www.kredyty-lokaty-konta.pl Open in urlscan Pro
195.242.116.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.kredyty-lokaty-konta.pl/
Submission: On September 20 via automatic, source certstream-suspicious (September 20th 2021, 1:32:04 am UTC) — Scanned from DE

Summary HTTP 130 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 24 domains to perform 130 HTTP transactions. The main IP is 195.242.116.4, located in Poland and belongs to SUPERHOST-PL-AS, PL. The main domain is www.kredyty-lokaty-konta.pl.
TLS certificate: Issued by R3 on July 21st 2021. Valid for: 3 months.

This is the only time www.kredyty-lokaty-konta.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	195.242.116.4 195.242.116.4	41079 (SUPERHOST...) (SUPERHOST-PL-AS)
3	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
4	128.204.218.194 128.204.218.194	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
1	185.31.26.197 185.31.26.197	31621 (QXL-NET-P...) (QXL-NET-POLAND-AS)
14	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
6	2.18.232.170 2.18.232.170	16625 (AKAMAI-AS) (AKAMAI-AS)
5	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
6	85.194.246.20 85.194.246.20	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
1 1	77.79.227.167 77.79.227.167	15694 (ATMAN-ISP...) (ATMAN-ISP-AS ATM S.A.)
1	195.167.159.38 195.167.159.38	15694 (ATMAN-ISP...) (ATMAN-ISP-AS ATM S.A.)
12	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	185.28.221.4 185.28.221.4	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
1	5.134.209.144 5.134.209.144	42656 (QXL-POLAND) (QXL-POLAND)
1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	13.224.193.51 13.224.193.51	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
7	172.217.18.97 172.217.18.97	15169 (GOOGLE) (GOOGLE)
22	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
1	5.57.16.220 5.57.16.220	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
5	13.225.78.89 13.225.78.89	16509 (AMAZON-02) (AMAZON-02)
1	91.228.74.198 91.228.74.198	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.250.62.115 54.250.62.115	16509 (AMAZON-02) (AMAZON-02)
130	26

23 195.242.116.4 (Poland)

ASN41079 (SUPERHOST-PL-AS, PL)
PTR: s63.hekko.net.pl

www.kredyty-lokaty-konta.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 128.204.218.194 (Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-002.s3264.net.eco.atman.pl

api.systempartnerski.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.31.26.197 (Poland)

ASN31621 (QXL-NET-POLAND-AS, PL)

image2.ceneo.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.232.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-170.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 85.194.246.20 (Torun, Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-20.85-194-246-0.net.eco.atman.pl

ec.bankier.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.79.227.167 (Poland) 1 redirects

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: ip-40.77-79-227-128.net.eco.atman.pl

ssl.bankier.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.167.159.38 (Warsaw, Poland)

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: bankier.pl

www.bankier.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.28.221.4 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)

aff.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.134.209.144 (Poznan, Poland)

ASN42656 (QXL-POLAND, PL)

app.ceneostatic.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

imppl.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-51.fra2.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.228 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.57.16.220 (Amsterdam, Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: www.booking.com

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-89.fra2.r.cloudfront.net

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.198 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.250.62.115 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-62-115.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	478 KB
23	kredyty-lokaty-konta.pl www.kredyty-lokaty-konta.pl	303 KB
17	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	84 KB
8	bankier.pl 1 redirects ec.bankier.pl ssl.bankier.pl www.bankier.pl	61 KB
7	ampproject.org cdn.ampproject.org	126 KB
6	google.com 2 redirects adservice.google.com www.google.com	2 KB
6	bstatic.com aff.bstatic.com cf.bstatic.com r.bstatic.com q.bstatic.com	52 KB
6	addthis.com s7.addthis.com m.addthis.com	219 KB
5	gstatic.com fonts.gstatic.com	97 KB
4	systempartnerski.pl api.systempartnerski.pl	8 KB
3	googletagservices.com www.googletagservices.com	105 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	720 B
2	tradedoubler.com imppl.tradedoubler.com vht.tradedoubler.com	24 KB
1	adingo.jp cc.adingo.jp	44 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	460 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	quantserve.com cms.quantserve.com	463 B
1	booking.com www.booking.com	2 KB
1	moatads.com z.moatads.com	1 KB
1	googleadservices.com partner.googleadservices.com	665 B
1	ceneostatic.pl app.ceneostatic.pl	1 KB
1	ceneo.pl image2.ceneo.pl	34 KB
130	24

	Domain	Requested by
23	www.kredyty-lokaty-konta.pl	www.kredyty-lokaty-konta.pl
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.kredyty-lokaty-konta.pl
12	pagead2.googlesyndication.com	www.kredyty-lokaty-konta.pl pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	ec.bankier.pl	www.kredyty-lokaty-konta.pl
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	s7.addthis.com	www.kredyty-lokaty-konta.pl s7.addthis.com
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	api.systempartnerski.pl	www.kredyty-lokaty-konta.pl
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	www.kredyty-lokaty-konta.pl googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	q.bstatic.com	cf.bstatic.com
2	cf.bstatic.com	www.booking.com
2	adservice.google.com	pagead2.googlesyndication.com
1	cc.adingo.jp	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.bstatic.com	cf.bstatic.com
1	www.booking.com	aff.bstatic.com
1	m.addthis.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	vht.tradedoubler.com	www.kredyty-lokaty-konta.pl
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	imppl.tradedoubler.com	www.kredyty-lokaty-konta.pl
1	app.ceneostatic.pl	www.kredyty-lokaty-konta.pl
1	aff.bstatic.com	www.kredyty-lokaty-konta.pl
1	www.bankier.pl	www.kredyty-lokaty-konta.pl
1	ssl.bankier.pl	1 redirects
1	image2.ceneo.pl	www.kredyty-lokaty-konta.pl
130	34

This site contains links to these domains. Also see Links.

Domain
stat.gov.pl
kredyty-lokaty-konta.produktyfinansowe.pl
www.ceneo.pl
ec.bankier.pl
www.expresselixir.pl
pl.wordpress.org
clk.tradedoubler.com
wordpress.org
www.addthis.com

Subject Issuer	Validity	Valid
kredyty-lokaty-konta.pl R3	`2021-07-21` - `2021-10-19`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.systempartnerski.pl Certum Domain Validation CA SHA2	`2020-11-27` - `2021-11-27`	a year	crt.sh
*.ceneo.pl DigiCert SHA2 Secure Server CA	`2020-01-21` - `2022-03-25`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.bankier.pl Certum Domain Validation CA SHA2	`2020-11-27` - `2021-11-27`	a year	crt.sh
*.bstatic.com DigiCert ECC Secure Server CA	`2019-12-13` - `2021-12-17`	2 years	crt.sh
*.ceneostatic.pl DigiCert SHA2 Secure Server CA	`2020-01-02` - `2022-03-09`	2 years	crt.sh
*.tradedoubler.com R3	`2021-09-18` - `2021-12-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.booking.com DigiCert ECC Secure Server CA	`2020-10-14` - `2021-10-18`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.kredyty-lokaty-konta.pl/
Frame ID: 227A95FCF5710D4F97EBC341A6EF84AF
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: EB4EB304B57D168031CC0CDDE449DDF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=250&slotname=8172637750&adk=3993778753&adf=2406496431&pi=t.ma~as.8172637750&w=300&lmt=1632101518&psa=0&format=300x250&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101518484&bpp=5&bdt=647&idt=82&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=3708541338545&frm=20&pv=2&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1215&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&pvsid=3481589104958141&pem=465&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QV7zWmP8DC&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=104
Frame ID: A118A51CAC7ED86994B204B9C5CC14E8
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&adk=1812271804&adf=3025194257&lmt=1632101518&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101518651&bpp=1&bdt=813&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&pvsid=3481589104958141&pem=465&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=5
Frame ID: 15837BDEA665CF66322EA2BC53242CB8
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2CA9D5AAC7E1DBA5545D2DF79D42E2E5
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 173A2A82B4CF8B3D2D7A5BFF4D02A423
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=280&adk=2096075310&adf=1542668655&pi=t.aa~a.1032271861~i.18~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1632101519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9785999057&psa=0&ad_type=text_image&format=750x280&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101519264&bpp=1&bdt=1427&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29a5c8e39626eedc-228dde2f3bc900a2%3AT%3D1632101518%3ART%3D1632101518%3AS%3DALNI_MZTGSsLQZ7_Pos-XSco5S8zdLg7nA&prev_fmts=300x250%2C0x0&nras=2&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=185&ady=2381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&psts=AGkb-H9wL_1MfLNpd8KKYa7ArMOMVpJUuHOc6MrOnXFiLmGeIUX5ajMhX1_uILM7WedzS4fSqP0TMkIWlQk&pvsid=3481589104958141&pem=465&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=miSANh9yCb&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=33
Frame ID: A2875D1C60F737F716F8408CD8005531
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4ABF5248C39FD73429A6DE48CDDF14CD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 01E0F14E09BC85011D3B7C9498F12844
Requests: 2 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=banner&w=300&h=250&lang=pl&aid=1459353&target_aid=1459334&tmpl=affiliate_banner&fid=1632101519467&
Frame ID: 2B346CFEA5571308FEFF7FD21A7CBDFC
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Frame ID: 87BE24A6B16B1E17426C0EF394450AE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 083D46CD02FCD62C56AC788DCB18B9AF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 25FBF916715EAB96D54C865985A3DAA0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Frame ID: CA9A85C686FA6DC2DC92536EFC8E0EB2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 17E94250360E86B45665227624BD4AC6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE9C0C521B34B88D2392FEE4FD31BB95
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kredyty Lokaty Konta - Oferty bankowe. Kredyty gotówkowe i hipoteczne, karty kredytowe, lokaty bankowe, oszczędności, konta bankowe.FacebookTwitterWykopNasza-klasaAddThisFacebookTwitterWykopNasza-klasaAddThis

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddThis (Widgets) Expand

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

WP-Statistics (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<!-- Analytics by WP-Statistics v([\d.]+) -

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

130
Requests

98 %
HTTPS

0 %
IPv6

24
Domains

34
Subdomains

26
IPs

7
Countries

1599 kB
Transfer

3854 kB
Size

22
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://stat.gov.pl/
Title: GUS

Search URL Search Domain Scan URL

URL: https://kredyty-lokaty-konta.produktyfinansowe.pl/karty-kredytowe.html
Title: link

Search URL Search Domain Scan URL

URL: http://kredyty-lokaty-konta.produktyfinansowe.pl/e/lead/1792/label=citi-biedronka/?source=lt
Title: link

Search URL Search Domain Scan URL

URL: http://kredyty-lokaty-konta.produktyfinansowe.pl/e/lead/1241/?source=lt
Title: link

Search URL Search Domain Scan URL

URL: http://kredyty-lokaty-konta.produktyfinansowe.pl/e/lead/1792/?source=lt
Title: link

Search URL Search Domain Scan URL

URL: http://kredyty-lokaty-konta.produktyfinansowe.pl/e/lead/769/label=premium-link-tekstowy/?source=lt
Title: linku

Search URL Search Domain Scan URL

URL: http://kredyty-lokaty-konta.produktyfinansowe.pl/e/lead/760/label=karta-link-tekstowy-premium/?source=lt
Title: kartę kredytową

Search URL Search Domain Scan URL

URL: http://kredyty-lokaty-konta.produktyfinansowe.pl/e/lead/682/label=link-tekstowy-freemium/?source=lt
Title: link

Search URL Search Domain Scan URL

URL: https://www.ceneo.pl/Lodowki#pid=19670&crid=259025&cid=33945

Search URL Search Domain Scan URL

URL: http://ec.bankier.pl/click/_A4ED4DHm56r8PJ5O5NQG36FrD0Uf2gTZUDJwfH8wFUOMAROZP4A2qbq-fYmMpygBIkiwUDrSNbhz39ju3eDeoOy0A5hInxcTc2RvDC44zOh3dRlzcNV7SOH8Tv0UANCbRIIX3TQUdHzzjyCn9hw_kDOYh30sjuy2DfT5N7fbBw=/0.1297100111449605-0.8917332583251054/http://kredyty-lokaty-konta.produktyfinansowe.pl/e/lead/1766/oid=11859,31219,1977,32633/?size=300x250%26source=ads

Search URL Search Domain Scan URL

URL: https://www.expresselixir.pl/
Title: expresselixir.pl

Search URL Search Domain Scan URL

URL: https://pl.wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: http://ec.bankier.pl/click/_A4ED4DHm56r8PJ5O5NQG36FrD0Uf2gTZUDJwfH8wFXbfb6sYG2btFvkK1xTSG6VdRvjmtGiz7Grbj_Bv90G-ZMROqtkWYA_9tuTJjs2JNOYBVV9zDQOmaK5A6CeMemFfLNavjtOIP1BT3pQNw0mVI8mG1_6TdX643owO13eyyQ=/0.4091959512423111-0.9937712575058355/http://kredyty-lokaty-konta.produktyfinansowe.pl/e/lead/1766/oid=11859,31219,1977,32633/?size=300x250%26source=ads

Search URL Search Domain Scan URL

URL: https://clk.tradedoubler.com/click?p=288386&a=1950594&g=24242230&pools=535963

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Powered by WordPress

Search URL Search Domain Scan URL

URL: http://wordpress.org/themes/gillian
Title: Gillian

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://ssl.bankier.pl/i/l/citibank.gif HTTP 301
https://www.bankier.pl/i/l/citibank.gif

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPL54lBGURXSirkndFZMQCkyEp48ZyWEuUQl65b81iJB8AAL-DdiYTH_ZK6bjUFfvDjn9cqxp-Hmw4VVJ0SwggkiKNTDmz2- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVVma2tBQUFCY0dvLVZpbA&google_push=AYg5qPL54lBGURXSirkndFZMQCkyEp48ZyWEuUQl65b81iJB8AAL-DdiYTH_ZK6bjUFfvDjn9cqxp-Hmw4VVJ0SwggkiKNTDmz2-

Request Chain 115

https://rtb.openx.net/sync/dds?google_push=AYg5qPLQCv1N-PGxtkw_wC-S4Ou4XBp9J9gNRMg5nWm9dcSFAl8RjE5vTBsgaYvSqSJMntWrAUhfnHOc1o-RPXNyRRkkowsMCNP- HTTP 302
https://rtb.openx.net/sync/dds?google_push=AYg5qPLQCv1N-PGxtkw_wC-S4Ou4XBp9J9gNRMg5nWm9dcSFAl8RjE5vTBsgaYvSqSJMntWrAUhfnHOc1o-RPXNyRRkkowsMCNP-&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLQCv1N-PGxtkw_wC-S4Ou4XBp9J9gNRMg5nWm9dcSFAl8RjE5vTBsgaYvSqSJMntWrAUhfnHOc1o-RPXNyRRkkowsMCNP-&google_hm=Emm1bnoHzv0C9juekzyihw==

Request Chain 116

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_push=AYg5qPLIN9GSHMdUQZyPHN_HRGt3D1VoAMrwyKDgQi6PSppyx_qo9BrCeEs5XCooR5dU9tp1V9nQIY5Wsx-p0BFWwwiccJ9MUode HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_push=AYg5qPLIN9GSHMdUQZyPHN_HRGt3D1VoAMrwyKDgQi6PSppyx_qo9BrCeEs5XCooR5dU9tp1V9nQIY5Wsx-p0BFWwwiccJ9MUode&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AOlFwrumRXy8a2wbXIwFSg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLIN9GSHMdUQZyPHN_HRGt3D1VoAMrwyKDgQi6PSppyx_qo9BrCeEs5XCooR5dU9tp1V9nQIY5Wsx-p0BFWwwiccJ9MUode

Request Chain 117

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_push=AYg5qPLaxaTg4uzASNIu0DG0hbrTsd57_1rrSwKMSKQ3xugFhYk0Oo3O2N5uzeajv8xyBfjqT_vqkTc1YE4YsGjtArgzA7lNOuo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RSWjNTSkgtMjctOTRENA==&google_push=AYg5qPLaxaTg4uzASNIu0DG0hbrTsd57_1rrSwKMSKQ3xugFhYk0Oo3O2N5uzeajv8xyBfjqT_vqkTc1YE4YsGjtArgzA7lNOuo

Request Chain 118

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

130 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.kredyty-lokaty-konta.pl/ 94 KB
21 KB 557ms
450ms Document
text/html 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 63a3cb9e5befb5a36eb619eebec62aed649d3ad8681dd3a1cb9b69aecfabcbbf

Request headers

:method: GET
:authority: www.kredyty-lokaty-konta.pl
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
link: <https://www.kredyty-lokaty-konta.pl/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Mon, 20 Sep 2021 01:31:57 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 style.min.css
www.kredyty-lokaty-konta.pl/wp-includes/css/dist/block-library/ 57 KB
8 KB 30ms
26ms Stylesheet
text/css 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: LiteSpeed
etag: "e33b-606cf3c4-19d17f73cfd573dd;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8146
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H2 200 styles.css
www.kredyty-lokaty-konta.pl/wp-content/plugins/contact-form-7/includes/css/ 3 KB
907 B 30ms
27ms Stylesheet
text/css 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Wed, 25 Aug 2021 14:49:04 GMT
server: LiteSpeed
etag: "a50-61265860-1eccd7c12da7b81c;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 824
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H2 200 style.css
www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/ 38 KB
8 KB 30ms
27ms Stylesheet
text/css 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/style.css?ver=5.7.3
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: a99a9882d80867a257f670dc96c9874e5a5c24ff7bf44c1e783aa43142c75924

Request headers

:path: /wp-content/themes/gillian/style.css?ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Sun, 24 Nov 2019 18:33:17 GMT
server: LiteSpeed
etag: "99de-5ddacced-cf16f94ade39e862;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8073
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 754 B
404 B 41ms
17ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%2C300%2C400italic%2C700italic&ver=5.7.3

Requested by

Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 01:31:57 GMT
server: ESF
date: Mon, 20 Sep 2021 01:31:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Sep 2021 01:31:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
862 B 39ms
15ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C400italic%2C700%2C700italic&ver=5.7.3

Requested by

Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

fb7df0952620e33552c48188cd5877e0c9661c4c0a05a6e87f41af2c9a320a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:38:35 GMT
server: ESF
date: Mon, 20 Sep 2021 01:31:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Sep 2021 01:31:57 GMT

GET
H2 200 font-awesome.min.css
www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/fontawesome/css/ 30 KB
7 KB 55ms
53ms Stylesheet
text/css 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/fontawesome/css/font-awesome.min.css?ver=5.7.3
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

:path: /wp-content/themes/gillian/fontawesome/css/font-awesome.min.css?ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Sun, 24 Nov 2019 18:33:19 GMT
server: LiteSpeed
etag: "7917-5ddaccef-d4dff5b7061fc9e8;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6657
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H2 200 addthis_wordpress_public.min.css
www.kredyty-lokaty-konta.pl/wp-content/plugins/addthis/frontend/build/ 587 B
321 B 56ms
54ms Stylesheet
text/css 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.7.3
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

:path: /wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Sun, 14 Jul 2019 12:43:03 GMT
server: LiteSpeed
etag: "24b-5d2b2357-adf8a3a734f08866;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 237
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H2 200 jquery.min.js Show response
www.kredyty-lokaty-konta.pl/wp-includes/js/jquery/ 87 KB
30 KB 56ms
54ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: LiteSpeed
etag: "15d98-5f7dedd5-b94ebed2038825c;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30287
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.kredyty-lokaty-konta.pl/wp-includes/js/jquery/ 11 KB
4 KB 57ms
55ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: LiteSpeed
etag: "2bd8-5fb4e3fe-9a8e29483d0b0987;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H/1.1 200
OK / Show response
api.systempartnerski.pl/2.0/widget/mRZG75PAeXdeV9wG8Fb/ 8 KB
2 KB 319ms
206ms Script
text/plain 128.204.218.194
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.systempartnerski.pl/2.0/widget/mRZG75PAeXdeV9wG8Fb/
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 128.204.218.194 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-002.s3264.net.eco.atman.pl
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cdb3e11f4477214017d758f5693f4a5553b88f3bf108147fc3bf32c997371857

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 01:31:57 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
X-Bankier-Server: app-12.srv.bankier.pl
Keep-Alive: timeout=5, max=100
Content-Length: 2022

GET
H/1.1 200
OK / Show response
api.systempartnerski.pl/2.0/widget/l1Up3Du3golrFQMLV0Z/ 6 KB
2 KB 314ms
200ms Script
text/plain 128.204.218.194
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.systempartnerski.pl/2.0/widget/l1Up3Du3golrFQMLV0Z/
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 128.204.218.194 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-002.s3264.net.eco.atman.pl
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2ea7944573d1d3e3b5ac42eaedf2e8d75112629146276f92f48f8acc0f89d978

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 01:31:57 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
X-Bankier-Server: app-12.srv.bankier.pl
Keep-Alive: timeout=5, max=100
Content-Length: 1843

GET
H/1.1 200
OK / Show response
api.systempartnerski.pl/2.0/widget/hQ2vAsZQ4pFuVzkoMbv/ 6 KB
2 KB 493ms
200ms Script
text/plain 128.204.218.194
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.systempartnerski.pl/2.0/widget/hQ2vAsZQ4pFuVzkoMbv/
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 128.204.218.194 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-002.s3264.net.eco.atman.pl
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1cd30b98e9d99a2a67a2001f5be728ce2388f9b1cbcccf79d99c36a75c287ff9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 01:31:58 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
X-Bankier-Server: app-12.srv.bankier.pl
Keep-Alive: timeout=5, max=100
Content-Length: 1882

GET
H/1.1 200
OK / Show response
api.systempartnerski.pl/2.0/widget/sJISF2ygmn2lBQ42YHv/ 4 KB
1 KB 516ms
201ms Script
text/plain 128.204.218.194
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.systempartnerski.pl/2.0/widget/sJISF2ygmn2lBQ42YHv/
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 128.204.218.194 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-002.s3264.net.eco.atman.pl
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 47e23c6ee065cf0edfe011437b8feb2f4ba6bccc8cc0cffc33307a831bd5005b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 01:31:58 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
X-Bankier-Server: app-12.srv.bankier.pl
Keep-Alive: timeout=5, max=99
Content-Length: 1092

GET
H3 200 wp-emoji-release.min.js Show response
www.kredyty-lokaty-konta.pl/wp-includes/js/ 14 KB
4 KB 81ms
79ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: LiteSpeed
etag: "3795-5ff5d754-4e2800dcbeb74d64;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4316
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H2 200 banner_2852.png
image2.ceneo.pl/data/banners/ 34 KB
34 KB 127ms
27ms Image
image/png 185.31.26.197
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image2.ceneo.pl/data/banners/banner_2852.png

Requested by

Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.31.26.197 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

6d9ed9d38f6ab0d2b9f6701408f6682710e453d4f57ebe6f7e8e2446ae556eb1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 02:43:49 GMT
last-modified: Fri, 22 Apr 2016 07:26:25 GMT
age: 82088
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-backend-order: 1
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 34630

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 48ms
24ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

533d159a3d51e9ae8805648c4b9178f8a34eeb3d69114134ea62a79879108a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49016
x-xss-protection: 0
server: cafe
etag: 15417611423327315600
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Sep 2021 01:31:57 GMT

GET
H3 200 wp-polyfill.min.js Show response
www.kredyty-lokaty-konta.pl/wp-includes/js/dist/vendor/ 97 KB
32 KB 29ms
28ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

:path: /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Mon, 29 Jun 2020 11:50:29 GMT
server: LiteSpeed
etag: "183ee-5ef9d585-8ca67dc84dd24f63;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 32625
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H3 200 index.js Show response
www.kredyty-lokaty-konta.pl/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 35ms
33ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Wed, 25 Aug 2021 14:49:04 GMT
server: LiteSpeed
etag: "32bb-61265860-f99005b73a978634;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3837
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H3 200 imagesloaded.min.js Show response
www.kredyty-lokaty-konta.pl/wp-includes/js/ 5 KB
2 KB 36ms
34ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

:path: /wp-includes/js/imagesloaded.min.js?ver=4.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: LiteSpeed
etag: "15fd-5ee520a7-48cbd382104ad592;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1733
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H3 200 masonry.min.js Show response
www.kredyty-lokaty-konta.pl/wp-includes/js/ 24 KB
7 KB 37ms
34ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

:path: /wp-includes/js/masonry.min.js?ver=4.2.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: LiteSpeed
etag: "5e4a-5ee520a7-f6adf8efaf58c2d8;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7117
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H3 200 mymasonry.js Show response
www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/js/ 217 B
300 B 34ms
31ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/js/mymasonry.js?ver=20160820
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 828cb0cf3ac5ed159eb23d54bec097f1b3f0338c9d5d4fb4b180bd5b6b1041e2

Request headers

:path: /wp-content/themes/gillian/js/mymasonry.js?ver=20160820
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
last-modified: Sun, 24 Nov 2019 18:33:17 GMT
server: LiteSpeed
etag: "d9-5ddacced-488dcf962a1ebcb5;;;"
vary: User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 217
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H3 200 navigation.js Show response
www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/js/ 6 KB
1 KB 36ms
34ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/js/navigation.js?ver=20151215
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 97ce841dfb47028c86b2eddfaafbe3cb8d1bea0e2cd397ebbfe8d43aa87e1e87

Request headers

:path: /wp-content/themes/gillian/js/navigation.js?ver=20151215
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Sun, 24 Nov 2019 18:33:17 GMT
server: LiteSpeed
etag: "19f9-5ddacced-b9d928d76a77569a;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1109
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H3 200 skip-link-focus-fix.js Show response
www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/js/ 682 B
377 B 84ms
81ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 32e7fbfcc1ac22f9bacfae414d02c5719c55b795b887167ac21b70918f8036b7

Request headers

:path: /wp-content/themes/gillian/js/skip-link-focus-fix.js?ver=20151215
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Sun, 24 Nov 2019 18:33:17 GMT
server: LiteSpeed
etag: "2aa-5ddacced-cca2591fa4f21611;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H3 200 smooth-scroll.js Show response
www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/js/ 380 B
243 B 84ms
82ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/js/smooth-scroll.js?ver=20160820
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: f137c9a3e63261fb7a3169cfa35d2220645b476a7e05126f63e7f642087e9f52

Request headers

:path: /wp-content/themes/gillian/js/smooth-scroll.js?ver=20160820
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Sun, 24 Nov 2019 18:33:17 GMT
server: LiteSpeed
etag: "17c-5ddacced-b3604d07d38aea70;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 193
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H3 200 widget-img-links.js Show response
www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/js/ 204 B
251 B 84ms
82ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/js/widget-img-links.js?ver=20160820
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: bdc9807677bc59e23c0163d10c63e10e9eea81871430fe1a7edc405cdfc71e7c

Request headers

:path: /wp-content/themes/gillian/js/widget-img-links.js?ver=20160820
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
last-modified: Sun, 24 Nov 2019 18:33:17 GMT
server: LiteSpeed
etag: "cc-5ddacced-a00558ea8aedc4dd;;;"
vary: User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 204
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 117ms
10ms Script
application/javascript 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.3

Requested by

Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-170.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 20 Sep 2021 01:31:58 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H3 200 wp-embed.min.js Show response
www.kredyty-lokaty-konta.pl/wp-includes/js/ 1 KB
737 B 84ms
82ms Script
application/javascript 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: LiteSpeed
etag: "592-5ff5d754-1e7b368f4aa2d453;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 663
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H3 200 cropped-Kredyty-Lokaty-Konta-1.jpg
www.kredyty-lokaty-konta.pl/wp-content/uploads/2017/04/ 43 KB
43 KB 81ms
80ms Image
image/jpeg 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/uploads/2017/04/cropped-Kredyty-Lokaty-Konta-1.jpg
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: f4a8b57e3acfc8fce334abc09045cde29541bfd2bf806dd9712a5830bff730dc

Request headers

:path: /wp-content/uploads/2017/04/cropped-Kredyty-Lokaty-Konta-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
last-modified: Sun, 30 Apr 2017 12:55:43 GMT
server: LiteSpeed
etag: "aa84-5905decf-5d0de7288cd65211;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43652
expires: Mon, 27 Sep 2021 01:31:57 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 21 KB
21 KB 30ms
6ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%2C300%2C400italic%2C700italic&ver=5.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kredyty-lokaty-konta.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 20:03:17 GMT
x-content-type-options: nosniff
age: 538120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21232
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 01:56:42 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:03:17 GMT

GET
H3 200 fontawesome-webfont.woff2
www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/fontawesome/fonts/ 75 KB
75 KB 51ms
51ms Font
application/octet-stream 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/fontawesome/css/font-awesome.min.css?ver=5.7.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/themes/gillian/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://www.kredyty-lokaty-konta.pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/fontawesome/css/font-awesome.min.css?ver=5.7.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kredyty-lokaty-konta.pl/wp-content/themes/gillian/fontawesome/css/font-awesome.min.css?ver=5.7.3
Origin: https://www.kredyty-lokaty-konta.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:57 GMT
last-modified: Sun, 24 Nov 2019 18:33:17 GMT
server: LiteSpeed
etag: "12d68-5ddacced-4428f430bba6b6b0;;;"
vary: User-Agent
content-type: application/octet-stream
accept-ranges: bytes
content-length: 77160

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 22 KB
22 KB 35ms
12ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%2C300%2C400italic%2C700italic&ver=5.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kredyty-lokaty-konta.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:22:17 GMT
x-content-type-options: nosniff
age: 554980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22340
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 15:22:17 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v13/ 25 KB
25 KB 38ms
15ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C400italic%2C700%2C700italic&ver=5.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kredyty-lokaty-konta.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:11:43 GMT
x-content-type-options: nosniff
age: 148814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25984
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:28 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Sep 2022 08:11:43 GMT

GET
H/1.1 200
OK / Show response
ec.bankier.pl/show2/MzQ3ODYsMTE4NTksMjQ1OTU/0.20708108501199574/ 0
0 192ms
65ms Script
text/html 85.194.246.20
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.bankier.pl/show2/MzQ3ODYsMTE4NTksMjQ1OTU/0.20708108501199574/
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 85.194.246.20 Torun, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-20.85-194-246-0.net.eco.atman.pl
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kredyty-lokaty-konta.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

GET
H3 200 inflacja-2021.jpg
www.kredyty-lokaty-konta.pl/wp-content/uploads/2021/01/ 45 KB
45 KB 28ms
28ms Image
image/jpeg 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/uploads/2021/01/inflacja-2021.jpg
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: 5b273a2cbad2b17232ab8fc91092e8f3814a34367e7b12c6c1660d9dabc0364c

Request headers

:path: /wp-content/uploads/2021/01/inflacja-2021.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:58 GMT
last-modified: Sun, 03 Jan 2021 11:52:58 GMT
server: LiteSpeed
etag: "b3d5-5ff1b01a-e3a0247cf5c338;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 46037
expires: Mon, 27 Sep 2021 01:31:58 GMT

GET
H3 200 inflacja-2020-1.jpg
www.kredyty-lokaty-konta.pl/wp-content/uploads/2020/01/ 9 KB
9 KB 32ms
31ms Image
image/jpeg 195.242.116.4
SUPERHOST-PL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kredyty-lokaty-konta.pl/wp-content/uploads/2020/01/inflacja-2020-1.jpg
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.242.116.4 , Poland, ASN41079 (SUPERHOST-PL-AS, PL),
Reverse DNS: s63.hekko.net.pl
Software: LiteSpeed /
Resource Hash: f1762e23a11649d1b192b98ca96ca28a312e586d05069f4ed68d1194c6c92fec

Request headers

:path: /wp-content/uploads/2020/01/inflacja-2020-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.kredyty-lokaty-konta.pl
referer: https://www.kredyty-lokaty-konta.pl/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:58 GMT
last-modified: Sun, 05 Jan 2020 16:20:05 GMT
server: LiteSpeed
etag: "244a-5e120cb5-45fc97705c83aefc;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9290
expires: Mon, 27 Sep 2021 01:31:58 GMT

GET
H/1.1

200
OK

citibank.gif
www.bankier.pl/i/l/
Redirect Chain

https://ssl.bankier.pl/i/l/citibank.gif
https://www.bankier.pl/i/l/citibank.gif

4 KB
5 KB

133ms
21ms

Image
image/gif

195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/i/l/citibank.gif

Requested by

Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

414ef7eb986c8e434fb544a2cd37e42cb59933135e9e91ca219e355f298cff72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 01:31:58 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Oct 2016 10:27:06 GMT
X-Backend: old_static
age: 0
Vary: Origin
Content-Type: image/gif
Connection: keep-alive
X-Varnish: 2641851807 2633113784
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 4519
Expires: Mon, 20 Sep 2021 11:48:50 GMT

Redirect headers

Date: Mon, 20 Sep 2021 01:31:51 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.bankier.pl/i/l/citibank.gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 247
Expires: Tue, 21 Sep 2021 01:31:51 GMT

GET
H/1.1 200
OK / Show response
ec.bankier.pl/show2/MzEyMTksMTE4NTksMjQ1OTU/0.48385076994448517/ 4 KB
2 KB 89ms
49ms Script
application/javascript 85.194.246.20
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.bankier.pl/show2/MzEyMTksMTE4NTksMjQ1OTU/0.48385076994448517/
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 85.194.246.20 Torun, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-20.85-194-246-0.net.eco.atman.pl
Software: lighttpd/1.4.45 /
Resource Hash: d865e6cb4d5d5b8bb0550076ddd90d5be2f8979de726912df63ddf59fca7c91f

Request headers

Referer: https://www.kredyty-lokaty-konta.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 20 Sep 2021 01:31:58 GMT
Content-Encoding: gzip
Server: lighttpd/1.4.45
Age: 0
Transfer-Encoding: chunked
X-Varnish: 1567513102
Via: 1.1 varnish
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 20 Sep 2021 01:31:58 GMT

GET
H/1.1 200
OK 60829d7dc595c768681e70ed.img
ec.bankier.pl/file/ 51 KB
51 KB 21ms
21ms Image
image/jpeg 85.194.246.20
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ec.bankier.pl/file/60829d7dc595c768681e70ed.img
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 85.194.246.20 Torun, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-20.85-194-246-0.net.eco.atman.pl
Software: lighttpd/1.4.45 /
Resource Hash: e5df3b8e78e930469f4267a3633abe5380f42971602f5a544919c2e29af2d688

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 01:31:58 GMT
Via: 1.1 varnish
Server: lighttpd/1.4.45
Age: 68289
X-Varnish: 1567513103 1567181744
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 52134
Expires: Mon, 20 Sep 2021 06:33:49 GMT

GET
H/1.1 200
OK 0.4156112427805507
ec.bankier.pl/impression/_A4ED4DHm56r8PJ5O5NQG36FrD0Uf2gTZUDJwfH8wFUOMAROZP4A2qbq-fYmMpygBIkiwUDrSNbhz39ju3eDeoOy0A5hInxcTc2RvDC44zOh3dRlzcNV7SOH8Tv0UANCbRIIX3TQUdHzzjyCn9hw_kDOYh30sjuy2DfT5N7fbBw=... 43 B
423 B 86ms
24ms Image
image/gif 85.194.246.20
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ec.bankier.pl/impression/_A4ED4DHm56r8PJ5O5NQG36FrD0Uf2gTZUDJwfH8wFUOMAROZP4A2qbq-fYmMpygBIkiwUDrSNbhz39ju3eDeoOy0A5hInxcTc2RvDC44zOh3dRlzcNV7SOH8Tv0UANCbRIIX3TQUdHzzjyCn9hw_kDOYh30sjuy2DfT5N7fbBw=/0.27304631499681964/0.4156112427805507
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 85.194.246.20 Torun, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-20.85-194-246-0.net.eco.atman.pl
Software: lighttpd/1.4.45 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 01:31:58 GMT
Via: 1.1 varnish
Server: lighttpd/1.4.45
Age: 0
X-Varnish: 1567513106
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 20 Sep 2021 01:31:58 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 253 KB
94 KB 58ms
44ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

fece609132179152484c9592c0cad0b32ea746fd41546306a38b8556b82d2fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95702
x-xss-protection: 0
server: cafe
etag: 17553272322223311488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Sep 2021 01:31:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame EB4E 10 KB
5 KB 28ms
6ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210915/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kredyty-lokaty-konta.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 19 Sep 2021 12:36:30 GMT
expires: Sun, 03 Oct 2021 12:36:30 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 46528
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK flexiproduct.js Show response
aff.bstatic.com/static/affiliate_base/js/ 6 KB
3 KB 929ms
410ms Script
application/javascript 185.28.221.4
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1632101518500

Requested by

Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.28.221.4 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

c553ef7271334af93285181e0b891ecc964712f12d02af54ecee9c58354c71e6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
content-encoding: br
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-186e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
transfer-encoding: chunked
timing-allow-origin: *
nel: {"report_to":"default","max_age":600}
x-xss-protection: 1; mode=block
expires: Wed, 20 Oct 2021 01:31:59 GMT

GET
H2 200 style.css
app.ceneostatic.pl/common/style_ap/searchbox/ 3 KB
1 KB 131ms
31ms Stylesheet
text/css 5.134.209.144
QXL-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://app.ceneostatic.pl/common/style_ap/searchbox/style.css

Requested by

Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.134.209.144 Poznan, Poland, ASN42656 (QXL-POLAND, PL),

Reverse DNS

Software

Resource Hash

bd800099301c407eb15387c442d63a0af01cd6b864614322445430d8407e47b4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-uri /PreserveCspReport/

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; report-uri /PreserveCspReport/
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 05:31:14 GMT
etag: "ab7fa4e6f2a9d71:0"
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-expose-headers: Request-Context
date: Mon, 20 Sep 2021 01:31:58 GMT
accept-ranges: bytes
content-type: text/css
content-length: 916
request-context: appId=cid-v1:65dc104a-7c3a-4ca8-ba9b-ca341924ee2e

GET
H/1.1 200
OK / Show response
ec.bankier.pl/show2/MzEyMTksMTE4NTksMjQ1OTU/0.07810171766385321/ 4 KB
2 KB 45ms
39ms Script
application/javascript 85.194.246.20
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.bankier.pl/show2/MzEyMTksMTE4NTksMjQ1OTU/0.07810171766385321/
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 85.194.246.20 Torun, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-20.85-194-246-0.net.eco.atman.pl
Software: lighttpd/1.4.45 /
Resource Hash: 4a8200594738cea08b62da5b4fb5df55985fb81866fe5a8e57a5da207ad3f311

Request headers

Referer: https://www.kredyty-lokaty-konta.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 20 Sep 2021 01:31:58 GMT
Content-Encoding: gzip
Server: lighttpd/1.4.45
Age: 0
Transfer-Encoding: chunked
X-Varnish: 1567513105
Via: 1.1 varnish
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 20 Sep 2021 01:31:58 GMT

GET
H/1.1 200
OK 0.35485364363902305
ec.bankier.pl/impression/_A4ED4DHm56r8PJ5O5NQG36FrD0Uf2gTZUDJwfH8wFXbfb6sYG2btFvkK1xTSG6VdRvjmtGiz7Grbj_Bv90G-ZMROqtkWYA_9tuTJjs2JNOYBVV9zDQOmaK5A6CeMemFfLNavjtOIP1BT3pQNw0mVI8mG1_6TdX643owO13eyyQ=... 43 B
423 B 23ms
23ms Image
image/gif 85.194.246.20
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ec.bankier.pl/impression/_A4ED4DHm56r8PJ5O5NQG36FrD0Uf2gTZUDJwfH8wFXbfb6sYG2btFvkK1xTSG6VdRvjmtGiz7Grbj_Bv90G-ZMROqtkWYA_9tuTJjs2JNOYBVV9zDQOmaK5A6CeMemFfLNavjtOIP1BT3pQNw0mVI8mG1_6TdX643owO13eyyQ=/0.7249410372226981/0.35485364363902305
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 85.194.246.20 Torun, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-20.85-194-246-0.net.eco.atman.pl
Software: lighttpd/1.4.45 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 01:31:58 GMT
Via: 1.1 varnish
Server: lighttpd/1.4.45
Age: 0
X-Varnish: 1567513107
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 20 Sep 2021 01:31:58 GMT

GET
H2 200 imp Show response
imppl.tradedoubler.com/ 274 B
961 B 45ms
8ms Script
application/x-javascript 35.186.231.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://imppl.tradedoubler.com/imp?type(js)pool(535963)a(1950594)324515782
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.231.186.35.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: 4ad0077b7c5401bbd93e0db860b7986b4189291f2d56d0d4a3e49c7d9dd4a97e

Request headers

Referer: https://www.kredyty-lokaty-konta.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 01:31:58 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: application/x-javascript; charset=ISO-8859-2
alt-svc: clear
content-length: 274

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
665 B 38ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.kredyty-lokaty-konta.pl&callback=_gfp_s_&client=ca-pub-5798894572691287

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4247460622b38b41cf1060a77255e6ccab506814510364b37bcefa9378f085dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kredyty-lokaty-konta.pl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Sep 2021 01:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A118 278 KB
17 KB 385ms
371ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=250&slotname=8172637750&adk=3993778753&adf=2406496431&pi=t.ma~as.8172637750&w=300&lmt=1632101518&psa=0&format=300x250&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101518484&bpp=5&bdt=647&idt=82&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=3708541338545&frm=20&pv=2&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1215&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&pvsid=3481589104958141&pem=465&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QV7zWmP8DC&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

099955e73848392242a9626cf5bd0b2922463a6ea9ee78a9c0c1f0575b6aa1e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798894572691287&output=html&h=250&slotname=8172637750&adk=3993778753&adf=2406496431&pi=t.ma~as.8172637750&w=300&lmt=1632101518&psa=0&format=300x250&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101518484&bpp=5&bdt=647&idt=82&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=3708541338545&frm=20&pv=2&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1215&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&pvsid=3481589104958141&pem=465&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QV7zWmP8DC&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kredyty-lokaty-konta.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 20 Sep 2021 01:31:58 GMT
server: cafe
content-length: 17321
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 20-Sep-2021 01:46:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 20 Sep 2021 01:31:58 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 79ms
29ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1631879122047051"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 20 Sep 2021 01:31:58 GMT

GET
H/1.1 200
OK kategorie_300x250_nR9Edz0-888.jpeg
vht.tradedoubler.com/file/288386/2018/03/15/93/ 22 KB
23 KB 53ms
9ms Image
image/jpeg 13.224.193.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vht.tradedoubler.com/file/288386/2018/03/15/93/kategorie_300x250_nR9Edz0-888.jpeg
Requested by: Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-51.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 37528ae7020b3d8135f3682dd426632d001da68f2b373b243d21760afb02840f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 19 Sep 2021 04:34:14 GMT
Via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 15 Mar 2018 13:30:11 GMT
Server: Apache
Age: 75464
ETag: "5952-567737daddec0"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 22866
X-Amz-Cf-Id: Fq3VGtrWYXXUgv10q_8Wgj277w1LMPcXzjCMRyVLhNV-ANgqC64NRA==
Expires: Sun, 26 Sep 2021 04:34:14 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 65ms
6ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:58 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=36725
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1583 96 KB
30 KB 571ms
571ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&adk=1812271804&adf=3025194257&lmt=1632101518&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101518651&bpp=1&bdt=813&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&pvsid=3481589104958141&pem=465&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

c3538f257c3e6a3b2d13ead83c63037532acf376f638be8fa0accc69b4d30f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798894572691287&output=html&adk=1812271804&adf=3025194257&lmt=1632101518&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101518651&bpp=1&bdt=813&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&pvsid=3481589104958141&pem=465&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kredyty-lokaty-konta.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 20 Sep 2021 01:31:59 GMT
server: cafe
content-length: 30377
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 20-Sep-2021 01:46:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 20 Sep 2021 01:31:59 GMT
cache-control: private

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 197ms
137ms Script
application/javascript 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6147e48e30260c0e&bkl=0&bl=1&pdt=596&sid=6147e48e30260c0e&pub=wp-0ecf53f131c7aac135de51f31301f8f5&rev=v8.28.8-wp&ln=pl&pc=wpp&cb=0&ab=-&dp=www.kredyty-lokaty-konta.pl&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1632101518663&wpv=wpp-6.2.6&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.6%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-0ecf53f131c7aac135de51f31301f8f5%22%2C%22page_info%22%3A%7B%22template%22%3A%22home%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=6147e48eb74f8ef3000&skipb=1&callback=addthis.cbs.jsonp__97605747048684570
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 31d85d4ace722338ec1924d0b17a5a97ac259cbfb825f5b887a74d3486da7fc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 01:31:58 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2CA9 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 173A 71 KB
26 KB 9ms
9ms Document
text/html 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-170.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kredyty-lokaty-konta.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 20 Sep 2021 01:31:58 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.pl.min.json Show response
s7.addthis.com/l10n/ 3 KB
2 KB 27ms
9ms XHR
application/json 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pl.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-170.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1ba95949c8eec9b87434bc578a2871011ff13708ae3267a1535fa1cc4aeabc57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-deb"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Mon, 20 Sep 2021 01:31:58 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1794

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012109032350000/ Frame A118 189 KB
54 KB 36ms
9ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=250&slotname=8172637750&adk=3993778753&adf=2406496431&pi=t.ma~as.8172637750&w=300&lmt=1632101518&psa=0&format=300x250&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101518484&bpp=5&bdt=647&idt=82&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=3708541338545&frm=20&pv=2&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1215&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&pvsid=3481589104958141&pem=465&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QV7zWmP8DC&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

5b50180d19361f6fe64b58067f1a933a07fe538c8d88c81497076713b2872957

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 388725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55553
x-xss-protection: 0
server: sffe
date: Wed, 15 Sep 2021 13:33:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff855bcab669fc1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Sep 2022 13:33:14 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012109032350000/v0/ Frame A118 13 KB
6 KB 34ms
8ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

b0dd411f02f5b629666261dc8dd9ac72bef9d6fb1fbacddb4463919343734e28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 548683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4990
x-xss-protection: 0
server: sffe
date: Mon, 13 Sep 2021 17:07:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a08f7255b8f87285"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:07:16 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012109032350000/v0/ Frame A118 89 KB
28 KB 45ms
20ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

ae625e9e6b3122d32b8d11214bd5cc002949da0c906f9418053f6a23a821ec5c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 431117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28534
x-xss-protection: 0
server: sffe
date: Wed, 15 Sep 2021 01:46:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcb7bfffafc8a349"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Sep 2022 01:46:42 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012109032350000/v0/ Frame A118 71 KB
16 KB 46ms
22ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

8a214c9689cdd24b18575bac13e16b0f7219444ca8f4dde1cc8d8244ec6b1647

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 548682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16770
x-xss-protection: 0
server: sffe
date: Mon, 13 Sep 2021 17:07:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2e3367e2aba5f0ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:07:17 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012109032350000/v0/ Frame A118 4 KB
2 KB 33ms
8ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

f599aefbfabdfe52cc2ad3ed7db44f24b715b50c263438c4cd7818f728f51073

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 548683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1640
x-xss-protection: 0
server: sffe
date: Mon, 13 Sep 2021 17:07:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8affbe378de64f77"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Sep 2022 17:07:16 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012109032350000/v0/ Frame A118 40 KB
13 KB 43ms
19ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

5273296fe3bf7de7a8a3e91d887085df23af6452519e0b654aeb712aa5d0df95

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 548683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12817
x-xss-protection: 0
server: sffe
date: Mon, 13 Sep 2021 17:07:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "326015506c318bde"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:07:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A118 3 KB
604 B 49ms
24ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bebas+Neue:regular%7CRoboto:700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

91360e22a20207901727875cdda97dabfdb7b223deb27489a0303685aa6a46da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 01:31:59 GMT
server: ESF
date: Mon, 20 Sep 2021 01:31:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Sep 2021 01:31:59 GMT

GET
H2 200 pl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A118 2 KB
2 KB 33ms
8ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/pl.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

4b39caec1f495c3bc9c1e8b5809c065ba6e6d1c5f9f4f6ec7afb775c2c5618ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 22:23:05 GMT
x-content-type-options: nosniff
server: cafe
age: 11334
etag: 5381677441185547000
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2240
x-xss-protection: 0
expires: Mon, 20 Sep 2021 22:23:05 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A118 295 B
778 B 33ms
7ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 20:55:41 GMT
x-content-type-options: nosniff
server: cafe
age: 16578
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 20 Sep 2021 20:55:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A118 0
21 B 18ms
18ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CB3syjuRHYZj-JcfjgQfWxp6oBPnm-a1jwJb68-AO26-unr0BEAEgw_30HmDJ7t6GyKOMG6AB4ZiCoAPIAQmoAwHIAwiqBMoBT9CmPs4P2sgKqvNB0hbT6kHaCSDKQnMMglOMSg7-heWv2lbV6YbyCXlb-PnQwLfOIlgj49gEl6NNs-8GA_TBPow6REJW6eMNSPOYQmTIaBFcjxP9kIYWGnsAoocVuYKQNzq_4T1SShhlmBfjdnaE8JUp2n7xGNnZeMCE1ftS1s_jGpTuFeDdS6TG_UAjNAqTgV90R5fbGoSI3YglE3KEbKd5mFc0iyUEqKl9iREd_So4Glu4-frfU0zgFF6IJPAeULU5RysGa2fgJ8AE_7HUseMDkgUECAQYAZIFBAgFGASgBi6AB4fn_V-oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEL3sPtIIBwiAYRABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTc5ODg5NDU3MjY5MTI4NxgA&sigh=DDpsfejgTBU&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=250&slotname=8172637750&adk=3993778753&adf=2406496431&pi=t.ma~as.8172637750&w=300&lmt=1632101518&psa=0&format=300x250&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101518484&bpp=5&bdt=647&idt=82&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=3708541338545&frm=20&pv=2&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1215&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&pvsid=3481589104958141&pem=465&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QV7zWmP8DC&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=104
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 20 Sep 2021 01:31:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Sep 2021 01:31:59 GMT

GET
DATA 200
OK truncated
/ Frame A118 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3ba612b39b9f656b7599f5e53b4c93745c1cb517cecd3c1abdca695a2a6cba4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 text1.png
tpc.googlesyndication.com/sadbundle/16949250689793218050/ Frame A118 3 KB
3 KB 52ms
36ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16949250689793218050/text1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

33d87fe4a58788632948b23f035c3588fa293c70148e0e9714e3e61f6165f40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2728
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 21:48:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Sep 2022 01:31:59 GMT

GET
H3 200 date.png
tpc.googlesyndication.com/sadbundle/16949250689793218050/ Frame A118 2 KB
2 KB 74ms
57ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16949250689793218050/date.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

0957d7e05bb5f2de3a8c4e1cbc7d7f17c732ffaa0eb18cdcc9fdf8d376c4ce07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1663
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 21:48:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Sep 2022 01:31:59 GMT

GET
H3 200 obj.png
tpc.googlesyndication.com/sadbundle/16949250689793218050/ Frame A118 10 KB
10 KB 78ms
62ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16949250689793218050/obj.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

2f817b0845477d6e60b771ce0eb08e3879ee84f662cd2450fa86e50c0316aeea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9829
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 21:48:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Sep 2022 01:31:59 GMT

GET
H3 200 bottom.png
tpc.googlesyndication.com/sadbundle/16949250689793218050/ Frame A118 4 KB
4 KB 73ms
56ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16949250689793218050/bottom.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

385cf9cd1bf017b885e3708dc473b3024b7dbc165c832a8b05285d53784e3431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4484
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 21:48:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Sep 2022 01:31:59 GMT

GET
H3 200 30.png
tpc.googlesyndication.com/sadbundle/16949250689793218050/ Frame A118 2 KB
2 KB 49ms
33ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16949250689793218050/30.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

c5e5e9dfadca62fad68e47b8bfada5fb00353b4272f3277899411b1d23ac0bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1623
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 21:48:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Sep 2022 01:31:59 GMT

GET
H3 200 15.png
tpc.googlesyndication.com/sadbundle/16949250689793218050/ Frame A118 2 KB
2 KB 72ms
55ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16949250689793218050/15.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

e5af26d9f7c9155949a316913d13ad8ef9d65c134d34c554b5d9dc3cd3b35af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1712
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 21:48:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Sep 2022 01:31:59 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/16949250689793218050/ Frame A118 23 KB
23 KB 79ms
62ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16949250689793218050/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

5906bb26408d8f617253d410ed11f892c705c7f000d4251f6d5c8873996f4449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23825
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 21:48:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Sep 2022 01:31:59 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/16949250689793218050/ Frame A118 3 KB
3 KB 51ms
34ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16949250689793218050/cta.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

d9c6f8dbb79322896f6f36ad8e9e7bffe92857cf66c40bed743f317c21b5849f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3391
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 21:48:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Sep 2022 01:31:59 GMT

GET
H3 200 JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v2/ Frame A118 13 KB
13 KB 46ms
23ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bebasneue/v2/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bebas+Neue:regular%7CRoboto:700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

dab7290ebc90b7ed3068b2921bf51e026225ad48e7b398b12321d036d340a458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 17:00:36 GMT
x-content-type-options: nosniff
age: 117083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13092
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:42 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Sep 2022 17:00:36 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame A118 15 KB
15 KB 40ms
16ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bebas+Neue:regular%7CRoboto:700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 10:50:07 GMT
x-content-type-options: nosniff
age: 571312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 10:50:07 GMT

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012109032350000/ 20 KB
7 KB 23ms
7ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109032350000/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

fadb46ae77ea4d4410f6989d15c29991bd304afe45dda9d526b6b5b852c6ecff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 548681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7337
x-xss-protection: 0
server: sffe
date: Mon, 13 Sep 2021 17:07:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fbcd1892c7c7d59c"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:07:18 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 145 KB
52 KB 24ms
24ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

3827f61fb79cfe72886e152f47e32cc6b9e112c40fffbfd254a9828f94ebf65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53040
x-xss-protection: 0
server: cafe
etag: 10624087348813358335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Sep 2021 01:31:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kredyty-lokaty-konta.pl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Sep 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A287 70 KB
27 KB 517ms
517ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=280&adk=2096075310&adf=1542668655&pi=t.aa~a.1032271861~i.18~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1632101519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9785999057&psa=0&ad_type=text_image&format=750x280&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101519264&bpp=1&bdt=1427&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29a5c8e39626eedc-228dde2f3bc900a2%3AT%3D1632101518%3ART%3D1632101518%3AS%3DALNI_MZTGSsLQZ7_Pos-XSco5S8zdLg7nA&prev_fmts=300x250%2C0x0&nras=2&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=185&ady=2381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&psts=AGkb-H9wL_1MfLNpd8KKYa7ArMOMVpJUuHOc6MrOnXFiLmGeIUX5ajMhX1_uILM7WedzS4fSqP0TMkIWlQk&pvsid=3481589104958141&pem=465&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=miSANh9yCb&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

5d8b7c0f5d23092ad2a42085c7602c79b7680d9055acdb1a63ef306d0a97faee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798894572691287&output=html&h=280&adk=2096075310&adf=1542668655&pi=t.aa~a.1032271861~i.18~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1632101519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9785999057&psa=0&ad_type=text_image&format=750x280&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101519264&bpp=1&bdt=1427&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29a5c8e39626eedc-228dde2f3bc900a2%3AT%3D1632101518%3ART%3D1632101518%3AS%3DALNI_MZTGSsLQZ7_Pos-XSco5S8zdLg7nA&prev_fmts=300x250%2C0x0&nras=2&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=185&ady=2381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&psts=AGkb-H9wL_1MfLNpd8KKYa7ArMOMVpJUuHOc6MrOnXFiLmGeIUX5ajMhX1_uILM7WedzS4fSqP0TMkIWlQk&pvsid=3481589104958141&pem=465&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=miSANh9yCb&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=33
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kredyty-lokaty-konta.pl/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnSFHwxx-QdDu_uFXNceF-EpT0t6s2UVeKoMP9GT5LTmXHPiJrvunkiT7vjCJ0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 20 Sep 2021 01:31:59 GMT
server: cafe
content-length: 27183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/ Frame 4ABF 10 KB
5 KB 7ms
7ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kredyty-lokaty-konta.pl/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnSFHwxx-QdDu_uFXNceF-EpT0t6s2UVeKoMP9GT5LTmXHPiJrvunkiT7vjCJ0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 19 Sep 2021 12:54:32 GMT
expires: Sun, 03 Oct 2021 12:54:32 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 45447
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4ABF 0
0 19ms
19ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6GaNjuRHYYiaKdPbgAfahLgY46_yzGSh0OKyuQ6_4R4QASDD_fQeYMnu3obIo4wboAGd79XsAsgBAqgDAcgDyQSqBM0BT9BoteA2lYn8i8vbEh55Y2Gucot2zPRogtU4iH5iUS-jts-KFf1HRZquCaidGnxqZLFMnclo-aXn9XQBt0xJfcEX9qJQ-EBdsJIICVrnQo1dm8NCGuaeTf_7_2zkpgC-XqV6CT19lHbLRIFQKsXkxp1xcnKAp4xDtz5q4ezX1nbiw4Hde85dwMweVaN4CvT8MhjnddTJO6wH9XxDi5HQ_vZbLDPBeWqyDMH85qB0fR4GADuSJo10v3TFe7cOD45Mzkv8DhjFVoLDyCxGGMAE26yek9QDkgUECAQYAZIFBAgFGASgBgKAB8uQqpMBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBRDM3Z4B0ggHCIBhEAEYH4AKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi01Nzk4ODk0NTcyNjkxMjg3GAA&sigh=K7DQXPwLN1E

Requested by

Host: www.kredyty-lokaty-konta.pl
URL: https://www.kredyty-lokaty-konta.pl/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 20 Sep 2021 01:31:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame 4ABF 18 KB
7 KB 7ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 23:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 23:48:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 4ABF 2 KB
1 KB 7ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 01:25:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4ABF 128 KB
39 KB 43ms
22ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 20 Sep 2021 01:31:59 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 4ABF 14 KB
6 KB 7ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 01:16:57 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 4ABF 26 KB
11 KB 8ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 15:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
server: cafe
etag: 553973696465445763
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 15:48:07 GMT

GET
H3 200 1823473924869652607
tpc.googlesyndication.com/simgad/ Frame 4ABF 16 KB
16 KB 9ms
9ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1823473924869652607?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmcTvQdHZo_u3pR-NG23lolRUZpVw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

4fc91213e621f2777cd3b6dbe9233d94573bfee381d41f1d21683767dd9d8ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 17:20:20 GMT
x-content-type-options: nosniff
age: 202299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15917
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 20:21:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Sep 2022 17:20:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 01E0 143 B
163 B 6ms
6ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnSFHwxx-QdDu_uFXNceF-EpT0t6s2UVeKoMP9GT5LTmXHPiJrvunkiT7vjCJ0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 20 Sep 2021 01:02:16 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 01E0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

15ms
15ms

Document
text/html

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnSFHwxx-QdDu_uFXNceF-EpT0t6s2UVeKoMP9GT5LTmXHPiJrvunkiT7vjCJ0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 20 Sep 2021 01:31:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 20-Sep-2021 02:31:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 20 Sep 2021 01:31:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 20 Sep 2021 01:31:59 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4ABF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 396b57252f5e17115f3b495232e55e634d5d38376dadf666de6e1334c2d13174

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK flexiproduct.html Show response
www.booking.com/ Frame 2B34 3 KB
2 KB 268ms
188ms Document
text/html 5.57.16.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=banner&w=300&h=250&lang=pl&aid=1459353&target_aid=1459334&tmpl=affiliate_banner&fid=1632101519467&

Requested by

Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1632101518500

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.220 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

www.booking.com

Software

nginx /

Resource Hash

6f99be0a0934edfff4d3e576b8eb81c4bc5bd144162d81785bfd7924d0b44a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.booking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kredyty-lokaty-konta.pl/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/

Response headers

server: nginx
date: Mon, 20 Sep 2021 01:31:59 GMT
content-type: text/html; charset=UTF-8
content-length: 1130
cache-control: private
vary: Accept-Encoding, User-Agent
content-encoding: br
nel: {"max_age":604800,"report_to":"default"}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default","max_age":604800}
set-cookie: _pxhd=AMUPzaTLL4YD5wCcpwqJiKL%2FCT9dVmiDBO6syGeOiBQrta4nqVXwaZZi1hdXFpRy9LmK6-GAvIlap2Sb9ze9YA%3D%3D%3A7aYkq43GgdGzaK8SBAGTY-uMZp0EZ1aDqsQ1yq4ChEpnREh5RBcoscMptNKDgQy%2FY-G8YvrhKze5PKAdmr9A-2rlnt9aqfjQCEZZ1j3OehY%3D; path=/; expires=Tue, 20-Sep-2022 01:31:59 GMT bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3Wdm0%2ByPGMsCzWxbDYz%2B2bOAEJ54kugbUo4MFn42NDx3SNYdUJv1Y1pgDsSLySWOWWVA0tRphWKLYk9BAZJkUfMm1ASf%2FDmVsS4pxfjXy%2FGDYo3bWfcr0Uq5RRuoIlBgypWwALjPS7%2F6eGvyssZiVMV; domain=.booking.com; path=/; expires=Sat, 19-Sep-2026 01:31:59 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js Show response
pagead2.googlesyndication.com/bg/ Frame 87BE 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 11:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13319
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 19 Sep 2022 11:36:17 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 9ms
9ms Script
application/javascript 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-170.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 20 Sep 2021 01:31:59 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 79.b2b05b2959834cc82987.js Show response
s7.addthis.com/static/ 645 B
664 B 10ms
10ms Script
application/javascript 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/79.b2b05b2959834cc82987.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-170.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

9a5e5814e12b14dadac29b38a6af35f90ea37c425ab9245c139bc413ebd6fba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-285"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 20 Sep 2021 01:31:59 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 424

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 badbab77340f2a4336a65c2046024ac2a372bc1c.css
cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/ Frame 2B34 6 KB
2 KB 48ms
7ms Stylesheet
text/css 13.225.78.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/badbab77340f2a4336a65c2046024ac2a372bc1c.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=banner&w=300&h=250&lang=pl&aid=1459353&target_aid=1459334&tmpl=affiliate_banner&fid=1632101519467&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e571a2adfb7928e9adccdab27f10b7bca469ea37929c9c43ca20e557a7734532

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:48:44 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1539795
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:16 GMT
server: nginx
etag: W/"5cadd1ac-1890"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: DWMZE3Ut7olFcxOlI11gkulgQeGi33t7a4vmH4oEXDFClow1A2KD5w==
expires: Sat, 02 Oct 2021 05:48:44 GMT

GET
H2 200 39ede3ccebe0d92db6451ce95ed22d5ee2927efc.jpg
r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/250_three/ Frame 2B34 15 KB
16 KB 129ms
9ms Image
image/jpeg 13.225.78.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/250_three/39ede3ccebe0d92db6451ce95ed22d5ee2927efc.jpg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/badbab77340f2a4336a65c2046024ac2a372bc1c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

184c0514a96b76616a870c711d3fdf33b0c42cf5e542c33ba9e22b3d797ce44c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf.bstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:13:27 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 2337512
x-cache: Hit from cloudfront
content-length: 15815
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
server: nginx
etag: "5cadd1cc-3dc7"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: e_Astwji5KM2s5RQokdtehtDFf2ExVnJHfi1rF9AzkO_zG0ddMn2xg==
expires: Thu, 23 Sep 2021 00:13:27 GMT

GET
H2 200 a00df37609086c7793515a151e50d1eabae1cb47.png
q.bstatic.com/static/affiliate_base/img/banners/branded_set_1/curved_top_250/ Frame 2B34 347 B
920 B 112ms
9ms Image
image/png 13.225.78.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.bstatic.com/static/affiliate_base/img/banners/branded_set_1/curved_top_250/a00df37609086c7793515a151e50d1eabae1cb47.png

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/badbab77340f2a4336a65c2046024ac2a372bc1c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8a21e1fd591c4181eb0d8acc51ea9efc38891ebb97db7049dfb07b95295c5fd8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf.bstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:25:57 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 2336762
x-cache: Hit from cloudfront
content-length: 347
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
server: nginx
etag: "5cadd1cc-15b"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: M91w1b0Ww_u9KxSDsutIthgFMReSX2YVwarIM39QK5zNMdRmutfZvA==
expires: Thu, 23 Sep 2021 00:25:57 GMT

GET
H2 200 c7227f56e498e6a463fb9f059e88e36197263759.png
q.bstatic.com/static/affiliate_base/img/banners/bookingLogos/bookinglogo_123x20/ Frame 2B34 5 KB
5 KB 111ms
8ms Image
image/png 13.225.78.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.bstatic.com/static/affiliate_base/img/banners/bookingLogos/bookinglogo_123x20/c7227f56e498e6a463fb9f059e88e36197263759.png

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/badbab77340f2a4336a65c2046024ac2a372bc1c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fc88580a590cde4632c65373bc5186b179f04c359fe99c665a18b6f85f6b7fa5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cf.bstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 15:20:25 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 2542294
x-cache: Hit from cloudfront
content-length: 4722
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:47 GMT
server: nginx
etag: "5cadd1cb-1272"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: f3guf2ovfE_Q3TncKHn5yBtDBlMTn7dVRMvs4Acfthn7hHnF30q_Zw==
expires: Mon, 20 Sep 2021 15:20:25 GMT

GET
H2 200 beb5a35856de848cee8daf0016dd8dec9b1f8e4f.woff
cf.bstatic.com/static/fonts/affiliate_banners/opensans-regular-webfont/ Frame 2B34 24 KB
25 KB 24ms
8ms Font
application/font-woff 13.225.78.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/affiliate_banners/opensans-regular-webfont/beb5a35856de848cee8daf0016dd8dec9b1f8e4f.woff

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=banner&w=300&h=250&lang=pl&aid=1459353&target_aid=1459334&tmpl=affiliate_banner&fid=1632101519467&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9f06c5a5a26eed51ed7c0d94bd7bdb822cc503c1e619b463377c44e114e2ca5c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 01:41:32 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 949937
x-cache: Hit from cloudfront
content-length: 24852
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
server: nginx
etag: "5cadd1cc-6114"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5JGwiG8HLkFeQBVNpmtpG1mwagR1_QCXjbW_vMkl7T0R6xZsZfffow==
expires: Sat, 09 Oct 2021 01:39:42 GMT

GET
H3 200 8249233832041981377
tpc.googlesyndication.com/daca_images/simgad/ Frame A287 106 KB
106 KB 8ms
8ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8249233832041981377

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=280&adk=2096075310&adf=1542668655&pi=t.aa~a.1032271861~i.18~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1632101519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9785999057&psa=0&ad_type=text_image&format=750x280&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101519264&bpp=1&bdt=1427&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29a5c8e39626eedc-228dde2f3bc900a2%3AT%3D1632101518%3ART%3D1632101518%3AS%3DALNI_MZTGSsLQZ7_Pos-XSco5S8zdLg7nA&prev_fmts=300x250%2C0x0&nras=2&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=185&ady=2381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&psts=AGkb-H9wL_1MfLNpd8KKYa7ArMOMVpJUuHOc6MrOnXFiLmGeIUX5ajMhX1_uILM7WedzS4fSqP0TMkIWlQk&pvsid=3481589104958141&pem=465&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=miSANh9yCb&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=33

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

559557cb7ffaa9f44c50804ece32002204dc1ea5d656f2da7f629269e0ccbfeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:47:55 GMT
x-content-type-options: nosniff
age: 366244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108589
x-xss-protection: 0
last-modified: Wed, 27 May 2020 00:41:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Sep 2022 19:47:55 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame A287 18 KB
7 KB 7ms
6ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 23:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 23:48:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame A287 2 KB
1 KB 10ms
9ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 01:25:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A287 128 KB
39 KB 38ms
37ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 20 Sep 2021 01:31:59 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame A287 14 KB
6 KB 8ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 01:16:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A287 0
0 31ms
14ms Image
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEY8lDEUlE_cc8YcA_u_u8NEhZLoiSuvvqX1I515kyshQBkn6sfUaL6QRDkG0WhuSkCUndqnMnT9H0-Dry9XUN_MMXuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=280&adk=2096075310&adf=1542668655&pi=t.aa~a.1032271861~i.18~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1632101519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9785999057&psa=0&ad_type=text_image&format=750x280&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101519264&bpp=1&bdt=1427&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29a5c8e39626eedc-228dde2f3bc900a2%3AT%3D1632101518%3ART%3D1632101518%3AS%3DALNI_MZTGSsLQZ7_Pos-XSco5S8zdLg7nA&prev_fmts=300x250%2C0x0&nras=2&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=185&ady=2381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&psts=AGkb-H9wL_1MfLNpd8KKYa7ArMOMVpJUuHOc6MrOnXFiLmGeIUX5ajMhX1_uILM7WedzS4fSqP0TMkIWlQk&pvsid=3481589104958141&pem=465&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=miSANh9yCb&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=33
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame A287 26 KB
11 KB 10ms
9ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 15:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
server: cafe
etag: 553973696465445763
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 15:48:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A287 0
0 19ms
18ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDfAfj-RHYaOpE4zy-gbzjYDADqu4neZhrI-8gf0KloLNhYgWEAEgw_30HmDJ7t6GyKOMG6ABmdqBwgPIAQKpAhhDKdW4q7M-qAMByAPJhIACqgTKAU_Q7nDBZG6rfqqpm1FfOrun2WGKsdyWkollTw_OiBfPtCmaZ2xss3i_vNy27Wdx1-Hol4fFPA3cmoD_eEez9ZM77LfP7QccTfl4pHWiij9pD4KbZnCyBRvN5CZKqvAHRffWn7uod3Khqn9ei8rlVPpgbkVYQngPxOBZ0xYpo6TnbA9H8QhZYK5aua38Tw3Pi0DQZhou5FKrzhF6Daf3tdGg1tCk2w6dhpG9MkU2t0_BuUA7OXOlxFjJnfMqC6Qoh_T_LXRXSgbe9oPABO-Oyo6CApIFBAgEGAGSBQQIBRgEoAYCgAfPpf49qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBDW0WvSCAcIgGEQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTU3OTg4OTQ1NzI2OTEyODcYAA&sigh=e5uR3Njyioo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=280&adk=2096075310&adf=1542668655&pi=t.aa~a.1032271861~i.18~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1632101519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9785999057&psa=0&ad_type=text_image&format=750x280&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101519264&bpp=1&bdt=1427&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29a5c8e39626eedc-228dde2f3bc900a2%3AT%3D1632101518%3ART%3D1632101518%3AS%3DALNI_MZTGSsLQZ7_Pos-XSco5S8zdLg7nA&prev_fmts=300x250%2C0x0&nras=2&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=185&ady=2381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&psts=AGkb-H9wL_1MfLNpd8KKYa7ArMOMVpJUuHOc6MrOnXFiLmGeIUX5ajMhX1_uILM7WedzS4fSqP0TMkIWlQk&pvsid=3481589104958141&pem=465&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=miSANh9yCb&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 20 Sep 2021 01:31:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 083D 143 B
163 B 7ms
6ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=280&adk=2096075310&adf=1542668655&pi=t.aa~a.1032271861~i.18~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1632101519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9785999057&psa=0&ad_type=text_image&format=750x280&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101519264&bpp=1&bdt=1427&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29a5c8e39626eedc-228dde2f3bc900a2%3AT%3D1632101518%3ART%3D1632101518%3AS%3DALNI_MZTGSsLQZ7_Pos-XSco5S8zdLg7nA&prev_fmts=300x250%2C0x0&nras=2&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=185&ady=2381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&psts=AGkb-H9wL_1MfLNpd8KKYa7ArMOMVpJUuHOc6MrOnXFiLmGeIUX5ajMhX1_uILM7WedzS4fSqP0TMkIWlQk&pvsid=3481589104958141&pem=465&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=miSANh9yCb&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=33
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnSFHwxx-QdDu_uFXNceF-EpT0t6s2UVeKoMP9GT5LTmXHPiJrvunkiT7vjCJ0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=280&adk=2096075310&adf=1542668655&pi=t.aa~a.1032271861~i.18~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1632101519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9785999057&psa=0&ad_type=text_image&format=750x280&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101519264&bpp=1&bdt=1427&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29a5c8e39626eedc-228dde2f3bc900a2%3AT%3D1632101518%3ART%3D1632101518%3AS%3DALNI_MZTGSsLQZ7_Pos-XSco5S8zdLg7nA&prev_fmts=300x250%2C0x0&nras=2&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=185&ady=2381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&psts=AGkb-H9wL_1MfLNpd8KKYa7ArMOMVpJUuHOc6MrOnXFiLmGeIUX5ajMhX1_uILM7WedzS4fSqP0TMkIWlQk&pvsid=3481589104958141&pem=465&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=miSANh9yCb&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=33

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 20 Sep 2021 01:02:16 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 25FB 1 KB
749 B 7ms
6ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 19 Sep 2021 21:06:15 GMT
expires: Mon, 20 Sep 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 15944
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 25FB 35 B
463 B 69ms
8ms Image
image/gif 91.228.74.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_push=AYg5qPK9mdBOFjWRo_BSYYZbhiiFC9oZmtVU95QDyUtgaEl1YlH3Ns2A5waci-y_cadk5PjRiUuNRZgsYUuvvQLBiNmUv6ULMQke

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 01:31:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25FB
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPL54lBGURXSirkndFZMQCkyEp48ZyWEuUQl65b...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVVma2tBQUFCY0dvLVZpbA&google_push=AYg5qPL54lBGURXSirkndFZMQCkyEp48ZyWEuUQl65b81iJB8AAL-DdiYTH_ZK6bjUFfvDjn9cqxp-Hmw4VVJ0SwggkiKNTDmz2-

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVVma2tBQUFCY0dvLVZpbA&google_push=AYg5qPL54lBGURXSirkndFZMQCkyEp48ZyWEuUQl65b81iJB8AAL-DdiYTH_ZK6bjUFfvDjn9cqxp-Hmw4VVJ0SwggkiKNTDmz2-

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 01:32:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVVma2tBQUFCY0dvLVZpbA&google_push=AYg5qPL54lBGURXSirkndFZMQCkyEp48ZyWEuUQl65b81iJB8AAL-DdiYTH_ZK6bjUFfvDjn9cqxp-Hmw4VVJ0SwggkiKNTDmz2-
Date: Mon, 20 Sep 2021 01:32:00 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25FB
Redirect Chain

https://rtb.openx.net/sync/dds?google_push=AYg5qPLQCv1N-PGxtkw_wC-S4Ou4XBp9J9gNRMg5nWm9dcSFAl8RjE5vTBsgaYvSqSJMntWrAUhfnHOc1o-RPXNyRRkkowsMCNP-
https://rtb.openx.net/sync/dds?google_push=AYg5qPLQCv1N-PGxtkw_wC-S4Ou4XBp9J9gNRMg5nWm9dcSFAl8RjE5vTBsgaYvSqSJMntWrAUhfnHOc1o-RPXNyRRkkowsMCNP-&ox_sc=1
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLQCv1N-PGxtkw_wC-S4Ou4XBp9J9gNRMg5nWm9dcSFAl8RjE5vTBsgaYvSqSJMntWrAUhfnHOc1o-RPXNyRRkkowsMCNP-&google_hm=Emm1bnoHzv0C9juekzyihw==

170 B
188 B

51ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLQCv1N-PGxtkw_wC-S4Ou4XBp9J9gNRMg5nWm9dcSFAl8RjE5vTBsgaYvSqSJMntWrAUhfnHOc1o-RPXNyRRkkowsMCNP-&google_hm=Emm1bnoHzv0C9juekzyihw==

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 01:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Sep 2021 01:31:59 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLQCv1N-PGxtkw_wC-S4Ou4XBp9J9gNRMg5nWm9dcSFAl8RjE5vTBsgaYvSqSJMntWrAUhfnHOc1o-RPXNyRRkkowsMCNP-&google_hm=Emm1bnoHzv0C9juekzyihw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 53t26djqqvustn9itjjiiktmr1mqk9eo

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25FB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AOlFwrumRXy8a2wbXIwFSg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AOlFwrumRXy8a2wbXIwFSg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLIN9GSHMdUQZyPHN_HRGt3D1VoAMrwyKDgQi6PSppyx_qo9BrCeEs5XCooR5dU9tp1V9nQIY5Wsx-p0BFWwwiccJ9MUode

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 01:32:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AOlFwrumRXy8a2wbXIwFSg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLIN9GSHMdUQZyPHN_HRGt3D1VoAMrwyKDgQi6PSppyx_qo9BrCeEs5XCooR5dU9tp1V9nQIY5Wsx-p0BFWwwiccJ9MUode
date: Mon, 20 Sep 2021 01:32:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25FB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_push=AYg5qPLaxaTg4uzASNIu0DG0hbrTsd57_1rrSwKMSKQ3xugFhYk0Oo3O2N5uzeajv8xyBfjqT_vqkTc1YE4YsGjtArgzA7lNOuo
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RSWjNTSkgtMjctOTRENA==&google_push=AYg5qPLaxaTg4uzASNIu0DG0hbrTsd57_1rrSwKMSKQ3xugFhYk0Oo3O2N5uzeajv8xyBfjqT_vqkTc1YE4YsGjtArgzA7lNOuo

170 B
188 B

51ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RSWjNTSkgtMjctOTRENA==&google_push=AYg5qPLaxaTg4uzASNIu0DG0hbrTsd57_1rrSwKMSKQ3xugFhYk0Oo3O2N5uzeajv8xyBfjqT_vqkTc1YE4YsGjtArgzA7lNOuo

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 01:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RSWjNTSkgtMjctOTRENA==&google_push=AYg5qPLaxaTg4uzASNIu0DG0hbrTsd57_1rrSwKMSKQ3xugFhYk0Oo3O2N5uzeajv8xyBfjqT_vqkTc1YE4YsGjtArgzA7lNOuo
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 25FB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4...

0
0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 25FB 0
44 B 789ms
255ms Image
text/plain 54.250.62.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_push=AYg5qPJjbSLKGrRmI1DnPLMLqmKy_gsWqZt2xDXDzcHjMD5UkQX7eKaU_EDbzPnMwox_S2SFR_gILZC3-FjoG7bLFAYZXxptBUia
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798894572691287&output=html&h=280&adk=2096075310&adf=1542668655&pi=t.aa~a.1032271861~i.18~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1632101519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9785999057&psa=0&ad_type=text_image&format=750x280&url=https%3A%2F%2Fwww.kredyty-lokaty-konta.pl%2F&flash=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632101519264&bpp=1&bdt=1427&idt=1&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D29a5c8e39626eedc-228dde2f3bc900a2%3AT%3D1632101518%3ART%3D1632101518%3AS%3DALNI_MZTGSsLQZ7_Pos-XSco5S8zdLg7nA&prev_fmts=300x250%2C0x0&nras=2&correlator=3708541338545&frm=20&pv=1&ga_vid=1081993025.1632101519&ga_sid=1632101519&ga_hid=719986761&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=185&ady=2381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C31062526&oid=3&psts=AGkb-H9wL_1MfLNpd8KKYa7ArMOMVpJUuHOc6MrOnXFiLmGeIUX5ajMhX1_uILM7WedzS4fSqP0TMkIWlQk&pvsid=3481589104958141&pem=465&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=miSANh9yCb&p=https%3A//www.kredyty-lokaty-konta.pl&dtd=33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.62.115 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-62-115.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:32:00 GMT
server: awselb/2.0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 25FB 0
244 B 37ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMmvDWTKnW-F6v9-5fNjJ8WLl-O3pzWg-P4r-vHcAowQM1kJezYZJHSO1eF9nNJsjo1dri

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:31:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 083D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

15ms
14ms

Document
text/html

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnSFHwxx-QdDu_uFXNceF-EpT0t6s2UVeKoMP9GT5LTmXHPiJrvunkiT7vjCJ0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 20 Sep 2021 01:31:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 20-Sep-2021 02:31:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 20 Sep 2021 01:31:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 20 Sep 2021 01:31:59 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A287 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f171e3d7c476bdb98ee62ce74805e276133f4de1a4903bf0e30c2f1c3c5d5a32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js Show response
pagead2.googlesyndication.com/bg/ Frame CA9A 35 KB
13 KB 6ms
6ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 11:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13319
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 19 Sep 2022 11:36:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 32ms
18ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

52beb53d2647f1a170c3a56281f1455af00b2871456999852eb9016f5cdd828b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Sep 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8508
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 01:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 20 Sep 2021 01:32:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 17E9 12 KB
5 KB 8ms
7ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kredyty-lokaty-konta.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 19 Sep 2021 17:49:19 GMT
expires: Mon, 19 Sep 2022 17:49:19 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE9C 783 B
536 B 17ms
17ms Document
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

GSE /

Resource Hash

bcb416a32b720816407fb7a3d0d963bbe8bb1d9c6d1090956bd65ecf3431ed0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NYw0DDl6Tv521rAkbGB5SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kredyty-lokaty-konta.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 20 Sep 2021 01:32:00 GMT
date: Mon, 20 Sep 2021 01:32:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NYw0DDl6Tv521rAkbGB5SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js Show response
pagead2.googlesyndication.com/bg/ Frame 17E9 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 11:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13319
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 19 Sep 2022 11:36:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE9C 0
0 24ms
24ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=3481589104958141&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A118 42 B
64 B 17ms
16ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDOC28bSYW3tyIs0lAWS54wPiWI015NR0QuG35RmvAY6TVxDxevf-HI2iUEF8dLwC5r0ZoQAWmXjX-upA3bwDI1U_YoNLhm1iYb44ZxMSLO86XErI&sai=AMfl-YR3Mk5NF0VSal7ijwqzD809kRKQ-3NP5vqkjTBGydfNK2EH03XxQXqI7NZMWaq0LZhQ7-Z4nQVhML5_&sig=Cg0ArKJSzDOucFZvZ4BtEAE&id=ampim&o=1215,769&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=116&tls=1116&g=100&h=100&tt=1117&r=v&avms=ampa&adk=3993778753

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 01:32:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 32ms
32ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210915&jk=3481589104958141&bg=!ZmWlZSHNAAaUnz4elJ87ACkAdvg8WqZ_C9ArN4-97ilHNpXpeSI5_I6_umUYalDDhjAnQ8nTn5ojpAIAAABgUgAAAApoAQcKAJKrGvXOErhrakSMGdc-t5boCg7BPaHFT0Z_yyh7DzeSDhhjAei6J3pCJHvlQu1irNystHFivifM_AZ1Viy_hEWoy8iZObkzDuOKXP6ys_hkWKFejUh_FkrR8Iw1ZQxK8QJOEwMy_c1zSlUMTPf7iASXwygoAERLIOsBWiyBxEmoOU_Qrs2cvy4uPwiDQlzLpeZM55kCfToAI8O-TzsrvNrueEx03bqf7xsUDnChW1R4rxGe2GtReFEGKGx8vWxxFyVnfx4aFiQcyMgTCEqSV6i3OJZ-qtNMhMiZYkTALE7k8ddkbPNE7bhpQDjtYMSTL6hhiqv53LuGyAi6bPqHyPpOjymtPJYc1PrROMU1xt9mEcKZV1hjvZZHsdUqmBqHM1Pbbpvp0w6DTHyeeXo323WK278ArrJqTnTxQRcnm0smY5RQluOyxnXXZIxPaTGyJhLE-lARZbiNNCFBvDh806ps4GZVA3tBQNGDKnmXukUxnw2xWDnOm8LbfS1Z4UFskWp9fgufX5kYW9Lav3ydFuzbJU6xY9gHZoyeHGWFa1PZd1pQSk0LTkWVdJ06d_bv-w7DWRYSUXXUZYClvYzMy6tFErgAYRiW6wYqU2Fy4LdI_WirFsG8YC0JpsYw29Z8A8kZ4eIpghRy9cxMEIpb5SgCDtkNpCFk1VRNwV7J46PtlL6Zukz6lpa0ST808fFZAWaSfszRvd5Tk4eJ9H4F6YHQYijpQxPfv4rvATQipMg-8p4fgvzCqGg_SeKQLxNoucXiUWrzWAGrdgiNIUWgCkAZXKj4y_rtgMGYaXMhDvGIAXjIDBiVmV9z8Ka83oh0JCCYvywtNrtMlSdtruFkJ4HUyqzwAv7D9j-pg-Te6Jn2Id3VeQDd2hBOzz0OhTS1tQKIJRhgW7cN7YqJ6RQqyqD1CwU8B7dX1WJMOu9zyi3ERQpzAIDL9tfb5J5efVkxPD5XdtpTKQiwtaHsI2oUhjn_6Oez3Izw4wX-oy8LEK85kqAgfNVBGo6njUcgVxL502Du0PD5VpeumzqPHczcNcpMwNE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kredyty-lokaty-konta.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4ABF 42 B
64 B 17ms
17ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5TWDseuoSaisLcwUxyzKi3Cv8VhJyemNZJvX9V6GCb-Q2CGKqPHaWv3Z4Nchq0EypxzuYGrLmLtdY5Q5pI8IbEAHVlgMoWBcZvqV8vIpYSih3Fq4&sai=AMfl-YTzUZEyLOj2tbs1um2b00SoO9O03ra_a308lP_mfLoZe8xnAx0pU-3cEOvH5o8qFHp9WiI3VRiLU-M0&sig=Cg0ArKJSzGX54rLPN8AWEAE&id=lidar2&mcvt=1000&p=1106,298,1230,1303&mtos=83,737,1000,1116,1269&tos=83,654,263,116,153&v=20210917&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632101519321&rpt=114&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 01:32:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tradedoubler.com/	1970-01-20 06:07:17	Name: BT Value: 1z11zzqCz1emJtazcer9vMGzz7x1yCx1yEx1z9ycer9vMG
.tradedoubler.com/	1970-01-20 06:07:17	Name: PI Value: 1z11z1zqCz1ggGyhz9TKsy1y2029FyOmOyyyARnTy1Nnry2GejuZyyy2Zv7
.tradedoubler.com/	1970-01-20 06:07:17	Name: UI Value: 1z11zzqCzPDAj2z1K6QyL22V
.tradedoubler.com/	1970-01-20 06:07:17	Name: PL Value: 1z11zzqCz1EYEUbz2hIhyPhupyN3glyy-3FiO48y4GSguw1
www.kredyty-lokaty-konta.pl/	1970-01-20 06:50:29	Name: __atuvc Value: 1%7C38
www.kredyty-lokaty-konta.pl/	1970-01-19 21:21:43	Name: __atuvs Value: 6147e48eb74f8ef3000
.kredyty-lokaty-konta.pl/	1970-01-20 06:43:17	Name: __gads Value: ID=29a5c8e39626eedc-228dde2f3bc900a2:T=1632101518:RT=1632101518:S=ALNI_MZTGSsLQZ7_Pos-XSco5S8zdLg7nA
.addthis.com/	1970-01-20 06:50:29	Name: uvc Value: 1%7C38
.addthis.com/	1970-01-20 06:50:29	Name: loc Value: MDAwMDBFVURFQlkyMjg2MTkwNDAwNTAwMDBDSA==
.doubleclick.net/	1970-01-20 14:52:53	Name: IDE Value: AHWqTUnSFHwxx-QdDu_uFXNceF-EpT0t6s2UVeKoMP9GT5LTmXHPiJrvunkiT7vjCJ0
.doubleclick.net/	1970-01-19 21:21:42	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 21:21:45	Name: DSID Value: NO_DATA
.booking.com/	1970-01-21 17:09:41	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3Wdm0%2ByPGMsCzWxbDYz%2B2bOAEJ54kugbUo4MFn42NDx3SNYdUJv1Y1pgDsSLySWOWWVA0tRphWKLYk9BAZJkUfMm1ASf%2FDmVsS4pxfjXy%2FGDYo3bWfcr0Uq5RRuoIlBgypWwALjPS7%2F6eGvyssZiVMV
.openx.net/	1970-01-20 06:07:17	Name: i Value: 1e93000b-7a06-4824-be54-bfc12402abc0\|1632101519
.casalemedia.com/	1970-01-20 06:07:17	Name: CMID Value: YUfkj9Zs9tPxd6T9QfYtxAAA
.casalemedia.com/	1970-01-19 23:31:17	Name: CMPS Value: 5224
.quantserve.com/	1970-01-19 23:31:17	Name: d Value: EBkBCQGlJIEA
.quantserve.com/	1970-01-20 06:51:55	Name: mc Value: 6147e48f-e5b03-bd81c-6801c
.casalemedia.com/	1970-01-19 23:31:17	Name: CMPRO Value: 1130
.casalemedia.com/	1970-01-19 21:23:07	Name: CMST Value: YUfkj2FH5I8A
.pubmatic.com/	1970-01-19 21:23:07	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-19 23:31:17	Name: KADUSERCOOKIE Value: 00E945C2-BBA6-457C-BC6B-6C1B5C8C054A

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.kredyty-lokaty-konta.pl/(Line 154) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ec.bankier.pl/show2/MzQ3ODYsMTE4NTksMjQ1OTU/0.20708108501199574/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.kredyty-lokaty-konta.pl/(Line 154) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ec.bankier.pl/show2/MzQ3ODYsMTE4NTksMjQ1OTU/0.20708108501199574/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.kredyty-lokaty-konta.pl/(Line 545) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ec.bankier.pl/show2/MzEyMTksMTE4NTksMjQ1OTU/0.48385076994448517/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.kredyty-lokaty-konta.pl/(Line 545) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ec.bankier.pl/show2/MzEyMTksMTE4NTksMjQ1OTU/0.48385076994448517/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.kredyty-lokaty-konta.pl/(Line 670) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ec.bankier.pl/show2/MzEyMTksMTE4NTksMjQ1OTU/0.07810171766385321/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.kredyty-lokaty-konta.pl/(Line 670) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ec.bankier.pl/show2/MzEyMTksMTE4NTksMjQ1OTU/0.07810171766385321/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.kredyty-lokaty-konta.pl/(Line 678) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://imppl.tradedoubler.com/imp?type(js)pool(535963)a(1950594)324515782, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.kredyty-lokaty-konta.pl/(Line 678) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://imppl.tradedoubler.com/imp?type(js)pool(535963)a(1950594)324515782, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUfkj9Zs9tPxd6T9QfYtxAAABGoAAAAB&google_push=AYg5qPKsgGcmPhsJy_39isaaOkzndwq7tMlLIhlCx4QAV_CrmYpxIgGkC8VaDiTYie19t1B7117_V4A-Z7CtzKjXu4RnFrtqUKg Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
aff.bstatic.com
api.systempartnerski.pl
app.ceneostatic.pl
cc.adingo.jp
cdn.ampproject.org
cf.bstatic.com
cm.g.doubleclick.net
cms.quantserve.com
ec.bankier.pl
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image2.ceneo.pl
image6.pubmatic.com
imppl.tradedoubler.com
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
q.bstatic.com
r.bstatic.com
rtb.openx.net
s7.addthis.com
ssl.bankier.pl
tpc.googlesyndication.com
vht.tradedoubler.com
www.bankier.pl
www.booking.com
www.google.com
www.googletagservices.com
www.kredyty-lokaty-konta.pl
z.moatads.com
cm.g.doubleclick.net
s7.addthis.com
128.204.218.194
13.224.193.51
13.225.78.89
142.250.181.225
142.250.181.226
142.250.184.194
142.250.184.202
142.250.185.194
142.250.185.228
142.250.185.98
142.250.186.162
142.250.74.195
172.217.18.97
185.28.221.4
185.31.26.197
185.64.190.78
195.167.159.38
195.242.116.4
2.18.232.170
2.18.235.40
35.186.231.97
35.186.253.211
5.134.209.144
5.57.16.220
52.18.11.109
54.250.62.115
69.173.144.139
77.79.227.167
85.194.246.20
91.228.74.198
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
0957d7e05bb5f2de3a8c4e1cbc7d7f17c732ffaa0eb18cdcc9fdf8d376c4ce07
099955e73848392242a9626cf5bd0b2922463a6ea9ee78a9c0c1f0575b6aa1e3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184c0514a96b76616a870c711d3fdf33b0c42cf5e542c33ba9e22b3d797ce44c
1ba95949c8eec9b87434bc578a2871011ff13708ae3267a1535fa1cc4aeabc57
1cd30b98e9d99a2a67a2001f5be728ce2388f9b1cbcccf79d99c36a75c287ff9
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2ea7944573d1d3e3b5ac42eaedf2e8d75112629146276f92f48f8acc0f89d978
2f817b0845477d6e60b771ce0eb08e3879ee84f662cd2450fa86e50c0316aeea
31d85d4ace722338ec1924d0b17a5a97ac259cbfb825f5b887a74d3486da7fc5
32e7fbfcc1ac22f9bacfae414d02c5719c55b795b887167ac21b70918f8036b7
33d87fe4a58788632948b23f035c3588fa293c70148e0e9714e3e61f6165f40d
37528ae7020b3d8135f3682dd426632d001da68f2b373b243d21760afb02840f
3827f61fb79cfe72886e152f47e32cc6b9e112c40fffbfd254a9828f94ebf65e
385cf9cd1bf017b885e3708dc473b3024b7dbc165c832a8b05285d53784e3431
396b57252f5e17115f3b495232e55e634d5d38376dadf666de6e1334c2d13174
414ef7eb986c8e434fb544a2cd37e42cb59933135e9e91ca219e355f298cff72
4247460622b38b41cf1060a77255e6ccab506814510364b37bcefa9378f085dc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
47e23c6ee065cf0edfe011437b8feb2f4ba6bccc8cc0cffc33307a831bd5005b
4a8200594738cea08b62da5b4fb5df55985fb81866fe5a8e57a5da207ad3f311
4ad0077b7c5401bbd93e0db860b7986b4189291f2d56d0d4a3e49c7d9dd4a97e
4b39caec1f495c3bc9c1e8b5809c065ba6e6d1c5f9f4f6ec7afb775c2c5618ad
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fc91213e621f2777cd3b6dbe9233d94573bfee381d41f1d21683767dd9d8ad5
5273296fe3bf7de7a8a3e91d887085df23af6452519e0b654aeb712aa5d0df95
52beb53d2647f1a170c3a56281f1455af00b2871456999852eb9016f5cdd828b
533d159a3d51e9ae8805648c4b9178f8a34eeb3d69114134ea62a79879108a11
559557cb7ffaa9f44c50804ece32002204dc1ea5d656f2da7f629269e0ccbfeb
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5906bb26408d8f617253d410ed11f892c705c7f000d4251f6d5c8873996f4449
5b273a2cbad2b17232ab8fc91092e8f3814a34367e7b12c6c1660d9dabc0364c
5b50180d19361f6fe64b58067f1a933a07fe538c8d88c81497076713b2872957
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d8b7c0f5d23092ad2a42085c7602c79b7680d9055acdb1a63ef306d0a97faee
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63a3cb9e5befb5a36eb619eebec62aed649d3ad8681dd3a1cb9b69aecfabcbbf
6d9ed9d38f6ab0d2b9f6701408f6682710e453d4f57ebe6f7e8e2446ae556eb1
6f99be0a0934edfff4d3e576b8eb81c4bc5bd144162d81785bfd7924d0b44a04
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
828cb0cf3ac5ed159eb23d54bec097f1b3f0338c9d5d4fb4b180bd5b6b1041e2
8a214c9689cdd24b18575bac13e16b0f7219444ca8f4dde1cc8d8244ec6b1647
8a21e1fd591c4181eb0d8acc51ea9efc38891ebb97db7049dfb07b95295c5fd8
8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93
91360e22a20207901727875cdda97dabfdb7b223deb27489a0303685aa6a46da
97ce841dfb47028c86b2eddfaafbe3cb8d1bea0e2cd397ebbfe8d43aa87e1e87
9a5e5814e12b14dadac29b38a6af35f90ea37c425ab9245c139bc413ebd6fba4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f06c5a5a26eed51ed7c0d94bd7bdb822cc503c1e619b463377c44e114e2ca5c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a99a9882d80867a257f670dc96c9874e5a5c24ff7bf44c1e783aa43142c75924
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec
ae625e9e6b3122d32b8d11214bd5cc002949da0c906f9418053f6a23a821ec5c
b0dd411f02f5b629666261dc8dd9ac72bef9d6fb1fbacddb4463919343734e28
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bcb416a32b720816407fb7a3d0d963bbe8bb1d9c6d1090956bd65ecf3431ed0b
bd800099301c407eb15387c442d63a0af01cd6b864614322445430d8407e47b4
bdc9807677bc59e23c0163d10c63e10e9eea81871430fe1a7edc405cdfc71e7c
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c3538f257c3e6a3b2d13ead83c63037532acf376f638be8fa0accc69b4d30f1a
c3ba612b39b9f656b7599f5e53b4c93745c1cb517cecd3c1abdca695a2a6cba4
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c553ef7271334af93285181e0b891ecc964712f12d02af54ecee9c58354c71e6
c5e5e9dfadca62fad68e47b8bfada5fb00353b4272f3277899411b1d23ac0bf8
cdb3e11f4477214017d758f5693f4a5553b88f3bf108147fc3bf32c997371857
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d865e6cb4d5d5b8bb0550076ddd90d5be2f8979de726912df63ddf59fca7c91f
d9c6f8dbb79322896f6f36ad8e9e7bffe92857cf66c40bed743f317c21b5849f
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
dab7290ebc90b7ed3068b2921bf51e026225ad48e7b398b12321d036d340a458
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e571a2adfb7928e9adccdab27f10b7bca469ea37929c9c43ca20e557a7734532
e5af26d9f7c9155949a316913d13ad8ef9d65c134d34c554b5d9dc3cd3b35af4
e5df3b8e78e930469f4267a3633abe5380f42971602f5a544919c2e29af2d688
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f137c9a3e63261fb7a3169cfa35d2220645b476a7e05126f63e7f642087e9f52
f171e3d7c476bdb98ee62ce74805e276133f4de1a4903bf0e30c2f1c3c5d5a32
f1762e23a11649d1b192b98ca96ca28a312e586d05069f4ed68d1194c6c92fec
f4a8b57e3acfc8fce334abc09045cde29541bfd2bf806dd9712a5830bff730dc
f599aefbfabdfe52cc2ad3ed7db44f24b715b50c263438c4cd7818f728f51073
fadb46ae77ea4d4410f6989d15c29991bd304afe45dda9d526b6b5b852c6ecff
fb7df0952620e33552c48188cd5877e0c9661c4c0a05a6e87f41af2c9a320a05
fc88580a590cde4632c65373bc5186b179f04c359fe99c665a18b6f85f6b7fa5
fece609132179152484c9592c0cad0b32ea746fd41546306a38b8556b82d2fb5
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.kredyty-lokaty-konta.pl Open in urlscan Pro 195.242.116.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

130 Requests

98 %HTTPS

0 %IPv6

24 Domains

34 Subdomains

26 IPs

7 Countries

1599 kBTransfer

3854 kBSize

22 Cookies

17 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kredyty-lokaty-konta.pl Open in urlscan Pro
195.242.116.4 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

98 %
HTTPS

0 %
IPv6

24
Domains

34
Subdomains

26
IPs

7
Countries

1599 kB
Transfer

3854 kB
Size

22
Cookies

130 HTTP transactions
4 data transactions