8G_umRZvFOrbQtG-_so9cL7Dth-Zwt7Gt-5i3tN1NGk56SofArWxV6eYK2vACUzIArBl4kEdQlMRcCtTuiAmvurGhG7ApFs4MUNB9GgxTCGtoBnJt5FPl_RcVvC2amTtHSpJQJtH_He1s-Xejoti5j-u5lntlPWJJL6kXD5chD5LSHLpWGYm3q1ctzkC5JhrWnKpUDqFyPkdkyMQG0v9dg-nGVYPuAkBvWYnRrvMt-WuOUtGfYL7Mdramg-C9D9Ym2PKPBHK-Wb7XQS4ggt9A8_f9sUC5xOra0QadmC-nlHo110OyLxoogJ5CPbjb9-1AdWgAzic73cSQ329m3KIfkOHvgb9NQ11ysiUXkyNogBHmoWLPnkG94DeRhLbMKuQ8GXg26ktE1ORpQYWaFhF-Da1cPWTc-rVTQcUWlf0VUdJ6ZI1bMapBQ29MtX-gVVRKw-T06jPS6iEt2F5MvfNXACbb5IQGyjd-TmHDGkyiypvqTbKaUyVE7yZnEkgWVbno90lqA_R5_iARJZS13Hl97G1l2QyJ3dZtsEsXVXbInkiQ5OgIvNI8OVcMHf51tEBRd4-WTBryydu2E4fzDX-JzZ03a6kgfkEafmm9fFQsf6B2LjSyU2AT9uSc9mg7-_yVSEHzPLR8DpgP5KD1ECU2XKrWQ1UDwvaRxeeHw7UX4GD_KWNbgON9FwdEJG5BWc1yl5j1VmOj3aXyIYBN1TuLwPYt-TX8vSgLmpVk58SInSj85zgQ5ItelTl16IW336a7MvbGaN-XSzVLrzyOIFVNsiiTQVXg4g9pQu1EgUSBXBzkHiXPIPoxuSIMQlX_CGH1yAdJ3uVzI4lTS6iutInEviT5JNsxtGAioLaQCeGtnE8GQ2HgGCe__EMIl4aR4DZtKOSwMwFXb9mmi1PBqgAbOrIHx-rjPCnI7P8P33084xNERRyfvYSgKBcxfLe_-V5uhm8-fu2HYg2b3hueSLVTHKn2NOD7BhQR0QYviIsUIwxYk1TmuAnAKHDrY190zImQE1KzbmWyqdr81b9vSdd1b9oW8C8rtpZdNqSmJdq4Fr07pi2zrNXcHVLVvvIYe2pCVN61nZsieLZSVj9wd6uQi0PGTc8dNCOCR2Pf54Kznkzc1tswLgS_h5OptJrUn4uwNr_09vUkS3sZQ_AdeEYDMM8KT8bK5cXNZXcPN4eN4SE8TKz9y4PhrqWWE8X2iEzj2bxifBps38HONtJz59N2e57MNCvCS9OctK0KlvtPZz77KU6FW0hqEPAqNlZIYxILdIoc8KAWV1T7FsoqmJ82SIRBG7PXX6cHDLtxuSSTZTOCnO1ZW26icf753XOuHJxpljtw8v1pYL3qzTjIXfL3e6E9x8m0o3STAymuV6iTIiF0ZffexNEj3S1DuDhkQm4dzr0nrhyY0OxtXoRHQ&cid=CAASFeRoN7CoUOybJvp4IUhk7TL-xpo-Qg&rfl=1%2Chttp%253A%252F%252Fqrntwski.ugu.pl%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 14:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
765
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jul 2021 14:56:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CAEE 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmi7XFLNdaE9NXKdU-sr7UCLR03FdjKV2on37hJW27cttqK6k717detBEEODgHoy1jOrZv7FTVxhNpaACE0SULSyu12s35OXi2UJ_c1wNEdGERoHgFIfJGQsBb5rMLfEUa7KObp5Vnllldu3Nw4vdJeFRrDvvjtyhfoXd48Ib29_-Atx48VfNynHZttM6WI7KLpQK-_uA-ytaP-u4U_O-BPt_Nz_xsXkMAG6gsapIl6hAr_8jlnNEAr7BT-9GS_Cnyp8TGokr5jLqXWr3ItMRM8uoa9M5Ef68qtkfPyS8o_fuHgMQxudSDSFg486KaHPHLkkq1WGmYlmwl-ydlMZ9kCOsg4Omo763dq0wQy3jl4qVQPSSM-bExQuigYQVnlXEMeCxAcqhXSc8gEn3jTsIbH5LDIcBYTVUkVSEGQNhVEIxJq2JWRC5KmLgcUeQRLIf6_rNZncMtECZGh40P38gv53GK-i0dxdTqHqFA6Ju9o6g6n04Qa1miiax4O_gQbfkV5lWbRqAYcVwQ_xkDCA66Znix5DfZZTXocHTbo4T2EaabxC8Atgi4LLjEJ4QmdKBdRdgbJFmC6r6UsYOd5Y6cebCqCO6W1tXETxldM3-Lsi6Tpqd7j6JaUUqsLQBbNwvi8VMCI-VU4sds7K9hpZnkfshPxrdOP4PKbr2D8ZZ0GckBGEAX3PySdWcKidFzkiykcoSeCIFw-InBaMYWA9YlUbU_NTg1JddFPBAi8XfguiK-jeDfoFY1213x9HRk-VrzyngRg3_2fcxI-AzZQwILyUxV7X85AP7EXx_L2sEW8q8SEoKYBlKCvcPUebvAhDI_zcLZzft7tdiRxrH5JljKmiSd-rCO1WKFh7C7UwHGEgbYUHISnQy4UB-AJ9VMDv0Sbc-cBX0YHErXxxahstPFp3gjJ_BRmFpDTuY06xJ5DxoQcE9UaDSKrx59_AWhAetpAaA_f8I13Un5nC82rfSbBGZJ3r0cyXTlS9BfwAnGivN89GOwW1-E_fgffiGi98mNAIgzVR7S8VAWq5PTGealv8N8Az9qimoYP9NTzsV-MjZZurWjaqCY8RRT_2aX9KDX6O4GQkmYAct7tWcB2G5xhwksuMowp4x4ifHZ2NitkT-IVi0IKS92ztCkj9D6i-VOEMyWir-CKiDwzeZdMmDJl7My&sai=AMfl-YTEYbXZWAG0ln4zhFeiPevMlCA2Ct7KqyJtrn3JuVipZNSzW8G1lgGQEwpay_qrX0rhU9W1KXCMlzcHLDxunKxSPzS06Xw_zwB8SsEMjurJ5jhbAXz-PNp_cqfhaQwRWyMLd6iUTaYB8MjOB4a7VjVj8BFLR-EfZeU7NqQ&sig=Cg0ArKJSzCYRI6mpUpeFEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=10&cbvp=1&cstd=8&cisv=r20210616.45327&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgAHJvv7LdicC-U9pPmoofAymr4_hFn2RRjEzp-ooIXlgBtKfMm8-NM8ewbQZIGRVtyCDF6b8IkOwK2UqTZS462NZ41a0O1sYBweP9hd-Gul7Nx7KL_zgCmAgO05F1SyRJqqdB9H3TLV8pKh3sV0_EG24KMw&dbm_d=AKAmf-Cv_RrrBCBZOL1rffr_lnqEyZZbZOGdzN_ckQpwys4uglTwLJf_RaJfUDGDPodHQLNHf_MMiSvpHxxLgxm7Er-GwFcEIUVXRSP3IETgqEnA6icp6RvXewyt9QQ8jhVRPflamBNxTC3NDb1q6D_YVJatDJOP1nLTiVsxLCcIKi2fIArKHumfbzo105fEfGySyg4cnnfWGi3bF_FNGzLCb2BD3xkQI2JqPiI1lL9AyVTvFbbY-4Nxvp5HFIFnIq-uue7nyml_v1hHfM4LEWZEvt4lOaRYAKKxXfyStpy-VuwQjMTNQmeZQtlhCDK-NoLGh6qgj0Ip-lla78OU2Wog3_rM3XldrPUJBw7qRTOp1rqHSqTjtnTd78_xBWvWcyxPAal03DKQVPlp1TsOomZLlX80qRaK6bGg3-GxkW2U4dm7GVmlhxriJBs7PgzqBLI3MDGtKPS-ykkBmPJQR_xPvbjikpQUQsgZypQZNrNaZGcF5qNfbeGPeXetzMeaNlMivEItXKduKvW5ccQlcvog-kg_0LIfztSQ6yS9w1-NHeLPyTH7WP3R4zGKVnQwztozED9UEIpmHQXfBtiC0ufN3JbHMpzlGUpheGXjuBO3CwSIEV5DegLJs81QddcLHsvO2kBMGYUvudtfqv2WbDPx9TJcwOErqSOargcSDMTQujpEyXBZA7rJrMQUqNo-F1YEvxfyg7Rjuc2geMslp7-7aHeXtlrTyWIUPSb0P3u0JiyxS8TaFD6ILJHFNBaEO2VA662ShStXJWI91maenYOaMXg1Mnk-21nRV3tQ3PtanHmkDKlu8wIH0Ggl7IWgnf3IYdjUHexUadNWl0AUu0pnDKnIqrNUk6Eyrsep0-kB1m1tkx08D1WCIFkUsV3tOHsOvG8f9gQ2oCQCbuX3Z87qzzyqP442SFlzMSsFZPOxuTssxj20GolmLH923OUZ6V7xgKREWTL6oqAYfo5A0BNANOEV3WAr9KBLcC1sCdQhc0T8SerDP1VmLk_lf98d4kUtvU1Oba9dFsQSY5DTAof-ZmCzqPMPFq0UOE0alk6R-N6s2jbU7AHH4x98QewHcMlOJIaBpn5nGLxqo2XdZ7tWESFXkyHBJE6ejU1YgmICmwGI5SXGJ4vcuF5ap7DXfPAAnTDd_gfh8J7mjBigFwRn4nXN52cbqPLdTadfffCAOAm9HuEb88NXXEIvI_w6iXoGZxJxQcBTdN0OUEGLuGTjOaUlEd6h6phWSNRaVxvwLC4JgGCy6R_lW1Ay181ACTqBYJNjmoDnRrLZUBl8V3V2itcL0Dn0KoX0If0mqtao0v-JyXQIw6dsXKqYQLCVMozecelEnUNUvD5rBdmqFzWLD8y65gDy6l_3DDuv3vWgVi_NcMsJ2m7OwYPIR4MJRcBhtSqSkiJwm4UxbbSdkTfIJlTitADyVzCzN2HAJ9_tk_AihaLWL6kwebx1CRQ1Xf6rSyfPYYTtVLRIxLlExDKTUw1epOXAOt8TPbht30tv6hsjOKGPqw0kZUDbc0RHZorr9keSOEw0ZwBZCpRjryjBVTTv1-w9Kqcl1K-HCb3tcnKaW-yzgOjUcsqWqIN8EoKBuoA88zwueWvolnqLw0ZJC9HO1wjYKNc7t4ck-wVj-LBzj183j3J47W39k-zlYdWxbsY6Ll1iUPKN8G_umRZvFOrbQtG-_so9cL7Dth-Zwt7Gt-5i3tN1NGk56SofArWxV6eYK2vACUzIArBl4kEdQlMRcCtTuiAmvurGhG7ApFs4MUNB9GgxTCGtoBnJt5FPl_RcVvC2amTtHSpJQJtH_He1s-Xejoti5j-u5lntlPWJJL6kXD5chD5LSHLpWGYm3q1ctzkC5JhrWnKpUDqFyPkdkyMQG0v9dg-nGVYPuAkBvWYnRrvMt-WuOUtGfYL7Mdramg-C9D9Ym2PKPBHK-Wb7XQS4ggt9A8_f9sUC5xOra0QadmC-nlHo110OyLxoogJ5CPbjb9-1AdWgAzic73cSQ329m3KIfkOHvgb9NQ11ysiUXkyNogBHmoWLPnkG94DeRhLbMKuQ8GXg26ktE1ORpQYWaFhF-Da1cPWTc-rVTQcUWlf0VUdJ6ZI1bMapBQ29MtX-gVVRKw-T06jPS6iEt2F5MvfNXACbb5IQGyjd-TmHDGkyiypvqTbKaUyVE7yZnEkgWVbno90lqA_R5_iARJZS13Hl97G1l2QyJ3dZtsEsXVXbInkiQ5OgIvNI8OVcMHf51tEBRd4-WTBryydu2E4fzDX-JzZ03a6kgfkEafmm9fFQsf6B2LjSyU2AT9uSc9mg7-_yVSEHzPLR8DpgP5KD1ECU2XKrWQ1UDwvaRxeeHw7UX4GD_KWNbgON9FwdEJG5BWc1yl5j1VmOj3aXyIYBN1TuLwPYt-TX8vSgLmpVk58SInSj85zgQ5ItelTl16IW336a7MvbGaN-XSzVLrzyOIFVNsiiTQVXg4g9pQu1EgUSBXBzkHiXPIPoxuSIMQlX_CGH1yAdJ3uVzI4lTS6iutInEviT5JNsxtGAioLaQCeGtnE8GQ2HgGCe__EMIl4aR4DZtKOSwMwFXb9mmi1PBqgAbOrIHx-rjPCnI7P8P33084xNERRyfvYSgKBcxfLe_-V5uhm8-fu2HYg2b3hueSLVTHKn2NOD7BhQR0QYviIsUIwxYk1TmuAnAKHDrY190zImQE1KzbmWyqdr81b9vSdd1b9oW8C8rtpZdNqSmJdq4Fr07pi2zrNXcHVLVvvIYe2pCVN61nZsieLZSVj9wd6uQi0PGTc8dNCOCR2Pf54Kznkzc1tswLgS_h5OptJrUn4uwNr_09vUkS3sZQ_AdeEYDMM8KT8bK5cXNZXcPN4eN4SE8TKz9y4PhrqWWE8X2iEzj2bxifBps38HONtJz59N2e57MNCvCS9OctK0KlvtPZz77KU6FW0hqEPAqNlZIYxILdIoc8KAWV1T7FsoqmJ82SIRBG7PXX6cHDLtxuSSTZTOCnO1ZW26icf753XOuHJxpljtw8v1pYL3qzTjIXfL3e6E9x8m0o3STAymuV6iTIiF0ZffexNEj3S1DuDhkQm4dzr0nrhyY0OxtXoRHQ&cid=CAASFeRoN7CoUOybJvp4IUhk7TL-xpo-Qg&rfl=1%2Chttp%253A%252F%252Fqrntwski.ugu.pl%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 18 Jun 2021 15:09:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js
pagead2.googlesyndication.com/bg/ Frame 062E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5759
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 15:01:38 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame CAEE 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43836863;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsu4F4HTf0Z98n6Ln2BS7Kg_yP4PBGND54z9h5wZls7c684DF1mAhQthmIsfbN7x0tjYeeH5_0RpmQzTc3yODewvIdo-6A-YyJNsloK5XltnBPW_AyI-o18zNnujk9Of1BZEKb13Hqhau8prGLzLwY8GZhb1yaoBh7dGVu5eGec02VbtOPk0w0Y3lAezsF2MeXlcmaCSQOcmsYQudKbs13z8MfdMFJwpbEPS2ulrtWgWeNtuzblTrAojzTr7y05ggg0YvAMgYsRdViF8raxMju8-wibWljYtpHVog_poLq_xNST2bw2jvIU7VG8hwyxj1JJI9TBmT_1gemzu8cRzehDeVXDCTNT5rXUNOCq-Hl4U55qhbQ9M3DkL-SLb-RCCd6hSMC7IXRLyTWpR1xc5vmcf3ORrBjj7Eyor_s-BdO82JBiSHVxTO6WRQMjgZ-o72BOj1T8a_3lgNyY7BWutdgiiZX4r8owl9tWfoZLGW3nmne4WNBO98A3AVFpmsxeK9u80d65C_MhAxN5cVub3wocNxCu0txCn-B7tZUCtN9IOrFJOo0SoUkUhNLc-DPpOPwIlPL1Du_PUvO16mZHVfr-PGYi5i4_-hal-R4SCtSg8Mb-KKatGXZgd0elOJhMC-oz70JRntLi5GqQO_ufZC_RMOFKqv_pyMRGtqHkKbqUUjFA-qTHzcN7qGcoGdkGOqvP82TV_ZAMIuFYfVpeyuhNacMOqRcRVdwo1jDnbtK7mVecrMrlbgO9a5xrIE74SCPdfGdaRRALm6FZ7m6EuU3dUOSM-MMH5Zk09ZANeulYEteGPEiP43BpaGA7IoZ4Z3Ri34sfh9YDBbYHdecjCAhszilPdhv1k9lyf2KNp0RB5SM5EkbO1S2g-KS4cGglwzbENPYuwaMD50pUJsDN48CX9_O_J2gpsyrs_D1FyOdw2unuLiMJrOSnvuEwbKLjUBMrLxOAOi9pzii2mx9WECh1Um5SogKhNcWOyj-0SsKLkaYuMBsegaLGNdljHNqezxjAXlz-C3MTEfr28ksGu1B5XIhZITMVzjORGS4GIzByV1UQAQhVrYVbSdmQZVIWeV2rZAjZL_3kLNAFB-NR0x_moeJdh8Unrm6eMc7TiBdCw2RX1dA&sai=AMfl-YT-1k-zK0zNnkjKEAk1yayzaD9K7bwoQHlusqtUgC7gXm_qtIoNp0DIb3d_kJa6SqculIdixHGcDTIUAFuBo3Pex6_NN50bZ9FlZAk32j4eKxnMJwBI7s9GnK10zlIIpRLOW51fogs43TmMRrDoLEwbrJgTBNvNHzwPNvlkyl6WkIdOMQ&sig=Cg0ArKJSzJjXGz8xmMZHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:36:46 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 19 Jun 2021 17:57:36 GMT
/
track.adform.net/adfserve/ Frame CAEE 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=43836863;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsu4F4HTf0Z98n6Ln2BS7Kg_yP4PBGND54z9h5wZls7c684DF1mAhQthmIsfbN7x0tjYeeH5_0RpmQzTc3yODewvIdo-6A-YyJNsloK5XltnBPW_AyI-o18zNnujk9Of1BZEKb13Hqhau8prGLzLwY8GZhb1yaoBh7dGVu5eGec02VbtOPk0w0Y3lAezsF2MeXlcmaCSQOcmsYQudKbs13z8MfdMFJwpbEPS2ulrtWgWeNtuzblTrAojzTr7y05ggg0YvAMgYsRdViF8raxMju8-wibWljYtpHVog_poLq_xNST2bw2jvIU7VG8hwyxj1JJI9TBmT_1gemzu8cRzehDeVXDCTNT5rXUNOCq-Hl4U55qhbQ9M3DkL-SLb-RCCd6hSMC7IXRLyTWpR1xc5vmcf3ORrBjj7Eyor_s-BdO82JBiSHVxTO6WRQMjgZ-o72BOj1T8a_3lgNyY7BWutdgiiZX4r8owl9tWfoZLGW3nmne4WNBO98A3AVFpmsxeK9u80d65C_MhAxN5cVub3wocNxCu0txCn-B7tZUCtN9IOrFJOo0SoUkUhNLc-DPpOPwIlPL1Du_PUvO16mZHVfr-PGYi5i4_-hal-R4SCtSg8Mb-KKatGXZgd0elOJhMC-oz70JRntLi5GqQO_ufZC_RMOFKqv_pyMRGtqHkKbqUUjFA-qTHzcN7qGcoGdkGOqvP82TV_ZAMIuFYfVpeyuhNacMOqRcRVdwo1jDnbtK7mVecrMrlbgO9a5xrIE74SCPdfGdaRRALm6FZ7m6EuU3dUOSM-MMH5Zk09ZANeulYEteGPEiP43BpaGA7IoZ4Z3Ri34sfh9YDBbYHdecjCAhszilPdhv1k9lyf2KNp0RB5SM5EkbO1S2g-KS4cGglwzbENPYuwaMD50pUJsDN48CX9_O_J2gpsyrs_D1FyOdw2unuLiMJrOSnvuEwbKLjUBMrLxOAOi9pzii2mx9WECh1Um5SogKhNcWOyj-0SsKLkaYuMBsegaLGNdljHNqezxjAXlz-C3MTEfr28ksGu1B5XIhZITMVzjORGS4GIzByV1UQAQhVrYVbSdmQZVIWeV2rZAjZL_3kLNAFB-NR0x_moeJdh8Unrm6eMc7TiBdCw2RX1dA&sai=AMfl-YT-1k-zK0zNnkjKEAk1yayzaD9K7bwoQHlusqtUgC7gXm_qtIoNp0DIb3d_kJa6SqculIdixHGcDTIUAFuBo3Pex6_NN50bZ9FlZAk32j4eKxnMJwBI7s9GnK10zlIIpRLOW51fogs43TmMRrDoLEwbrJgTBNvNHzwPNvlkyl6WkIdOMQ&sig=Cg0ArKJSzJjXGz8xmMZHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=;js=1;adfxid=1x;1908;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=http%3A%2F%2Fqrntwski.ugu.pl
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
66f948660cbbe344dba35b5b2d27c68d7b70293c372d923e0927e2ab590e6e09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3553
expires
-1
truncated
/ Frame CAEE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49544ef60534c779c0b16da1011c1d5b0acf6b85b1450156f31921c9097fabb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame CAEE 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmi7XFLNdaE9NXKdU-sr7UCLR03FdjKV2on37hJW27cttqK6k717detBEEODgHoy1jOrZv7FTVxhNpaACE0SULSyu12s35OXi2UJ_c1wNEdGERoHgFIfJGQsBb5rMLfEUa7KObp5Vnllldu3Nw4vdJeFRrDvvjtyhfoXd48Ib29_-Atx48VfNynHZttM6WI7KLpQK-_uA-ytaP-u4U_O-BPt_Nz_xsXkMAG6gsapIl6hAr_8jlnNEAr7BT-9GS_Cnyp8TGokr5jLqXWr3ItMRM8uoa9M5Ef68qtkfPyS8o_fuHgMQxudSDSFg486KaHPHLkkq1WGmYlmwl-ydlMZ9kCOsg4Omo763dq0wQy3jl4qVQPSSM-bExQuigYQVnlXEMeCxAcqhXSc8gEn3jTsIbH5LDIcBYTVUkVSEGQNhVEIxJq2JWRC5KmLgcUeQRLIf6_rNZncMtECZGh40P38gv53GK-i0dxdTqHqFA6Ju9o6g6n04Qa1miiax4O_gQbfkV5lWbRqAYcVwQ_xkDCA66Znix5DfZZTXocHTbo4T2EaabxC8Atgi4LLjEJ4QmdKBdRdgbJFmC6r6UsYOd5Y6cebCqCO6W1tXETxldM3-Lsi6Tpqd7j6JaUUqsLQBbNwvi8VMCI-VU4sds7K9hpZnkfshPxrdOP4PKbr2D8ZZ0GckBGEAX3PySdWcKidFzkiykcoSeCIFw-InBaMYWA9YlUbU_NTg1JddFPBAi8XfguiK-jeDfoFY1213x9HRk-VrzyngRg3_2fcxI-AzZQwILyUxV7X85AP7EXx_L2sEW8q8SEoKYBlKCvcPUebvAhDI_zcLZzft7tdiRxrH5JljKmiSd-rCO1WKFh7C7UwHGEgbYUHISnQy4UB-AJ9VMDv0Sbc-cBX0YHErXxxahstPFp3gjJ_BRmFpDTuY06xJ5DxoQcE9UaDSKrx59_AWhAetpAaA_f8I13Un5nC82rfSbBGZJ3r0cyXTlS9BfwAnGivN89GOwW1-E_fgffiGi98mNAIgzVR7S8VAWq5PTGealv8N8Az9qimoYP9NTzsV-MjZZurWjaqCY8RRT_2aX9KDX6O4GQkmYAct7tWcB2G5xhwksuMowp4x4ifHZ2NitkT-IVi0IKS92ztCkj9D6i-VOEMyWir-CKiDwzeZdMmDJl7My&sai=AMfl-YTEYbXZWAG0ln4zhFeiPevMlCA2Ct7KqyJtrn3JuVipZNSzW8G1lgGQEwpay_qrX0rhU9W1KXCMlzcHLDxunKxSPzS06Xw_zwB8SsEMjurJ5jhbAXz-PNp_cqfhaQwRWyMLd6iUTaYB8MjOB4a7VjVj8BFLR-EfZeU7NqQ&sig=Cg0ArKJSzCYRI6mpUpeFEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=469&vt=11&dtpt=459&dett=4&cstd=8&cisv=r20210616.45327&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgAHJvv7LdicC-U9pPmoofAymr4_hFn2RRjEzp-ooIXlgBtKfMm8-NM8ewbQZIGRVtyCDF6b8IkOwK2UqTZS462NZ41a0O1sYBweP9hd-Gul7Nx7KL_zgCmAgO05F1SyRJqqdB9H3TLV8pKh3sV0_EG24KMw&dbm_d=AKAmf-Cv_RrrBCBZOL1rffr_lnqEyZZbZOGdzN_ckQpwys4uglTwLJf_RaJfUDGDPodHQLNHf_MMiSvpHxxLgxm7Er-GwFcEIUVXRSP3IETgqEnA6icp6RvXewyt9QQ8jhVRPflamBNxTC3NDb1q6D_YVJatDJOP1nLTiVsxLCcIKi2fIArKHumfbzo105fEfGySyg4cnnfWGi3bF_FNGzLCb2BD3xkQI2JqPiI1lL9AyVTvFbbY-4Nxvp5HFIFnIq-uue7nyml_v1hHfM4LEWZEvt4lOaRYAKKxXfyStpy-VuwQjMTNQmeZQtlhCDK-NoLGh6qgj0Ip-lla78OU2Wog3_rM3XldrPUJBw7qRTOp1rqHSqTjtnTd78_xBWvWcyxPAal03DKQVPlp1TsOomZLlX80qRaK6bGg3-GxkW2U4dm7GVmlhxriJBs7PgzqBLI3MDGtKPS-ykkBmPJQR_xPvbjikpQUQsgZypQZNrNaZGcF5qNfbeGPeXetzMeaNlMivEItXKduKvW5ccQlcvog-kg_0LIfztSQ6yS9w1-NHeLPyTH7WP3R4zGKVnQwztozED9UEIpmHQXfBtiC0ufN3JbHMpzlGUpheGXjuBO3CwSIEV5DegLJs81QddcLHsvO2kBMGYUvudtfqv2WbDPx9TJcwOErqSOargcSDMTQujpEyXBZA7rJrMQUqNo-F1YEvxfyg7Rjuc2geMslp7-7aHeXtlrTyWIUPSb0P3u0JiyxS8TaFD6ILJHFNBaEO2VA662ShStXJWI91maenYOaMXg1Mnk-21nRV3tQ3PtanHmkDKlu8wIH0Ggl7IWgnf3IYdjUHexUadNWl0AUu0pnDKnIqrNUk6Eyrsep0-kB1m1tkx08D1WCIFkUsV3tOHsOvG8f9gQ2oCQCbuX3Z87qzzyqP442SFlzMSsFZPOxuTssxj20GolmLH923OUZ6V7xgKREWTL6oqAYfo5A0BNANOEV3WAr9KBLcC1sCdQhc0T8SerDP1VmLk_lf98d4kUtvU1Oba9dFsQSY5DTAof-ZmCzqPMPFq0UOE0alk6R-N6s2jbU7AHH4x98QewHcMlOJIaBpn5nGLxqo2XdZ7tWESFXkyHBJE6ejU1YgmICmwGI5SXGJ4vcuF5ap7DXfPAAnTDd_gfh8J7mjBigFwRn4nXN52cbqPLdTadfffCAOAm9HuEb88NXXEIvI_w6iXoGZxJxQcBTdN0OUEGLuGTjOaUlEd6h6phWSNRaVxvwLC4JgGCy6R_lW1Ay181ACTqBYJNjmoDnRrLZUBl8V3V2itcL0Dn0KoX0If0mqtao0v-JyXQIw6dsXKqYQLCVMozecelEnUNUvD5rBdmqFzWLD8y65gDy6l_3DDuv3vWgVi_NcMsJ2m7OwYPIR4MJRcBhtSqSkiJwm4UxbbSdkTfIJlTitADyVzCzN2HAJ9_tk_AihaLWL6kwebx1CRQ1Xf6rSyfPYYTtVLRIxLlExDKTUw1epOXAOt8TPbht30tv6hsjOKGPqw0kZUDbc0RHZorr9keSOEw0ZwBZCpRjryjBVTTv1-w9Kqcl1K-HCb3tcnKaW-yzgOjUcsqWqIN8EoKBuoA88zwueWvolnqLw0ZJC9HO1wjYKNc7t4ck-wVj-LBzj183j3J47W39k-zlYdWxbsY6Ll1iUPKN8G_umRZvFOrbQtG-_so9cL7Dth-Zwt7Gt-5i3tN1NGk56SofArWxV6eYK2vACUzIArBl4kEdQlMRcCtTuiAmvurGhG7ApFs4MUNB9GgxTCGtoBnJt5FPl_RcVvC2amTtHSpJQJtH_He1s-Xejoti5j-u5lntlPWJJL6kXD5chD5LSHLpWGYm3q1ctzkC5JhrWnKpUDqFyPkdkyMQG0v9dg-nGVYPuAkBvWYnRrvMt-WuOUtGfYL7Mdramg-C9D9Ym2PKPBHK-Wb7XQS4ggt9A8_f9sUC5xOra0QadmC-nlHo110OyLxoogJ5CPbjb9-1AdWgAzic73cSQ329m3KIfkOHvgb9NQ11ysiUXkyNogBHmoWLPnkG94DeRhLbMKuQ8GXg26ktE1ORpQYWaFhF-Da1cPWTc-rVTQcUWlf0VUdJ6ZI1bMapBQ29MtX-gVVRKw-T06jPS6iEt2F5MvfNXACbb5IQGyjd-TmHDGkyiypvqTbKaUyVE7yZnEkgWVbno90lqA_R5_iARJZS13Hl97G1l2QyJ3dZtsEsXVXbInkiQ5OgIvNI8OVcMHf51tEBRd4-WTBryydu2E4fzDX-JzZ03a6kgfkEafmm9fFQsf6B2LjSyU2AT9uSc9mg7-_yVSEHzPLR8DpgP5KD1ECU2XKrWQ1UDwvaRxeeHw7UX4GD_KWNbgON9FwdEJG5BWc1yl5j1VmOj3aXyIYBN1TuLwPYt-TX8vSgLmpVk58SInSj85zgQ5ItelTl16IW336a7MvbGaN-XSzVLrzyOIFVNsiiTQVXg4g9pQu1EgUSBXBzkHiXPIPoxuSIMQlX_CGH1yAdJ3uVzI4lTS6iutInEviT5JNsxtGAioLaQCeGtnE8GQ2HgGCe__EMIl4aR4DZtKOSwMwFXb9mmi1PBqgAbOrIHx-rjPCnI7P8P33084xNERRyfvYSgKBcxfLe_-V5uhm8-fu2HYg2b3hueSLVTHKn2NOD7BhQR0QYviIsUIwxYk1TmuAnAKHDrY190zImQE1KzbmWyqdr81b9vSdd1b9oW8C8rtpZdNqSmJdq4Fr07pi2zrNXcHVLVvvIYe2pCVN61nZsieLZSVj9wd6uQi0PGTc8dNCOCR2Pf54Kznkzc1tswLgS_h5OptJrUn4uwNr_09vUkS3sZQ_AdeEYDMM8KT8bK5cXNZXcPN4eN4SE8TKz9y4PhrqWWE8X2iEzj2bxifBps38HONtJz59N2e57MNCvCS9OctK0KlvtPZz77KU6FW0hqEPAqNlZIYxILdIoc8KAWV1T7FsoqmJ82SIRBG7PXX6cHDLtxuSSTZTOCnO1ZW26icf753XOuHJxpljtw8v1pYL3qzTjIXfL3e6E9x8m0o3STAymuV6iTIiF0ZffexNEj3S1DuDhkQm4dzr0nrhyY0OxtXoRHQ&cid=CAASFeRoN7CoUOybJvp4IUhk7TL-xpo-Qg&rfl=1%2Chttp%253A%252F%252Fqrntwski.ugu.pl%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 18 Jun 2021 15:09:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame CAEE 		89 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c441bbf89d0d9390e8b0148ea04b49e3ceeaee39fe451b6cbef7b3ed39ef25b6

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:36:46 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 19 Jun 2021 18:38:25 GMT
/
track.adform.net/csimpr/ Frame CAEE 		35 B
494 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=43836863&csi=Qt_wfXw8WfrZDPcFnRLZqcnMVwv1so51u8nlTCr7VB_rygPkIxxfk1tS3dRl3LQRKa3Hz0E50Aek4JE3F2ogN96vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
9216004.js
s1.adform.net/Banners/Elements/Files/143915/9216004/ Frame 036B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/9216004.js?ADFassetID=9216004&bv=257
Requested by
Host: qrntwski.ugu.pl
URL: http://qrntwski.ugu.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dabb137f66c8ee0e9953a6ff8c4fd481a47a1e59bf171dd7416ad93417b45be0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 10:13:35 GMT
server
nginx
etag
W/"601d1a4f-1450"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 036B 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:29 GMT
server
nginx
etag
W/"609e6e91-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
stylesheet.min.css
s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/css/ Frame 036B 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/css/stylesheet.min.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9970d385d4e3cea25cc871605705aaa3ac5b2c503fb3fc70f5f6e53d3e066211
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 10:13:33 GMT
server
nginx
etag
W/"601d1a4d-176f"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
text/css
gsap_3.1.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 036B 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22938
x-xss-protection
0
last-modified
Fri, 24 Jan 2020 21:59:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Jun 2021 15:09:20 GMT
bg.jpg
s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/ Frame 036B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/bg.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6642eb5f72258d8eb21a0323406126796c22b495b1b5f847a311ed561000fcbf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
last-modified
Fri, 05 Feb 2021 10:13:34 GMT
server
nginx
etag
"601d1a4e-814"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
2068
motive_1.png
s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/ Frame 036B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/motive_1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
36e82b06e1e932e81c42b1a1a136b001965d6b486f81ec9b6a12a63598833b8e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
last-modified
Fri, 05 Feb 2021 10:13:34 GMT
server
nginx
etag
"601d1a4e-4347"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
17223
txt_1_1.png
s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/ Frame 036B 		831 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/txt_1_1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2fbc872f6173eebcae8b499c05f048972e9943d2a9bd99289339656fb00183de
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
last-modified
Fri, 05 Feb 2021 10:13:34 GMT
server
nginx
etag
"601d1a4e-33f"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
831
txt_1_2.png
s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/ Frame 036B 		895 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/txt_1_2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d536de2e0caa6d538abb29a0f36ded72c876a468009bc63b89a694c939cd8ab
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
last-modified
Fri, 05 Feb 2021 10:13:34 GMT
server
nginx
etag
"601d1a4e-37f"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
895
txt_2_1.png
s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/ Frame 036B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/txt_2_1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
76ffb6ee3eb55514062006508e22ccb57c1c3435309367877aee3eb026d62e74
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
last-modified
Fri, 05 Feb 2021 10:13:34 GMT
server
nginx
etag
"601d1a4e-4f2"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1266
txt_2_2.png
s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/ Frame 036B 		908 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/txt_2_2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ebf3f41a7d72e2e6aba4a97f3f2f7dee98d1dd14916284efe477636752e0d1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
last-modified
Fri, 05 Feb 2021 10:13:34 GMT
server
nginx
etag
"601d1a4e-38c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
908
cta.png
s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/ Frame 036B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8b4c68c6b84db607eaa410af78b150aee07b6942edfc71f8cda3f80f9f7feabb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
last-modified
Fri, 05 Feb 2021 10:13:34 GMT
server
nginx
etag
"601d1a4e-4d8"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1240
logo.png
s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/ Frame 036B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/img/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3c1da2d8792b103a8a28b29a885aec930b329368fbeea9b023cc61775c073968
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
last-modified
Fri, 05 Feb 2021 10:13:34 GMT
server
nginx
etag
"601d1a4e-76f"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1903
pvm.min.js
s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/js/ Frame 036B 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/143915/9216004/bvpath_257/js/pvm.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d606a78a6a4eeb1c7e83aefac8df59f4c7c79a7d60db8077d70f989f6fa031fc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 15:09:19 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 10:13:35 GMT
server
nginx
etag
W/"601d1a4f-186f"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061503&jk=3886039952313360&bg=!29il2JzNAAZktE7iZLQ7ACkAdvg8WqFzKq1J_8P6pUg5127T7U9vFTG43v5yNu2fzdgzdDMelUOf2gIAAAIPUgAAABtoAQcKAGmUlQUG9rQ-zr6jGFTgKbuYCA_1pn2s-IwyrqUjmeSYXM9Ii4SR3mhIW1XGdLDZjVlJfizKe9yND_FjkvC95RkHRxkJqKUf5Eh6DS5qGnxtu5A-uxt0QPBuiMsgAs_bzhMxP6iPfDhlcw6ZAmVwGFIJFuRdvN4o45s4AtCyCIEZwY2cXlNB4m17xzEqqPNlyb_4sHfJG5GlLaxRYyJPtV2PkMIURy9hYxUSrdeVkO9mdwShWqgWc8XfknLyBkPVPjoMrhUWbvW_UIxidSe3qyCpqxpx1D7neN-iylOqT3KIHPawY8YgMwZBkcUrh4XEGwAVXJfD7OuDV-zF0POMRKipxXCBlLJAJXxjEy6sWm_ZR9cnOrVsn7Ua1DH7wGyDmqO8D90lG-zqqgacf2lsDz9I7CXb-fOz7C4ecm-PRYTgPb7Rdg1CDUCa1H3B2Txc1pvewQuRfp1Q6xP0QdTC9bM_fZuYYGG11fyNYo2dFy0I_rWopzkUrXx0nlL12Zj-_NujMlJ6GaQDVv-eM9O7-UHm77ntj9HylAtebJljRkxOld431_j4JHU6Ew85ntyKsirtTlzm9UWt0qoW2lhdwjaOO6OhCaZB4lL-p1xzUKut-jpWC7CwDV__5VWAlTh7OsBMNd-szs7incJZaDopQgYnR1vBis88GgjR8DBJhBIYMjHAlw71wCHj1SgMq7mILnUoCXH4ts2qEc7UUKbs29NJx0dmdAEbROzXoMzr2xcuuRrj7Ro5PObto2HPBoH8IOJhSPwcFkxDDyMu8vRiSs7z5PY2qSQVIXNbFOm4p4feR3lNSEdVMR-LzaK6PHaCkYd80Db6omxK9JejPNByHAWU3wKIa6pkIoXuV3-QbC09V4bWpYoo6iuJFpAVINd9BHyAfRNmOtffEI9l4UpxFTq33c3z8amJi724NJaucDzguxAJyDdmuPYyQPMGMB9sDtCv
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qrntwski.ugu.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CAEE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2MWRwI7xXD5U1AD9aM9p5Bl1jL5P4VZzFR90CUW2_g-PKxJj2HhSH-Y2LwW2qigPN2Ak01cgLBDQGvBVpdRKYN-lfxlacAh8BgWvkvf_qb7Yw&sai=AMfl-YQjh1IXqepen0PVFZdU1BtIB6iz4snYInkZUxGTQoxUjxORIDwp7ipAGg7OZKbsWO94dhVlQ79zcu3ob2QZvvUBwTngBPfSi7zbc1n_0EOnY26RipdRC-q4F-KPiQM&sig=Cg0ArKJSzK8_SKAe33FHEAE&cid=CAASFeRoN7CoUOybJvp4IUhk7TL-xpo-Qg&id=lidar2&mcvt=1008&p=8,436,102,1164&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2559276565&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1624028958669&dlt=282&rpt=1022&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame CAEE 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7475133438023820085@@43836863,228144485518802115,100|1184|0|0|0|0|0|0|0||40|1|||||1|0|0|SJHleSrWfv5cPlakbYq96RCgMcQtDS_0dgIuncm_xjGmvnryZbYQu4m3nyX34Xgm0|||11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:21 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame CAEE 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7475133438023820085@@43836863,228144485518802115,100|4584|0|0|0|0|0|0|0||156|1|||||1|0|0|SJHleSrWfv5cPlakbYq96RCgMcQtDS_0dgIuncm_xjGmvnryZbYQu4m3nyX34Xgm0|||01|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 15:09:24 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| pokaz function| ukryj object| googletag object| advert number| width number| height function| pp_m_ string| GoogleAnalyticsObject function| ga object| ggeac boolean| google_plmetrics object| google_js_reporting_queue object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.ugu.pl/ Name: _gat
Value: 1
.ugu.pl/ Name: _gid
Value: GA1.2.183269283.1624028957
.ugu.pl/ Name: _ga
Value: GA1.2.1529167819.1624028957

14 Console Messages

Source Level URL
Text
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #txt_3_container not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #txt_3_wrapper not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #txt_3_1 not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #motive_2_container not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #motive_2_wrapper not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #motive_2 not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #motive_3_container not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #motive_3_wrapper not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #motive_3 not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #werte_container not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #werte_wrapper not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #werte not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #b_sep not found. https://greensock.com
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js(Line 10)
Message:
GSAP target #b_sep not found. https://greensock.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6aa974048f7e61d8609a384989276dcd.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cw.money.pl
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
qrntwski.ugu.pl
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
static.stooq.com
static.stooq.pl
static1.money.pl
tpc.googlesyndication.com
track.adform.net
www.google-analytics.com
www.google.com
www.googletagservices.com
142.250.185.194
172.217.16.130
178.33.52.226
185.33.223.178
193.17.41.93
2.18.234.21
212.77.101.20
216.58.212.130
2a00:1450:4001:803::2001
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
37.157.6.234
37.157.6.242
78.47.91.49
05c2866536d1933fe1745da7ff285285176b19c45bfec4739347b8300c982a04
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1f4db5fe3e011a8915fab18c2ef8e99c18e92ec45752180c07d0daa5e6ac2b8e
1fc1a469d17a8e3da6384b6d989e3999a95fb9bba3810aab04d3d6137ec3df8f
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2fbc872f6173eebcae8b499c05f048972e9943d2a9bd99289339656fb00183de
36e82b06e1e932e81c42b1a1a136b001965d6b486f81ec9b6a12a63598833b8e
37ebf3f41a7d72e2e6aba4a97f3f2f7dee98d1dd14916284efe477636752e0d1
3896ca9d9fe2190ef9e74084ce76851821eee6dc8234c20a2038ee673cbffabc
3b250d880b43bbd7e6f85c9a2b9af88806c20183dc1432ea6a2be461dba516d2
3c1da2d8792b103a8a28b29a885aec930b329368fbeea9b023cc61775c073968
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2
49544ef60534c779c0b16da1011c1d5b0acf6b85b1450156f31921c9097fabb4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca63bc497ed178be3a527fc4232ae72a4ba9b6858554f028679c4f5542b274a
5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0
6642eb5f72258d8eb21a0323406126796c22b495b1b5f847a311ed561000fcbf
66f948660cbbe344dba35b5b2d27c68d7b70293c372d923e0927e2ab590e6e09
692ed6f5fb5ae582c77bad065c4cd169e718f52f05f47f4190e12c5405327f2b
76ffb6ee3eb55514062006508e22ccb57c1c3435309367877aee3eb026d62e74
7a22cf54a7e1cd208306c07b3a5ba02d221adfe666f1b59f4182154ba860b631
7d0412698e9ab06654b7ae9b30e9c9278dbfaac3a9306ea0cd5cbdd2bffe3259
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b4c68c6b84db607eaa410af78b150aee07b6942edfc71f8cda3f80f9f7feabb
8d536de2e0caa6d538abb29a0f36ded72c876a468009bc63b89a694c939cd8ab
949910c402ea977e662f94d475c39e7277f312b005b11ecba357be7f8e299e09
9642be2fef7b9fd43a0066cbb51ac89c5a71c37e412e686fbf472270518fb802
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97f4c286f54019fbb874f2fce6c9d026b6016dc6aa9993a567f7bd5405c12b61
9970d385d4e3cea25cc871605705aaa3ac5b2c503fb3fc70f5f6e53d3e066211
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7de4e3bef1ab6d526efc5fd7937168ea532f5c874434370e42eeb1c48e48b46
af66905f979121c1672fe7cd094daa635a5ab814061409453b8fc3906d908795
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c0ec44f4575f5910328aa02dace59ca7d14ca4f91b726df40a4c78baee81c42a
c3d3c280035b927616d0ca3a8ccb9b67990bd30e5d60fe0943187eaa711e8dcd
c441bbf89d0d9390e8b0148ea04b49e3ceeaee39fe451b6cbef7b3ed39ef25b6
c6a22f2c0374aa4368e5198e91a3629d2e0161549624cf1ecb57a41c6b2e3341
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d606a78a6a4eeb1c7e83aefac8df59f4c7c79a7d60db8077d70f989f6fa031fc
dabb137f66c8ee0e9953a6ff8c4fd481a47a1e59bf171dd7416ad93417b45be0
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ed03c6362a5b7fa3c0e4ed7afc991fc6471a25f3d2af8d3f5111137ae1ae853b
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcfc2a5e742669c147f88df265b0a17060b58be928918596e01cdeb166bfbf92