m.rmf24.pl Open in urlscan Pro
217.74.71.145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1#utm_source...
Effective URL:
http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Submission: On November 03 via manual (November 3rd 2021, 6:50:06 pm UTC) from PL — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 16 domains to perform 54 HTTP transactions. The main IP is 217.74.71.145, located in Poland and belongs to INTERIA, PL. The main domain is m.rmf24.pl.

This is the only time m.rmf24.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	217.74.71.145 217.74.71.145	16138 (INTERIA) (INTERIA)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	217.74.71.132 217.74.71.132	16138 (INTERIA) (INTERIA)
2	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	217.74.71.140 217.74.71.140	16138 (INTERIA) (INTERIA)
1 4	217.74.70.27 217.74.70.27	16138 (INTERIA) (INTERIA)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:20e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	217.74.74.30 217.74.74.30	16138 (INTERIA) (INTERIA)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
1 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
54	25

6 217.74.71.145 (Poland)

ASN16138 (INTERIA, PL)
PTR: www.rmf24.pl

m.rmf24.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.74.71.132 (Poland)

ASN16138 (INTERIA, PL)
PTR: static.interia.pl

w.iplsc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.iplsc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.74.71.140 (Poland)

ASN16138 (INTERIA, PL)
PTR: cv.interia.pl

i.iplsc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.74.70.27 (Poland) 1 redirects

ASN16138 (INTERIA, PL)
PTR: static-217-74-70-27.interia.pl

rmf.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:20e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.74.74.30 (Poland) 1 redirects

ASN16138 (INTERIA, PL)
PTR: hub.com.pl

hub.com.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1736f510c7a710d2d2f5f65c671cb6b4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	gstatic.com fonts.gstatic.com	102 KB
6	googlesyndication.com 1736f510c7a710d2d2f5f65c671cb6b4.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	39 KB
6	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	128 KB
6	gemius.pl 1 redirects rmf.hit.gemius.pl ls.hit.gemius.pl	19 KB
6	rmf24.pl m.rmf24.pl	198 KB
5	iplsc.com w.iplsc.com i.iplsc.com js.iplsc.com	185 KB
3	adform.net 1 redirects s1.adform.net adx.adform.net	25 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	google.de www.google.de adservice.google.de	1 KB
2	google.com www.google.com adservice.google.com	1 KB
2	hub.com.pl 1 redirects hub.com.pl	2 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	zencdn.net vjs.zencdn.net	158 KB
2	googleapis.com fonts.googleapis.com	3 KB
2	googletagmanager.com www.googletagmanager.com	84 KB
1	facebook.com graph.facebook.com	690 B
54	16

	Domain	Requested by
7	fonts.gstatic.com	fonts.googleapis.com
6	m.rmf24.pl	m.rmf24.pl
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net m.rmf24.pl
4	rmf.hit.gemius.pl	1 redirects m.rmf24.pl rmf.hit.gemius.pl
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com m.rmf24.pl
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	w.iplsc.com	m.rmf24.pl
2	adx.adform.net	1 redirects
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	ls.hit.gemius.pl	rmf.hit.gemius.pl ls.hit.gemius.pl
2	hub.com.pl	1 redirects m.rmf24.pl
2	www.googletagservices.com	m.rmf24.pl securepubads.g.doubleclick.net
2	vjs.zencdn.net	m.rmf24.pl
2	fonts.googleapis.com	m.rmf24.pl
2	www.googletagmanager.com	m.rmf24.pl
1	s1.adform.net	securepubads.g.doubleclick.net
1	1736f510c7a710d2d2f5f65c671cb6b4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	m.rmf24.pl
1	www.google.com	m.rmf24.pl
1	stats.g.doubleclick.net	www.google-analytics.com
1	graph.facebook.com	w.iplsc.com
1	js.iplsc.com	m.rmf24.pl
1	i.iplsc.com	m.rmf24.pl
54	25

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.iplsc.com Certyfikat SSL	`2021-07-12` - `2022-07-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-13` - `2021-11-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Frame ID: FAD3AD58D3284B8CCC34B413FC21AF5C
Requests: 49 HTTP requests in this frame

Frame: https://hub.com.pl/_sslredir/_1635965400078/ad.js?id=_TFHu8D4h133X3YKCO44ddRNzR3Czidw8p9Fc82nwCn.S7/adov=4.1.0/x=1600/y=1200/key=testcappinguposlowach,adb0,ck_device_windows,ck_browser_chrome,/fv=-/adoisfif=2/nc=1
Frame ID: 4A16EF8D63C241678E9611CC40FFDA8C
Requests: 1 HTTP requests in this frame

Frame: http://ls.hit.gemius.pl/lsget.html
Frame ID: 698C3F9A63EEF7927269727580B79FCA
Requests: 1 HTTP requests in this frame

Frame: https://1736f510c7a710d2d2f5f65c671cb6b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DFBE44706EF1CD5AA6CC974B86896747
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html?mode=new
Frame ID: 864617DA1810B23EA6FC138DED8270C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0FFED4CB9138CBB7E5EE94B4479FBFE0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

54
Requests

52 %
HTTPS

63 %
IPv6

16
Domains

25
Subdomains

25
IPs

6
Countries

1028 kB
Transfer

3014 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://www.googletagmanager.com/gtag/js?id=G-K3J5FQ7S7Y&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=G-K3J5FQ7S7Y&l=dataLayer&cx=c

Request Chain 30

http://hub.com.pl/_1635965400078/ad.js?id=_TFHu8D4h133X3YKCO44ddRNzR3Czidw8p9Fc82nwCn.S7/adov=4.1.0/x=1600/y=1200/key=testcappinguposlowach,adb0,ck_device_windows,ck_browser_chrome,/fv=-/adoisfif=2/nc=1 HTTP 301
https://hub.com.pl/_sslredir/_1635965400078/ad.js?id=_TFHu8D4h133X3YKCO44ddRNzR3Czidw8p9Fc82nwCn.S7/adov=4.1.0/x=1600/y=1200/key=testcappinguposlowach,adb0,ck_device_windows,ck_browser_chrome,/fv=-/adoisfif=2/nc=1

Request Chain 42

https://rmf.hit.gemius.pl/_1635965400341/rexdot.js?l=100&id=chrgi4eOdzXH9sXGZykjQmXjTDlZfOxDidv8TTYTaY3.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1%23utm_source%3Daplikacja_rmf24%26utm_medium%3Dpush%26utm_campaign%3Dnews&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=224&lsdata=UNAgcx_x1SCy9hNBAYX1uW1MMGqqHLepDsuK8xBD3pv.z717guVPRozLQcOxwcP_p2XpsOWX.PlikYoYmS74N7aYITQn/SX5eGaeEXdnqm/&fpdata=hgh6kRvot7j5cPLDO8pI3FeZOcBkTLDgMTd9Khcmi6..s7&vis=1&lsadd=&fpcap= HTTP 301
https://rmf.hit.gemius.pl/__/_1635965400341/rexdot.js?l=100&id=chrgi4eOdzXH9sXGZykjQmXjTDlZfOxDidv8TTYTaY3.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1%23utm_source%3Daplikacja_rmf24%26utm_medium%3Dpush%26utm_campaign%3Dnews&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=224&lsdata=UNAgcx_x1SCy9hNBAYX1uW1MMGqqHLepDsuK8xBD3pv.z717guVPRozLQcOxwcP_p2XpsOWX.PlikYoYmS74N7aYITQn/SX5eGaeEXdnqm/&fpdata=hgh6kRvot7j5cPLDO8pI3FeZOcBkTLDgMTd9Khcmi6..s7&vis=1&lsadd=&fpcap=

Request Chain 53

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTc5Njk1MA&url=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1&callback=_adform_cb_1635965401132_6538539498364806 HTTP 302
https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc5Njk1MA&url=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1&callback=_adform_cb_1635965401132_6538539498364806

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1 Show response
m.rmf24.pl/ekonomia/ 37 KB
10 KB 303ms
270ms Document
text/html 217.74.71.145
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: HTTP/1.1
Server: 217.74.71.145 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: www.rmf24.pl
Software: IPL/2.2 /
Resource Hash: d98fb738828d478bd759b0dba8a09793e387fab0743e91d978de368ce270dea6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
content-type: text/html; charset=UTF-8
content-length: 9776
date: Wed, 03 Nov 2021 18:49:59 GMT
vary: Accept-Encoding
server: IPL/2.2
cache-control: private
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 43ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3254603-39

Requested by

Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f51ddc815838d6c51629b50e192efaa4ed02567ef62c26205f08bce96d93e8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 18:49:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35791
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Nov 2021 18:49:59 GMT

GET
H/1.1 200
OK layout.css
m.rmf24.pl/s/ 8 KB
2 KB 34ms
34ms Stylesheet
text/css 217.74.71.145
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: http://m.rmf24.pl/s/layout.css
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: HTTP/1.1
Server: 217.74.71.145 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: www.rmf24.pl
Software: IPL/2.2 /
Resource Hash: 6bb765a79487f9698fa972dfe5d819b99c0d0236efa1a08dbc0985d6a2bc3f0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:06:44 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 10:58:23 GMT
server: IPL/2.2
vary: Accept-Encoding
content-type: text/css
cache-control: private
accept-ranges: bytes
content-length: 2029
expires: Fri, 19 Aug 2022 12:06:44 GMT

GET
H/1.1 200
OK css.10409-1057.min.css
m.rmf24.pl/s/classic/ 117 KB
25 KB 70ms
68ms Stylesheet
text/css 217.74.71.145
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: http://m.rmf24.pl/s/classic/css.10409-1057.min.css
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: HTTP/1.1
Server: 217.74.71.145 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: www.rmf24.pl
Software: IPL/2.2 /
Resource Hash: 1a19b1c77fe2e2f8491534472256b7cccfbd4520b23fc72a247392af22808808

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:05:56 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 10:58:23 GMT
server: IPL/2.2
vary: Accept-Encoding
content-type: text/css
cache-control: private
accept-ranges: bytes
content-length: 25545
expires: Fri, 19 Aug 2022 12:05:56 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 12 KB
2 KB 23ms
21ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto:900,100,400,500,600,700,300&subset=latin,latin-ext

Requested by

Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffe2b2d2ff1e1e1023f32ced9c3626bba1f21b149f8b24c7b6d255d45ff8b111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 18:49:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Wed, 03 Nov 2021 18:49:59 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
Expires: Wed, 03 Nov 2021 18:49:59 GMT

GET
H/1.1 200
OK video-js.css
m.rmf24.pl/j/videojs/ 57 KB
15 KB 68ms
67ms Stylesheet
text/css 217.74.71.145
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: http://m.rmf24.pl/j/videojs/video-js.css?c=3
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: HTTP/1.1
Server: 217.74.71.145 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: www.rmf24.pl
Software: IPL/2.2 /
Resource Hash: 143f14ab6c3af2f5500cbf9c3a40648f1be42ebedfa7dac5fb7c98f1044a2a89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:06:46 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 10:58:45 GMT
server: IPL/2.2
vary: Accept-Encoding
content-type: text/css
cache-control: private
accept-ranges: bytes
content-length: 15096
expires: Fri, 19 Aug 2022 12:06:46 GMT

GET
H/1.1 200
OK videojs.vast.vpaid.css
m.rmf24.pl/j/videojs/ 10 KB
4 KB 68ms
67ms Stylesheet
text/css 217.74.71.145
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: http://m.rmf24.pl/j/videojs/videojs.vast.vpaid.css?c=4
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: HTTP/1.1
Server: 217.74.71.145 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: www.rmf24.pl
Software: IPL/2.2 /
Resource Hash: 8457364f8a9f2d8a19cb40e4e429a45975e50862871150925a38b4b103eeaa3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:05:29 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 10:58:32 GMT
server: IPL/2.2
vary: Accept-Encoding
content-type: text/css
cache-control: private
accept-ranges: bytes
content-length: 3748
expires: Fri, 19 Aug 2022 12:05:29 GMT

GET
H2 200 jquery-1.8.3.js Show response
w.iplsc.com/external/jquery/ 91 KB
33 KB 144ms
66ms Script
text/javascript 217.74.71.132
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: https://w.iplsc.com/external/jquery/jquery-1.8.3.js
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.74.71.132 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: static.interia.pl
Software: IPL/2.2 /
Resource Hash: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 22:54:23 GMT
content-encoding: gzip
last-modified: Tue, 26 Feb 2013 09:12:35 GMT
server: IPL/2.2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, private
accept-ranges: bytes
content-length: 33471
expires: Mon, 12 Sep 2022 22:54:23 GMT

GET
H/1.1 200
OK videojs-ie8.min.js Show response
vjs.zencdn.net/ie8/1.1.2/ 27 KB
9 KB 23ms
11ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vjs.zencdn.net/ie8/1.1.2/videojs-ie8.min.js
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: HTTP/1.1
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 18:49:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Feb 2016 20:27:09 GMT
ETag: "2ff9bb22f0b1789ac170247b0825488f"
X-Served-By: cache-fra19174-FRA
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 8924
X-Cache-Hits: 28726

GET
H/1.1 200
OK video.js Show response
vjs.zencdn.net/5.8.8/ 687 KB
149 KB 23ms
12ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vjs.zencdn.net/5.8.8/video.js
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: HTTP/1.1
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4eb081b553eedcd0ee1748367d17cc5b93f4bdadc9d3d06bdf74c50c63306d54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 18:49:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Apr 2016 17:40:15 GMT
ETag: "565cd42bcee295d6674ef49a022d3767"
X-Served-By: cache-fra19127-FRA
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 151840
X-Cache-Hits: 1

GET
H/1.1 200
OK videojs_5.vast.vpaid.js Show response
m.rmf24.pl/j/videojs/ 604 KB
141 KB 68ms
68ms Script
application/javascript 217.74.71.145
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: http://m.rmf24.pl/j/videojs/videojs_5.vast.vpaid.js
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: HTTP/1.1
Server: 217.74.71.145 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: www.rmf24.pl
Software: IPL/2.2 /
Resource Hash: 834cb7782094c5bb0b2f912a76549c04bdb073cb4feded90c95fe0a9a3fde72a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:05:29 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 10:58:41 GMT
server: IPL/2.2
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 144370
expires: Fri, 19 Aug 2022 12:05:29 GMT

GET
H2 200 000DK6SO6SH2SUY7-C116-F4.jpg
i.iplsc.com/-/ 114 KB
114 KB 156ms
65ms Image
image/jpeg 217.74.71.140
INTERIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.iplsc.com/-/000DK6SO6SH2SUY7-C116-F4.jpg
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.74.71.140 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: cv.interia.pl
Software: IPL/2.2 /
Resource Hash: e8e678db4537ca640f58182cdd048a79d5c8403392b5967733b09d6d82d61bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 15:14:17 GMT
last-modified: Wed, 03 Nov 2021 15:14:17 GMT
server: IPL/2.2
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 116322
expires: Thu, 04 Nov 2021 15:14:17 GMT

GET
H2 200 utils.fluidEmbed.js Show response
w.iplsc.com/internal/utils.fluidEmbed/1.0.3/ 2 KB
1 KB 35ms
34ms Script
text/javascript 217.74.71.132
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: https://w.iplsc.com/internal/utils.fluidEmbed/1.0.3/utils.fluidEmbed.js
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.74.71.132 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: static.interia.pl
Software: IPL/2.2 /
Resource Hash: 3f3ad21d94d036a807d3cdb2bdbc3fa58dfb02586c94865646b58aa1140937b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:10:20 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 08:37:50 GMT
server: IPL/2.2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, private
accept-ranges: bytes
content-length: 1072
expires: Sun, 10 Jul 2022 11:10:20 GMT

GET
H2 200 utils.fluidTwitterEmbed.js Show response
w.iplsc.com/internal/utils.fluidTwitterEmbed/1.0.0/ 435 B
546 B 34ms
34ms Script
text/javascript 217.74.71.132
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: https://w.iplsc.com/internal/utils.fluidTwitterEmbed/1.0.0/utils.fluidTwitterEmbed.js
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.74.71.132 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: static.interia.pl
Software: IPL/2.2 /
Resource Hash: cd40c1f5e1cf9a6c0ae87f44da2d7ed189aff35a63f3b1e01216ebf3b7576cc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 18:49:04 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 09:56:09 GMT
server: IPL/2.2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: private
accept-ranges: bytes
content-length: 303
expires: Sun, 09 May 2021 19:26:58 GMT

GET
H/1.1 200
OK xgemius.js Show response
rmf.hit.gemius.pl/ 40 KB
11 KB 172ms
68ms Script
application/x-javascript 217.74.70.27
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: http://rmf.hit.gemius.pl/xgemius.js
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: HTTP/1.1
Server: 217.74.70.27 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: static-217-74-70-27.interia.pl
Software: GHC /
Resource Hash: 9c895d98c2eb5b761bed27aac47140dd87b547a834f37b35f7488ef1472a219a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 18:50:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Oct 2021 10:11:55 GMT
Server: GHC
Vary: Accept-Encoding,Origin
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control: max-age=43200
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: none
Content-Type: application/x-javascript
Keep-Alive: timeout=10
Content-Length: 10837
Expires: Thu, 04 Nov 2021 06:50:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3254603-39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 2934
date: Wed, 03 Nov 2021 18:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 03 Nov 2021 20:01:06 GMT

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=G-K3J5FQ7S7Y&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=G-K3J5FQ7S7Y&l=dataLayer&cx=c

125 KB
49 KB

25ms
24ms

Script
application/javascript

2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K3J5FQ7S7Y&l=dataLayer&cx=c

Requested by

Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1

Protocol

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a861a6b2c32b3c6c45073ee92260e0f19d77819410aa0597186020fb5a4f8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 18:50:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49669
x-xss-protection: 0
expires: Wed, 03 Nov 2021 18:50:00 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=G-K3J5FQ7S7Y&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto

Requested by

Host: m.rmf24.pl
URL: http://m.rmf24.pl/s/classic/css.10409-1057.min.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c3601468a52dbec4f63e94c55e51ad11c54016d798477c34392d563841038e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 18:49:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Wed, 03 Nov 2021 18:39:21 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
Expires: Wed, 03 Nov 2021 18:49:59 GMT

GET
H/1.1 200
OK inpl.anc.js Show response
js.iplsc.com/inpl.anc/1.1.117/ 122 KB
36 KB 86ms
69ms Script
text/javascript 217.74.71.132
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: http://js.iplsc.com/inpl.anc/1.1.117/inpl.anc.js
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: HTTP/1.1
Server: 217.74.71.132 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: static.interia.pl
Software: IPL/2.2 /
Resource Hash: d12a26b1782beb3b6228f3696778ddeed2a7ff8cc17a0987a8390630c753f384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 18:48:34 GMT
content-encoding: gzip
last-modified: Wed, 20 May 2020 09:02:07 GMT
server: IPL/2.2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: private
accept-ranges: bytes
content-length: 36653
expires: Thu, 03 Nov 2022 18:48:35 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9699ad790cc8a6a73ab30c5ec527a43a3e9a446b97cc39ed695dc1fcdf489b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 18:50:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1033 / 260 of 1000 / last-modified: 1635937567"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 27284
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Wed, 03 Nov 2021 18:50:00 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://m.rmf24.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 03:54:28 GMT
X-Content-Type-Options: nosniff
Age: 485732
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15688
X-XSS-Protection: 0
Last-Modified: Wed, 22 Sep 2021 16:13:19 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Sat, 29 Oct 2022 03:54:28 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:900,100,400,500,600,700,300&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://m.rmf24.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 05:21:06 GMT
X-Content-Type-Options: nosniff
Age: 480534
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15828
X-XSS-Protection: 0
Last-Modified: Wed, 22 Sep 2021 16:13:28 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Sat, 29 Oct 2022 05:21:06 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:900,100,400,500,600,700,300&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://m.rmf24.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 14:30:07 GMT
X-Content-Type-Options: nosniff
Age: 533993
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15732
X-XSS-Protection: 0
Last-Modified: Wed, 22 Sep 2021 16:13:20 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 28 Oct 2022 14:30:07 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:900,100,400,500,600,700,300&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://m.rmf24.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 05:32:11 GMT
X-Content-Type-Options: nosniff
Age: 134269
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15920
X-XSS-Protection: 0
Last-Modified: Wed, 22 Sep 2021 16:13:21 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Wed, 02 Nov 2022 05:32:11 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://m.rmf24.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 12:27:23 GMT
X-Content-Type-Options: nosniff
Age: 22957
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 11860
X-XSS-Protection: 0
Last-Modified: Wed, 22 Sep 2021 16:13:24 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 03 Nov 2022 12:27:23 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:900,100,400,500,600,700,300&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://m.rmf24.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 05:32:09 GMT
X-Content-Type-Options: nosniff
Age: 134271
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 11836
X-XSS-Protection: 0
Last-Modified: Wed, 22 Sep 2021 16:13:22 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Wed, 02 Nov 2022 05:32:09 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 11 KB
12 KB 512ms
512ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:900,100,400,500,600,700,300&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://m.rmf24.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 18:50:00 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 11768
X-XSS-Protection: 0
Last-Modified: Wed, 22 Sep 2021 16:13:23 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 03 Nov 2022 18:50:00 GMT

GET
H2 200 / Show response
graph.facebook.com/ 251 B
690 B 81ms
35ms Script
text/javascript 2a03:2880:f01c:20e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?fields=og_object{comments.order(reverse_chronological).limit(5)}&id=http://www.rmf24.pl/news-,nId,5622505&callback=jQuery183002911422031341404_1635965399891&_=1635965399992

Requested by

Host: w.iplsc.com
URL: https://w.iplsc.com/external/jquery/jquery-1.8.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:20e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6af52bfcd2350890e15e9170d73d045b98f489dc41b8085c2d5741250601f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004666629
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 195
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: XDgs/EuoiK/u31XOZQcwDBWD+5/kqCpKHCoIMQo5iZBRAkoXnX2FDDMTPnP4xl5puhmpLAZM4vRduryMREQapg==
x-fb-trace-id: CmpOu01pZUG
date: Wed, 03 Nov 2021 18:50:00 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AToHYxM_FIoXqMmKETzNSVz
cache-control: no-store
facebook-api-version: v5.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 15ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=694815049&t=pageview&_s=1&dl=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1%23utm_source%3Daplikacja_rmf24%26utm_medium%3Dpush%26utm_campaign%3Dnews&ul=en-us&de=UTF-8&dt=RPP%20og%C5%82asza%20mocn%C4%85%20podwy%C5%BCk%C4%99%20st%C3%B3p%20procentowych!%20-%20Mobilny%20RMF24.PL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1651518013&gjid=891129852&cid=1519531788.1635965400&tid=UA-3254603-39&_gid=1468017376.1635965400&_r=1&gtm=uar&z=743085531

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://m.rmf24.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 18:50:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://m.rmf24.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021110101.js Show response
securepubads.g.doubleclick.net/gpt/ 350 KB
119 KB 38ms
15ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

70fedf5fb986e73167530f1acf001c1cfc07af1e0c21c4607513ad3356a8a078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120683
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 08:35:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 18:50:00 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 82 B
715 B 36ms
16ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.rmf24.pl

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

92ec06c6f0e799eeab25fbc9bdb43b10e2a65caaddd9b7d3d12a60c3910a39cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Wed, 03 Nov 2021 18:50:00 GMT

GET
H2

200

ad.js Show response
hub.com.pl/_sslredir/_1635965400078/ Frame 4A16
Redirect Chain

http://hub.com.pl/_1635965400078/ad.js?id=_TFHu8D4h133X3YKCO44ddRNzR3Czidw8p9Fc82nwCn.S7/adov=4.1.0/x=1600/y=1200/key=testcappinguposlowach,adb0,ck_device_windows,ck_browser_chrome,/fv=-/adoisfif=2...
https://hub.com.pl/_sslredir/_1635965400078/ad.js?id=_TFHu8D4h133X3YKCO44ddRNzR3Czidw8p9Fc82nwCn.S7/adov=4.1.0/x=1600/y=1200/key=testcappinguposlowach,adb0,ck_device_windows,ck_browser_chrome,/fv=-...

3 KB
1 KB

140ms
35ms

Script
application/x-javascript

217.74.74.30
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: https://hub.com.pl/_sslredir/_1635965400078/ad.js?id=_TFHu8D4h133X3YKCO44ddRNzR3Czidw8p9Fc82nwCn.S7/adov=4.1.0/x=1600/y=1200/key=testcappinguposlowach,adb0,ck_device_windows,ck_browser_chrome,/fv=-/adoisfif=2/nc=1
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: H2
Server: 217.74.74.30 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: hub.com.pl
Software: GAD /
Resource Hash: ad850fae4817fc83b19e1b4a781522bb124ff05aa1aaa3b179a56ce2943a92fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 18:50:00 GMT
content-encoding: gzip
server: GAD
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 1278
expires: Tue, 02 Nov 2021 18:50:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 18:50:00 GMT
Server: GAD
Vary: Accept-Encoding,Origin
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: https://hub.com.pl/_sslredir/_1635965400078/ad.js?id=_TFHu8D4h133X3YKCO44ddRNzR3Czidw8p9Fc82nwCn.S7/adov=4.1.0/x=1600/y=1200/key=testcappinguposlowach,adb0,ck_device_windows,ck_browser_chrome,/fv=-/adoisfif=2/nc=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0
Expires: Tue, 02 Nov 2021 18:50:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 44ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-3254603-39&cid=1519531788.1635965400&jid=1651518013&gjid=891129852&_gid=1468017376.1635965400&_u=YEBAAUAAAAAAAC~&z=1980780098

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://m.rmf24.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Nov 2021 18:50:00 GMT
content-type: text/plain
access-control-allow-origin: http://m.rmf24.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 14ms
14ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K3J5FQ7S7Y&gtm=ear&_p=694815049&sr=1600x1200&ul=en-us&cid=1519531788.1635965400&_s=1&dl=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1&dt=RPP%20og%C5%82asza%20mocn%C4%85%20podwy%C5%BCk%C4%99%20st%C3%B3p%20procentowych!%20-%20Mobilny%20RMF24.PL&sid=1635965399&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-K3J5FQ7S7Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://m.rmf24.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 18:50:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://m.rmf24.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
rmf.hit.gemius.pl/ 277 B
508 B 181ms
106ms Script
application/x-javascript 217.74.70.27
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: https://rmf.hit.gemius.pl/fpdata.js?href=m.rmf24.pl
Requested by: Host: rmf.hit.gemius.pl
URL: http://rmf.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.74.70.27 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: static-217-74-70-27.interia.pl
Software: GHC /
Resource Hash: 3c910b9a258ddecf02d7d31eaa4b38105a1134bb1285c236329fef548345a8a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 18:50:00 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 277
expires: Fri, 03 Dec 2021 18:50:00 GMT

GET
H/1.1 200
OK lsget.html Show response
ls.hit.gemius.pl/ Frame 698C 5 KB
3 KB 87ms
50ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ls.hit.gemius.pl/lsget.html
Requested by: Host: rmf.hit.gemius.pl
URL: http://rmf.hit.gemius.pl/xgemius.js
Protocol: HTTP/1.1
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: b677d249e0039c3670de710f10fdabe1916926d54a5e8c1811bbda2a0755d542

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/

Response headers

Date: Wed, 03 Nov 2021 18:50:00 GMT
Expires: Fri, 03 Dec 2021 18:50:00 GMT
Server: GHC
Accept-Ranges: none
Cache-Control: private, max-age=2592000
Last-Modified: Mon, 16 Jul 2012 10:03:40 GMT
ETag: PRIVATE7520710249
Vary: Accept-Encoding,Origin,User-Agent
Cross-Origin-Resource-Policy: cross-origin
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Type: text/html;charset=utf-8
Content-Length: 2717
Content-Encoding: gzip

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 66ms
44ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-3254603-39&cid=1519531788.1635965400&jid=1651518013&_u=YEBAAUAAAAAAAC~&z=402270634

Requested by

Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 18:50:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 65ms
42ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-3254603-39&cid=1519531788.1635965400&jid=1651518013&_u=YEBAAUAAAAAAAC~&z=402270634

Requested by

Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 18:50:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 45ms
18ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.rmf24.pl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.rmf24.pl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 437ms
436ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3474717185697149&correlator=43579776797519&output=ldjh&impl=fif&eid=31063335%2C31063401%2C31063246&vrg=2021110101&ptt=17&sc=0&sfv=1-0-38&ecs=20211103&iu_parts=119818256%2CRMF_24_app_webview&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x100%7C320x50&cookie_enabled=1&bc=23&abxe=1&lmt=1635965400&dt=1635965400178&dlt=1635965399691&idt=461&frm=20&biw=1600&bih=1200&oid=2&adxs=431&adys=182&adks=5936157&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1%23utm_source%3Daplikacja_rmf24%26utm_medium%3Dpush%26utm_campaign%3Dnews&vis=1&scr_x=0&scr_y=0&psz=738x0&msz=738x0&ga_vid=1519531788.1635965400&ga_sid=1635965400&ga_hid=694815049&ga_fc=true&fws=4&ohw=738&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2cca3dec4a688f8e39953853a95ec5a6eebefb7eb4448f7ad14b01a607d7fef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 18:50:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8232
x-xss-protection: 0
google-lineitem-id: 5333673739
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138306974880
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://m.rmf24.pl
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1736f510c7a710d2d2f5f65c671cb6b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DFBE 6 KB
4 KB 98ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1736f510c7a710d2d2f5f65c671cb6b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 03 Nov 2021 18:50:00 GMT
expires: Thu, 03 Nov 2022 18:50:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 8646 5 KB
3 KB 85ms
29ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html?mode=new
Requested by: Host: ls.hit.gemius.pl
URL: http://ls.hit.gemius.pl/lsget.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 5cbe667d95da564baca2a7207bd451fe2f44617f03877c45dc4fbbcb92e6ff57

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://ls.hit.gemius.pl/

Response headers

date: Wed, 03 Nov 2021 18:50:00 GMT
expires: Fri, 03 Dec 2021 18:50:00 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2724
content-encoding: gzip

GET
H2

200

rexdot.js Show response
rmf.hit.gemius.pl/__/_1635965400341/
Redirect Chain

https://rmf.hit.gemius.pl/_1635965400341/rexdot.js?l=100&id=chrgi4eOdzXH9sXGZykjQmXjTDlZfOxDidv8TTYTaY3.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fm.rmf24.pl%2F...
https://rmf.hit.gemius.pl/__/_1635965400341/rexdot.js?l=100&id=chrgi4eOdzXH9sXGZykjQmXjTDlZfOxDidv8TTYTaY3.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fm.rmf24.pl...

450 B
703 B

76ms
76ms

Script
application/x-javascript

217.74.70.27
INTERIA

General

Check archive.org

Show headers Download Go to

Full URL: https://rmf.hit.gemius.pl/__/_1635965400341/rexdot.js?l=100&id=chrgi4eOdzXH9sXGZykjQmXjTDlZfOxDidv8TTYTaY3.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1%23utm_source%3Daplikacja_rmf24%26utm_medium%3Dpush%26utm_campaign%3Dnews&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=224&lsdata=UNAgcx_x1SCy9hNBAYX1uW1MMGqqHLepDsuK8xBD3pv.z717guVPRozLQcOxwcP_p2XpsOWX.PlikYoYmS74N7aYITQn/SX5eGaeEXdnqm/&fpdata=hgh6kRvot7j5cPLDO8pI3FeZOcBkTLDgMTd9Khcmi6..s7&vis=1&lsadd=&fpcap=
Requested by: Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1
Protocol: H2
Server: 217.74.70.27 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: static-217-74-70-27.interia.pl
Software: GHC /
Resource Hash: fc83c0dc49c64701e7efacdfed76215ac4c44f7b852d0eed7c105a9e34c1f011

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 18:50:00 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 450
expires: Tue, 02 Nov 2021 18:50:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 18:50:00 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1635965400341/rexdot.js?l=100&id=chrgi4eOdzXH9sXGZykjQmXjTDlZfOxDidv8TTYTaY3.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1%23utm_source%3Daplikacja_rmf24%26utm_medium%3Dpush%26utm_campaign%3Dnews&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=224&lsdata=UNAgcx_x1SCy9hNBAYX1uW1MMGqqHLepDsuK8xBD3pv.z717guVPRozLQcOxwcP_p2XpsOWX.PlikYoYmS74N7aYITQn/SX5eGaeEXdnqm/&fpdata=hgh6kRvot7j5cPLDO8pI3FeZOcBkTLDgMTd9Khcmi6..s7&vis=1&lsadd=&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 02 Nov 2021 18:50:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 49ms
21ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c29ed55d2858e39910676b7cbe4b12d83f75d16c98b4195c71d651969614833a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9204
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 59ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 03 Nov 2021 18:50:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 43ms
43ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd-ZtdNQK2kbftK3IA8BKpAz96Po53hoZj1Y4cQf3G3YO9Shd4Wos7vKX9jcJy-YjTEhCtVZbmodn_8Oa-6a6Ce5NnvYbEC0YFTemCjiLucAhStpxDN-XrcU8spSr7UlXcFZWmR22W5ljxxxohUhL9n5_D4oJaqTpSHSaavfg9y-oeySbliQrJfm7X7qzO6dRB8_4lmzC-OuNDZQ9GpggoVYYM5SAffvAaM57PKI-af4LdXPL7G7ptNIriaOvcI5iq92Pcud_P_vt5z5KFAwuoc3FtTBjTZRsba-5TgxkVsMoNkwOzhcc9zm6hfnI&sai=AMfl-YR6Lv04fxuJowguUWHJtRXraaP9iEALNecSqLE7iP8_d_BL7C5YfVauMj5Z7KtEXiSG5RIRhQd0p-31AITPwO-gXz0lR_jxD8BUtj8GTdj3-QFbiWuog-fEx4cwVvAH&sig=Cg0ArKJSzGdRRFyrJtkGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 18:50:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 03 Nov 2021 18:50:00 GMT

GET
H/1.1 200
OK adx.js Show response
s1.adform.net/banners/scripts/ 58 KB
24 KB 321ms
31ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/banners/scripts/adx.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401
Protocol: HTTP/1.1
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 18:50:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Aug 2021 08:55:54 GMT
Server: nginx
ETag: W/"612c9d1a-e958"
X-Cache-Status: HIT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 120 KB
37 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.rmf24.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 03 Nov 2021 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37579
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635787520984751"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Nov 2021 18:50:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0FFE 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 03 Nov 2021 18:17:18 GMT
expires: Thu, 03 Nov 2022 18:17:18 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0FFE 35 KB
14 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 14:34:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 14:34:54 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7108ee4dbf7f9ace74020647dcc149220182dc0f38f2cdd3e706f45fe8400e99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
234 B 43ms
43ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110101&jk=3474717185697149&bg=!DA-lD0vNAAZzbWp4c207ACkAdvg8WrBDUiOOnfHkqs8b8WzxM1R6zKCx3U_ge6hupUQXMdqVtmMdHQIAAABiUgAAAAxoAQeZArXrCdYjep2nIOJHckfAHzJYaFp1rh991hNDS2swLQk_De-z_EnbvJqzmxf6Fm761diDlGW4ni4ZNSY-fezxUAdaVM9DWJdMffcp05B1B6LbJeUO-H1nCCt2ejKDdTDz7oNDfERfYntxZR5wWfHdDmS3JX8M9xGSZvos0WXIICNA2nMaceDLcRtFtX1lKqaJJaFWfAeolyQDrRRb25LCnxgQuj3T7iWMEb4cvV9E40B_hjKws1j_7URfzEsyWS_0MOyNbTOlutqBo_qTExYB1raHZHzfgqUV43BXcmtmXI3votIheFt_jPR_WqzIzwtJXaGCypcd-yi-PJv8IUyQnPUQ4Cb1EO9cb1Vg9PdPOkGdX1q8Vq3hLu5C1f4fVoniNO5SvLgYCkFaUAnbL1YZqO1u_ErLd46d9J2byuYUawq1wgUSX4N_zGh8w-Gc0uWSVc3bCMBK2XaHDwmPzWLJWh3VbFVVRmFFY1d5ET2XKszMRxk8teC04BSLx4KYJJEI6mCt3xBPPnOyAkIKSeo5TKZerVxUzRy4aM8SDD5jOcNiEWbstr_26pRvVHEP8O_f1d6OCb_oMgZaI-wN5RsEteVevKK62embVKUXR2L_8nVYlZeulQwZNC8zq4VgWVghy-80hHcmBCJW6o5VzX0WhBhK55qs9KH18m0QSLXAECbyrjS-_dDfyPqPDbIOg1wEIaN2J7rMXfaCrf41C6K1rBS2afuRKCp5AYpZVxDDnuJjNSvgjRPEcDOrcUCwmAMBQJwgJnMaU4--41aLBiL2tYOyzbQ5felDGEhfczBMd2JJHUhdr2qY0I6XcpvB-Pe3Xn1uBXGUZbOX_jif7XQ8mAbmjhdd0cFUBJzV6_1aXCcjmqMAgwnWvYnSmAxEjiot_QJmV2Eo-NNbMp8lHOD1i3rcaAwKoCw

Requested by

Host: m.rmf24.pl
URL: http://m.rmf24.pl/ekonomia/news-rpp-oglasza-mocna-podwyzke-stop-procentowych,nId,5622505,av,1,twitter,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 18:50:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 61ms
44ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoDyqZ9scWH1pWrxEpPwVWy69ThjQwOhiA6KFzhF43XGw4Di5EmNK0WBKm20Lx0K2kowDSSz_oToFOuQ-LIzcBboWGilpc1JWvChkHlNgJnjdTGR4QROu7Njf0FkDPL8bNH7WGO-6SKbDKyA8IvMr1G64nNJCy-uRW3mQMLziidOh63OaqLSrOctM8F0bJGB83jwhMTbxKH-D0yC_CoZigWSmLfsa1BtAm1wB3pqcW-73Vrnv8FdUzv3dHr-azU5m1VWdgZqeSsEbZZegeFLm3rbmQ5JIhE3JrOAoJvrj9Id_tw_WeP371uvO1zvcR1g&sai=AMfl-YRv_pVcgB7wAXopsIq60id8M5qQYiyTyGmu6q7mo9PwZZ304kOht6b2AAAXLUfO-gPU26vSIP5xDBL8f-5UqGwMjOYldI-erD7vatZmi4NhW4nlSj-AG8QxfIoGL4Kg&sig=Cg0ArKJSzCfZ1dXvoLx7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 18:50:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 03 Nov 2021 18:50:01 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTc5Njk1MA&url=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1&callback=_adfo...
https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc5Njk1MA&url=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1&callback=...

86 B
614 B

29ms
28ms

Script
text/javascript

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc5Njk1MA&url=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1&callback=_adform_cb_1635965401132_6538539498364806

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

32d5ff4e52fa638cfacddc480f460252a4ce6f805b6a1406356b10884c3a7501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://m.rmf24.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 18:50:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 208
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 18:50:01 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc5Njk1MA&url=http%3A%2F%2Fm.rmf24.pl%2Fekonomia%2Fnews-rpp-oglasza-mocna-podwyzke-stop-procentowych%2CnId%2C5622505%2Cav%2C1%2Ctwitter%2C1&callback=_adform_cb_1635965401132_6538539498364806
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rmf24.pl/	1970-01-19 22:27:31	Name: _gid Value: GA1.2.1468017376.1635965400
.rmf24.pl/	1970-01-19 22:26:05	Name: _gat_gtag_UA_3254603_39 Value: 1
.rmf24.pl/	1970-01-20 15:57:17	Name: _ga_K3J5FQ7S7Y Value: GS1.1.1635965399.1.0.1635965399.0
.rmf24.pl/	1970-01-20 15:57:17	Name: _ga Value: GA1.1.1519531788.1635965400
.rmf24.pl/	1970-01-20 07:54:53	Name: __gfp_64b Value: hgh6kRvot7j5cPLDO8pI3FeZOcBkTLDgMTd9Khcmi6..s7\|1635965400
.hit.gemius.pl/	1970-01-20 07:54:53	Name: Gtest Value: KlQTdMXGQMGGjSH6rXQ5tIGissGMXP8c25nSGgKyzSg7XBG.
.hit.gemius.pl/	1970-01-20 07:54:53	Name: Gdyn Value: KlxS2RXGQMGGjSH6rXQ5tIGissGMXP8c25nSGgKyzSg7FRxSG7RrGS6GwDcBFlM1YH8PlexaG0F6Sssa
.rmf24.pl/	1970-01-20 07:47:41	Name: __gads Value: ID=c09b2500aa20c2f2-225805ad19cb00b6:T=1635965400:S=ALNI_Maaf1NFDC5NVANQlI7_cnJu7A4oUA
.doubleclick.net/	1970-01-20 07:47:41	Name: IDE Value: AHWqTUlUCKiALleW98c9KfKGGdarP1QSAtjda1i5ULaz2JB0EBieUm841pA7pq33DqQ
.adform.net/	1970-01-19 23:09:17	Name: C Value: 1
.adform.net/	1970-01-19 23:52:29	Name: uid Value: 8512594097464860025

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1736f510c7a710d2d2f5f65c671cb6b4.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adx.adform.net
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
hub.com.pl
i.iplsc.com
js.iplsc.com
ls.hit.gemius.pl
m.rmf24.pl
pagead2.googlesyndication.com
rmf.hit.gemius.pl
s1.adform.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
vjs.zencdn.net
w.iplsc.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
142.250.186.130
146.59.30.96
217.74.70.27
217.74.71.132
217.74.71.140
217.74.71.145
217.74.74.30
2a00:1450:4001:801::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9d
2a03:2880:f01c:20e:face:b00c:0:2
2a04:4e42:200::729
37.157.4.29
37.157.5.71
0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
143f14ab6c3af2f5500cbf9c3a40648f1be42ebedfa7dac5fb7c98f1044a2a89
1a19b1c77fe2e2f8491534472256b7cccfbd4520b23fc72a247392af22808808
2cca3dec4a688f8e39953853a95ec5a6eebefb7eb4448f7ad14b01a607d7fef3
32d5ff4e52fa638cfacddc480f460252a4ce6f805b6a1406356b10884c3a7501
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
3c910b9a258ddecf02d7d31eaa4b38105a1134bb1285c236329fef548345a8a0
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a
3f3ad21d94d036a807d3cdb2bdbc3fa58dfb02586c94865646b58aa1140937b8
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4eb081b553eedcd0ee1748367d17cc5b93f4bdadc9d3d06bdf74c50c63306d54
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5cbe667d95da564baca2a7207bd451fe2f44617f03877c45dc4fbbcb92e6ff57
6bb765a79487f9698fa972dfe5d819b99c0d0236efa1a08dbc0985d6a2bc3f0b
6c3601468a52dbec4f63e94c55e51ad11c54016d798477c34392d563841038e9
70fedf5fb986e73167530f1acf001c1cfc07af1e0c21c4607513ad3356a8a078
7108ee4dbf7f9ace74020647dcc149220182dc0f38f2cdd3e706f45fe8400e99
834cb7782094c5bb0b2f912a76549c04bdb073cb4feded90c95fe0a9a3fde72a
8457364f8a9f2d8a19cb40e4e429a45975e50862871150925a38b4b103eeaa3e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92ec06c6f0e799eeab25fbc9bdb43b10e2a65caaddd9b7d3d12a60c3910a39cc
9c895d98c2eb5b761bed27aac47140dd87b547a834f37b35f7488ef1472a219a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a861a6b2c32b3c6c45073ee92260e0f19d77819410aa0597186020fb5a4f8aef
ad850fae4817fc83b19e1b4a781522bb124ff05aa1aaa3b179a56ce2943a92fc
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b677d249e0039c3670de710f10fdabe1916926d54a5e8c1811bbda2a0755d542
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c29ed55d2858e39910676b7cbe4b12d83f75d16c98b4195c71d651969614833a
c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd40c1f5e1cf9a6c0ae87f44da2d7ed189aff35a63f3b1e01216ebf3b7576cc8
d12a26b1782beb3b6228f3696778ddeed2a7ff8cc17a0987a8390630c753f384
d6af52bfcd2350890e15e9170d73d045b98f489dc41b8085c2d5741250601f4d
d98fb738828d478bd759b0dba8a09793e387fab0743e91d978de368ce270dea6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e678db4537ca640f58182cdd048a79d5c8403392b5967733b09d6d82d61bb0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51ddc815838d6c51629b50e192efaa4ed02567ef62c26205f08bce96d93e8ac
f9699ad790cc8a6a73ab30c5ec527a43a3e9a446b97cc39ed695dc1fcdf489b1
fc83c0dc49c64701e7efacdfed76215ac4c44f7b852d0eed7c105a9e34c1f011
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffe2b2d2ff1e1e1023f32ced9c3626bba1f21b149f8b24c7b6d255d45ff8b111

m.rmf24.pl Open in urlscan Pro 217.74.71.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

54 Requests

52 %HTTPS

63 %IPv6

16 Domains

25 Subdomains

25 IPs

6 Countries

1028 kBTransfer

3014 kBSize

11 Cookies

0 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.rmf24.pl Open in urlscan Pro
217.74.71.145 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

52 %
HTTPS

63 %
IPv6

16
Domains

25
Subdomains

25
IPs

6
Countries

1028 kB
Transfer

3014 kB
Size

11
Cookies

54 HTTP transactions
1 data transactions