urlscan.io logo urlscan.io
SecurityTrails logo

winxblogger.pl Open in urlscan Pro
195.201.174.119  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://winxblogger.pl/
Effective URL: http://winxblogger.pl/news.php
Submission: On November 23 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 22 domains to perform 195 HTTP transactions. The main IP is 195.201.174.119, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is winxblogger.pl.
This is the only time winxblogger.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 39 195.201.174.119 24940 (HETZNER-AS)
2 172.217.16.200 15169 (GOOGLE)
3 142.250.186.164 15169 (GOOGLE)
30 142.250.184.226 15169 (GOOGLE)
13 172.217.18.97 15169 (GOOGLE)
2 5 172.217.18.14 15169 (GOOGLE)
1 172.217.18.3 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
2 74.125.206.157 15169 (GOOGLE)
15 142.250.186.34 15169 (GOOGLE)
23 142.250.184.193 15169 (GOOGLE)
2 142.250.185.202 15169 (GOOGLE)
4 142.250.186.162 15169 (GOOGLE)
10 142.250.186.70 15169 (GOOGLE)
10 16 142.250.186.66 15169 (GOOGLE)
6 12 104.18.36.155 13335 (CLOUDFLAR...)
9 12 37.252.171.85 29990 (ASN-APPNEX)
2 142.250.185.106 15169 (GOOGLE)
1 4 37.157.4.29 198622 (ADFORM)
4 142.250.186.38 15169 (GOOGLE)
3 37.157.6.235 198622 (ADFORM)
4 216.58.212.195 15169 (GOOGLE)
2 74.125.108.138 15169 (GOOGLE)
1 3.64.253.16 16509 (AMAZON-02)
1 2 46.228.164.11 56396 (AMOBEE)
1 64.158.223.140 41041 (VCLK-EU-SE)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 15.197.193.217 16509 (AMAZON-02)
1 18.195.149.147 16509 (AMAZON-02)
1 1 51.89.9.254 16276 (OVH)
195 30
39    195.201.174.119 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s1.fan-strefa.pl
winxblogger.pl
2    172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f8.1e100.net
www.googletagmanager.com
3    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
30    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
13    172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f1.1e100.net
1.bp.blogspot.com
blogger.googleusercontent.com
5    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net
www.google-analytics.com
gcdn.2mdn.net
1    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
www.gstatic.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    74.125.206.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
stats.g.doubleclick.net
bid.g.doubleclick.net
15    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
23    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googletagservices.com
10    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
s0.2mdn.net
16    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
12    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
12    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
imasdk.googleapis.com
4    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
c1.adform.net
4    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
3    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
4    216.58.212.195 (United States)

ASN15169 (GOOGLE, US)
PTR: ams16s21-in-f195.1e100.net
csi.gstatic.com
2    74.125.108.138 (United States)

ASN15169 (GOOGLE, US)
PTR: waw07s04-in-f10.1e100.net
r5---sn-f5f7kn7z.c.2mdn.net
1    3.64.253.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-253-16.eu-central-1.compute.amazonaws.com
system360.inistrack.net
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float2.dotomi.com
dclk-match.dotomi.com
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    18.195.149.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-147.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
Apex Domain
Subdomains		 Transfer
53 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
551 KB
39 winxblogger.pl
winxblogger.pl
754 KB
37 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net — Cisco Umbrella Rank: 154
bid.g.doubleclick.net — Cisco Umbrella Rank: 802
179 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1173
r5---sn-f5f7kn7z.c.2mdn.net — Cisco Umbrella Rank: 818739
440 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
9 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
6 KB
12 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12682
1 MB
7 adform.net
track.adform.net — Cisco Umbrella Rank: 4256
s1.adform.net — Cisco Umbrella Rank: 9253
c1.adform.net — Cisco Umbrella Rank: 599
101 KB
5 gstatic.com
www.gstatic.com
csi.gstatic.com
189 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
38 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
255 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
136 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
r.turn.com — Cisco Umbrella Rank: 4121
869 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
145 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
444 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
146 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
149 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
104 B
1 inistrack.net
system360.inistrack.net — Cisco Umbrella Rank: 539288
691 B
1 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 11116
20 KB
195 22
Domain Requested by
39 winxblogger.pl 1 redirects winxblogger.pl
30 pagead2.googlesyndication.com winxblogger.pl
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
23 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
winxblogger.pl
tpc.googlesyndication.com
imasdk.googleapis.com
16 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
winxblogger.pl
googleads.g.doubleclick.net
12 ib.adnxs.com 9 redirects googleads.g.doubleclick.net
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
12 blogger.googleusercontent.com winxblogger.pl
10 s0.2mdn.net googleads.g.doubleclick.net
winxblogger.pl
s0.2mdn.net
4 csi.gstatic.com imasdk.googleapis.com
4 ad.doubleclick.net winxblogger.pl
4 www.googletagservices.com winxblogger.pl
googleads.g.doubleclick.net
4 www.google-analytics.com 1 redirects www.googletagmanager.com
winxblogger.pl
www.google-analytics.com
3 s1.adform.net track.adform.net
s1.adform.net
googleads.g.doubleclick.net
3 track.adform.net googleads.g.doubleclick.net
s1.adform.net
3 www.google.com winxblogger.pl
tpc.googlesyndication.com
googleads.g.doubleclick.net
2 r5---sn-f5f7kn7z.c.2mdn.net
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.googletagmanager.com winxblogger.pl
www.googletagmanager.com
1 onetag-sys.com 1 redirects
1 c1.adform.net 1 redirects
1 x.bidswitch.net googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 r.turn.com
1 ad.turn.com 1 redirects
1 system360.inistrack.net googleads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 stats.g.doubleclick.net winxblogger.pl
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 1.bp.blogspot.com winxblogger.pl
195 36
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
winxblogger.pl
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
system360.inistrack.net
Amazon RSA 2048 M02		 2023-01-30 -
2024-02-28		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh

This page contains 28 frames:

Primary Page: http://winxblogger.pl/news.php
Frame ID: 57EF2C100350FC9AB1DC68F18EE0F1A0
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 603C02369B72A96732FC5C0690A1E78A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&adk=1812271804&adf=3025194257&lmt=1700739447&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&dt=1700739446730&bpp=6&bdt=632&idt=319&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6274079187665&frm=20&pv=2&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=346
Frame ID: E48AB85418BA77C7A18DE4B00980769F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=280&slotname=6350132348&adk=1712210303&adf=2653041513&pi=t.ma~as.6350132348&w=1200&fwrn=4&fwrnh=100&lmt=1700739447&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1700739446736&bpp=1&bdt=639&idt=349&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=18&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=354
Frame ID: AB252930DDC3D78F840C693311DC10C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Frame ID: 73A6278376E8AF06947D89D5D12721F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=240&adk=691050123&adf=2706482820&pi=t.aa~a.562853736~rp.4&w=172&fwrn=4&fwrnh=100&lmt=1700739447&rafmt=1&to=qs&pwprc=6132498753&format=172x240&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1700739447820&bpp=1&bdt=1722&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280%2C166x600&nras=3&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
Frame ID: 181B4165EE6F7CA3F8F270614A8728D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=250&adk=504623516&adf=1926020643&pi=t.aa~a.2581257609~rp.4&w=624&fwrn=1&fwrnh=100&lmt=1700739447&rafmt=1&to=qs&pwprc=6132498753&format=624x250&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700739447820&bpp=1&bdt=1722&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280%2C166x600%2C172x240&nras=4&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=487&ady=1492&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9
Frame ID: BD0524B31719D242A2723E6DCA1BC1DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=60&adk=4240398711&adf=1308169379&pi=t.aa~a.2581287352~rp.4&w=624&fwrn=1&fwrnh=100&lmt=1700739447&rafmt=1&to=qs&pwprc=6132498753&format=624x60&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700739447820&bpp=1&bdt=1722&idt=0&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280%2C166x600%2C172x240%2C624x250&nras=5&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=487&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=12
Frame ID: B580E7DD09975DDE6EECE505F06773B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 10223D6D41AD33854F8E02C5245CDCF6
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 206CE2B9581ED840D949E78D0C50C098
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 10543C24317A5E0F2A0C431FF7F9B4AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C1CB460A03305D94AA91626F313BC23C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNW0sgOLhhVDMQUh-vKjsg_XmckLzGGuNh0SCGeKw6P87EaBjspipO9cL3Xwlf3enTg7pkZ_ud8NSEuo73D5Kl_9yLe0Ary08A2PhvkCW0612jT-de_IcHXLVYSUGtwJIMZ_deDbuzV_b047mLT9l-EcpIawJIjdSGkC1puQ3xAY81Ccgs8
Frame ID: CA94F1B8ACBB04290CFE3744FC54976F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Frame ID: 37FC4DC2B62207D11C3D1D17F788379C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNWCwcCCbvzsPSRLssuzh9GxSGR9FjRBYWs0TS3x40ZeAy2maIzvhS0-Q3GzaLmNt6M9N524cPH8P81MGXS80uYF45Xz7qA-soOO9vMH5wjlktQ6z_ZMBJR7pCb6xXV7wU7z8t-tIaQI_Vr8BorF1sqxVxHDOc5XsuSbHVnffbcnvU8HgGA
Frame ID: 7F34AC7F12C8127A1106FC94AC1DA9FE
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/2960180833392817081
Frame ID: 2774DBA32D6864929C894CC530210640
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvUChCy1fGlBRjgmJz1ATAB&v=APEucNVXKv490PvTugSEoUQW2_MbRh2V_zrYMUD_-eI0uDZLADnRdQ8_keqppAVDafnWHEKex_BEB3x-npgu9KbQS1lmlXTl0I6yGg9VsGajyud9igvDrnJSsQhzpm6wOpLxzfoY_Xj8JX-af38sY8R_AGD5VwItaj8glpCXfXA8MvM4_bFAZ-A
Frame ID: 688C32E1B4108279194B69ECC97CACE3
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: F040E5AF4A32D218CDBBC36740061EFD
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 40AB925F7B0EC1D596E49AB8C75E8FF0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 932D82C750E406410C21F11542D81BDF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EBA6DF29BAD3C4F6518D0778D82DE425
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 62E739925D3013D136E8ACAFA8F65EB7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Frame ID: 08085538FD24A26A0BDC44AB8A8C855B
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1D72E915A3BCC9381E3F6D66A0B7A197
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=69667956;rtbwp=ZV85dwAN9hcA-RP_AAXwF1W-41-7SXv-wItyMw;rtbdata=2uP2OEcU20IXDiq9JehIZX6PbI7G9XcO1-HDow43qYUMggRtXgRkLA6lzVbaIVSCnOLbdqyZz5sEsZ50j4vUJs8GvgRGt4CIi0DyJp1arwfK7ffrV4Rm-ccdOlpPtcEMsJNjdPi-S2AdXuzj-rsOrjzzdKl4Qviis63S34FvOmnzbRMUozWjDaeoa6EBuBrqcso7vQ5pGPepf_xMbeNyoIwbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Clv3edzlfZZfsN_-n5LcPl-CXYMSzoJRcvtC4heUCwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU2MDYzMjczNjQ4MzcwNzHIAQmpAlp3KTsNpYM-qAMByAMCqgTQAU_QTq2Qn-K-RRlQAQ8qKipygKXpbyoQP3I19akcmzVN4IZWyKLcRvRZ1AEL7O1IEBQ5C3scYbVReXsNwHywRy2OYfe9VTwzbBf8afHK5lO_w4CB2OKXxEjcTyAEynSQK0Ph-zatDTmA3MP7JqQm0fdypuAwibrDirU1iTPe4IxUU_gESqLdIwPAJLxFSHa8TL4zz29-tWiwNlEXKNpSK5LlD6ENzeTtJd8H2eCNr9MItnTFrHObYgHTVamJMXVWuIFeNGPskYEDua5TZHnqcA-ABqLFiuLWyoXyQaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_1_DQOsva_nW2TlImeTH6SLewiBig&client=ca-pub-5606327364837071&adurl=
Frame ID: 72203127AE4C6C69D33D182F0C5013B8
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
Frame ID: 66C480B1255C5CF1D1B50ACE6CD24BAF
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AC07F50AB981C45A4C386CA9BD52B58E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B9C592857382222B264A9E244D6B06B2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Twoje zrodlo informacji i zabawy z Winx Club

Page URL History Show full URLs

  1. http://winxblogger.pl/ HTTP 302
    http://winxblogger.pl/news.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:_base/js/base|wink).*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

195
Requests

84 %
HTTPS

0 %
IPv6

22
Domains

36
Subdomains

30
IPs

6
Countries

4195 kB
Transfer

8054 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://winxblogger.pl/ HTTP 302
    http://winxblogger.pl/news.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 61
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=908447836&utmhn=winxblogger.pl&utmcs=ISO-8859-2&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Twoje%20zrodlo%20informacji%20i%20zabawy%20z%20Winx%20Club&utmhid=1605583620&utmr=-&utmp=%2Fnews.php&utmht=1700739446674&utmac=UA-18032722-1&utmcc=__utma%3D1.480901588.1700739447.1700739447.1700739447.1%3B%2B__utmz%3D1.1700739447.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=928653159&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=908447836&utmhn=winxblogger.pl&utmcs=ISO-8859-2&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Twoje%20zrodlo%20informacji%20i%20zabawy%20z%20Winx%20Club&utmhid=1605583620&utmr=-&utmp=%2Fnews.php&utmht=1700739446674&utmac=UA-18032722-1&utmcc=__utma%3D1.480901588.1700739447.1700739447.1700739447.1%3B%2B__utmz%3D1.1700739447.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=928653159&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18032722-1&cid=480901588.1700739447&jid=928653159&_v=5.7.2&z=908447836
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJw2N6rej5hYm0HqCqQ81e4&google_cver=1
Request Chain 115
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV85eExfwHXcDABW8E-bgAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMHaBkB_gnA6uhBzzLKaac8&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMHaBkB_gnA6uhBzzLKaac8%26google_cver%3D1
Request Chain 117
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NzMyOTcwMDYyMTM3OTYwNA%3D%3D
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUdiukg0usFpql5YOvakCg&google_cver=1
Request Chain 121
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV85eCNxT15T1nBMHODt9QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMbi6VhQzYHTgzVLrH3J7Es&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMbi6VhQzYHTgzVLrH3J7Es%26google_cver%3D1
Request Chain 123
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0NTgxOTIzMTUzNzI0ODA1OA%3D%3D
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMjrT_Zeq96hz5W99XHuvxs&google_cver=1
Request Chain 132
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV85eCNxT15T1nBMHODt9QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
Request Chain 133
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENogqmg7Vp09KCBsNXsKzdQ&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENogqmg7Vp09KCBsNXsKzdQ%26google_cver%3D1
Request Chain 134
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NzMyOTcwMDYyMTM3OTYwNA%3D%3D
Request Chain 167
  • https://gcdn.2mdn.net/videoplayback/id/93442e4ad872fcd1/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732275448/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8952591F707C9DEA68B925B171ED8A45C2CA80CB.94D778B10F9DDC4869B6143263E8984743EB11AA/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-f5f7kn7z.c.2mdn.net/videoplayback/id/93442e4ad872fcd1/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732275448/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7ED09004F35836AE5131C646AA245133656C1FF8.24D6262ADC3F8F4A3CCABE3126F498D0D42F86BA/key/cms1/cms_redirect/yes/mh/2Y/mip/176.67.86.82/mm/42/mn/sn-f5f7kn7z/ms/onc/mt/1700739047/mv/u/mvi/5/pl/24/file/file.mp4
Request Chain 177
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENqAri-kr1_PRt9M7igbjII&google_cver=1&google_push=AXcoOmRJjlKbTmgdEdqWNQSeUU-QxdKtyduWySJV5F_9OVuZEyVdVmPub-uHIUnEmMg_TqGwFfMEjwT155kdzXfGfBgDCwsWO9GUm1Qd0LieHdUBgXQ-aJrpUoDRtpo7u1pb4bj83Tf_2-Bs_Ce3KpX6AtaU3Ng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzU4NTgzODYwNTQyNjI2NjIyMw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1YWkcpldrLlq8pLNS5sk0&google_cver=1
Request Chain 179
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMsaItrg3ImnCaSuwTz0Bls&google_cver=1&google_push=AXcoOmRgL7605uVgkrzkM1RzZjrbVymDVvUTh9y78jDZWH57I4N_tQddsuRaKkvrHfNY2EoquzokEqXwY_V2XwJIJWgHztvGHHDHzlZdxTTPYu2WWZJAyKc5MtsPC8iK1j5pWM8W-W-EdDGrCjuOeqNp1QlC1jg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRgL7605uVgkrzkM1RzZjrbVymDVvUTh9y78jDZWH57I4N_tQddsuRaKkvrHfNY2EoquzokEqXwY_V2XwJIJWgHztvGHHDHzlZdxTTPYu2WWZJAyKc5MtsPC8iK1j5pWM8W-W-EdDGrCjuOeqNp1QlC1jg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMsaItrg3ImnCaSuwTz0Bls&google_cver=1&google_push=AXcoOmRgL7605uVgkrzkM1RzZjrbVymDVvUTh9y78jDZWH57I4N_tQddsuRaKkvrHfNY2EoquzokEqXwY_V2XwJIJWgHztvGHHDHzlZdxTTPYu2WWZJAyKc5MtsPC8iK1j5pWM8W-W-EdDGrCjuOeqNp1QlC1jg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRgL7605uVgkrzkM1RzZjrbVymDVvUTh9y78jDZWH57I4N_tQddsuRaKkvrHfNY2EoquzokEqXwY_V2XwJIJWgHztvGHHDHzlZdxTTPYu2WWZJAyKc5MtsPC8iK1j5pWM8W-W-EdDGrCjuOeqNp1QlC1jg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 182
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEpL1ApZEn0zUM8_uG-oXCw&google_cver=1&google_push=AXcoOmSbzfk1qCsBSIyGohZlSJwo9DXwjPlShEfm_7zAPQCou6oXwESPPWnVrQniq7eFZRpMtZYXoxc6duyqrI7Y2gWYMwyb2ZIs5BTkf20EHGeHqnRtfEgaqMiIfwGfYzF1B1_mq6eN0izssH7AF6mLZjcVEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzMjk2NzI4MzA5NTYwMDc0NA&google_push=AXcoOmSbzfk1qCsBSIyGohZlSJwo9DXwjPlShEfm_7zAPQCou6oXwESPPWnVrQniq7eFZRpMtZYXoxc6duyqrI7Y2gWYMwyb2ZIs5BTkf20EHGeHqnRtfEgaqMiIfwGfYzF1B1_mq6eN0izssH7AF6mLZjcVEA
Request Chain 183
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEGWaQtmcmkxdNtfsgf8Dzc&google_cver=1&google_push=AXcoOmR1A1szZ84XvN23opUYERynG-48ffPeaBq0-S_An_gq0QdoXxgqnoKdT8Sb6QMb_LWIRS-3bMkC6GH6uEO0aJiDdBd9A3I8IN_H4CmEWKF65vNA3-PAohxxBTkH6NfmbzrEPNZkCsZVce4zpMvbjjWjvQ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR1A1szZ84XvN23opUYERynG-48ffPeaBq0-S_An_gq0QdoXxgqnoKdT8Sb6QMb_LWIRS-3bMkC6GH6uEO0aJiDdBd9A3I8IN_H4CmEWKF65vNA3-PAohxxBTkH6NfmbzrEPNZkCsZVce4zpMvbjjWjvQ0

195 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request news.php
winxblogger.pl/
Redirect Chain
  • http://winxblogger.pl/
  • http://winxblogger.pl/news.php
61 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://winxblogger.pl/news.php
Protocol
HTTP/1.1
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx / PHP/5.6.40
Resource Hash
12a9f18acd28472457adff45ab9aceeb6fcca9a135fc2b86d40948c57a67450d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
15573
Content-Type
text/html; charset=iso-8859-2
Date
Thu, 23 Nov 2023 11:37:26 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/5.6.40

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
342
Content-Type
text/html; charset=iso-8859-2
Date
Thu, 23 Nov 2023 11:37:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
news.php
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/5.6.40
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-133674826-1
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
03ad59358ef2b84eb761dd53f1f833f6c38e4133d400696d865c5a919e5b1cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68728
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Nov 2023 11:37:26 GMT
bootstrap-grid.min.css
winxblogger.pl/includes/bootstrap/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/includes/bootstrap/bootstrap-grid.min.css
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
b5ca4fc54dabc860359194ae4625220d008444d0e10d72339dc190aa5e312839

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2017 21:35:53 GMT
server
nginx
etag
W/"59efb239-8798"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
styles.css
winxblogger.pl/themes/wow/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/themes/wow/styles.css?v=20210509010928
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
2d469de1cd51429c908aaa4331848c64a24eac62b627fde52bb36297bf4925b8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 23:09:28 GMT
server
nginx
etag
W/"60971a28-38d5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
lightbox.min.css
winxblogger.pl/includes/lightbox/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/includes/lightbox/css/lightbox.min.css
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
5595963bca2af38bc8e44b3447f2fbe26d3d552b151e0d2cba04530609cf6676

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Tue, 22 Mar 2016 17:54:33 GMT
server
nginx
etag
W/"56f186d9-af0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
styles.min.css
winxblogger.pl/infusions/sb_panel/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/infusions/sb_panel/css/styles.min.css
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
3fd44c0e160a006d47adff4203edebcc447c3f7493a5d6dd9152f173def605ae

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Sat, 26 Nov 2016 12:06:56 GMT
server
nginx
etag
W/"58397ae0-37d0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
modernizr-custom.js
winxblogger.pl/includes/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/includes/modernizr-custom.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
edd26c3dc592bc41c44c85a9ff73d725406c7fe3d9a971c84ebf29c89f12abf5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Sun, 29 Oct 2017 16:34:52 GMT
server
nginx
etag
W/"59f6032c-6c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
jquery-2.1.4.min.js
winxblogger.pl/includes/ 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/includes/jquery-2.1.4.min.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Wed, 06 Jan 2016 18:05:25 GMT
server
nginx
etag
W/"568d5765-14979"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
jscript.js
winxblogger.pl/includes/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/includes/jscript.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
1ce670159ecf00c9471c1c44536894d1909dcaf84ba99a49b03663cad12d2483

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Wed, 22 Feb 2012 23:00:00 GMT
server
nginx
etag
W/"4f457370-1371"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
png-hack.js
winxblogger.pl/includes/ 		1 KB
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/includes/png-hack.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
d49583241cf039c23e97c81cf2a34b307281e02431fb4537951c60347ce3d88f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Mon, 07 May 2012 22:00:00 GMT
server
nginx
etag
W/"4fa845e0-424"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
ad97836f732309bb3257c0d126b8f86c38134d7804938c6f0b4cc61eeaffd99c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 11:37:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5606327364837071
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
cbc83abcada9ec38b17218c387fc8fe5167fc90bb4d6a7f6ea6934a4ba768fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Origin
http://winxblogger.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53063
x-xss-protection
0
server
cafe
etag
7062663568501071136
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 23 Nov 2023 11:37:26 GMT
dhtmltooltip.js
winxblogger.pl/includes/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/includes/dhtmltooltip.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
7073208a0d6da775cdd2bd1aa02a9055b30e1135b135e58bf8731d76b5aefccd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Mon, 07 May 2012 22:00:00 GMT
server
nginx
etag
W/"4fa845e0-a84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
header_background.jpg
winxblogger.pl/themes/wow/ 		268 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/themes/wow/header_background.jpg
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
ccf90ef3e1ecae3a2fd54bfa61d9d277107e9e747c18664f2d5327c05c332d1f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Fri, 08 Mar 2019 11:12:17 GMT
server
nginx
etag
"5c824e11-43053"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
274515
expires
Fri, 22 Nov 2024 11:37:26 GMT
bullet.gif
winxblogger.pl/themes/wow/images/ 		51 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/themes/wow/images/bullet.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
22e607b23b395e7e219814b750c211523b1787ce05ffc0b9e92a8c152fccd24b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Fri, 08 Mar 2019 11:12:34 GMT
server
nginx
x-accel-version
0.01
etag
"33-583934cb6d620"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
51
expires
Fri, 22 Nov 2024 11:37:26 GMT
wesprzyjWB.png
1.bp.blogspot.com/-ij6DU2Ez6X8/X9olsw3otVI/AAAAAAAAD-Q/vYNoToLM59w8N3qOxj-JvI588UXZUPf5QCLcBGAsYHQ/s160/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ij6DU2Ez6X8/X9olsw3otVI/AAAAAAAAD-Q/vYNoToLM59w8N3qOxj-JvI588UXZUPf5QCLcBGAsYHQ/s160/wesprzyjWB.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
13d8f1eb962cc2e1d74a42e1a849f771e47485c43ef7bd40fce77e35659f475b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"vfe5"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="wesprzyjWB.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20244
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
foldernew.gif
winxblogger.pl/themes/wow/forum/ 		1016 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://winxblogger.pl/themes/wow/forum/foldernew.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
HTTP/1.1
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
6f3a7d1043bb0e537165a5afc802540648b2306512b30bd2d5e996f709d9e6c0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/news.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 11:37:26 GMT
Last-Modified
Fri, 08 Mar 2019 11:12:29 GMT
Server
nginx
X-Accel-Version
0.01
ETag
"3f8-583934c72eb95"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1016
Expires
Fri, 22 Nov 2024 11:37:26 GMT
baner.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-NuaxXdKqlAbPbXbYescCZUO3oIJ04KMQ2KSIlZJ_dgGgxH19HqZsOWDx9iwWJungJNnELb4eXW4dxG_ZXn2axpjBdmFIDvleJ88BTZM_U4KgQTvlwCU99Nakr4RbS3934kJzqcRiAbe9nCzJ... 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-NuaxXdKqlAbPbXbYescCZUO3oIJ04KMQ2KSIlZJ_dgGgxH19HqZsOWDx9iwWJungJNnELb4eXW4dxG_ZXn2axpjBdmFIDvleJ88BTZM_U4KgQTvlwCU99Nakr4RbS3934kJzqcRiAbe9nCzJBZBJr6j_0TE0N3MRQCtJmtZKvJVAz1m4xN7uGjXu24s/s410/baner.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
b2db252474ffe030a6092cc60010b934a7ecff1c8e48312b46919d78a41cd29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v34ef"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="baner.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140556
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
dodal.gif
winxblogger.pl/themes/wow/images/ 		71 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/themes/wow/images/dodal.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
fc4ab1568eb006230c29a132d2d34ee81d00b88168fbc9a4e51eb8e98829fc17

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Fri, 08 Mar 2019 11:12:35 GMT
server
nginx
x-accel-version
0.01
etag
"47-583934cd05d37"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
71
expires
Fri, 22 Nov 2024 11:37:26 GMT
fate2.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWjVadieT6T5QPP_piHIiCD3n9rTke7Mk5XzQw9y3Q3Ff2EH3MjoNuySiQuGiG74Krqi8MrnJKo4QjjE0oGAGEfIzY4i7wLg6Od9-eqpKjMPcEIQHIdlX3rBOUnlu5LzCUapOeybJDOZfxn6BJ... 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWjVadieT6T5QPP_piHIiCD3n9rTke7Mk5XzQw9y3Q3Ff2EH3MjoNuySiQuGiG74Krqi8MrnJKo4QjjE0oGAGEfIzY4i7wLg6Od9-eqpKjMPcEIQHIdlX3rBOUnlu5LzCUapOeybJDOZfxn6BJABQmLmuZa4Gy1OA_a-Vj-WYy4XJtpDzgOOF3ywsrbD4/s410/fate2.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
66e230ecb484909ae191a9deb540f0fe77093eb0b3cbcf01f24c9d0e032b9e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v34ec"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="fate2.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128954
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
komiks4.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBJ1XeIB_kInCQA5zZTmJAU793BrdS_HssoseEM7DJnRt9p6DeXVoW7yIJ9fFIvyVTgLHuEk2A_iuxt3qzE6t8XQgID8uhjJ4gO2o5vIvX4kf6OZN3iauo6IkNMejQzKAFae-tWb4wO7mqK3NM... 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBJ1XeIB_kInCQA5zZTmJAU793BrdS_HssoseEM7DJnRt9p6DeXVoW7yIJ9fFIvyVTgLHuEk2A_iuxt3qzE6t8XQgID8uhjJ4gO2o5vIvX4kf6OZN3iauo6IkNMejQzKAFae-tWb4wO7mqK3NMPTSHM2j96YZCPvjJ08sL182AYb41w1PIiqQ_BhDpLAI/s410/komiks4.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
34e7750a5f9a4ecf6f29de266511eb555ebb09bcc15a3e6c9ff3717f5a07eaf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v34de"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="komiks4.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128175
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
b4.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9p1zJ7RJh7WuHYelI3JYvujBroq7eLMVGXGWMLLCxKXaNQdE7FmnY9yFtK8AHkn9AKZMIIPv5zh4uExVMYmQdqoERjZzQRxcXFQkeAGjdAIOnl8K9Y5Vp3MvDaBlGlR_RGowusgIfDLB6F2jE... 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9p1zJ7RJh7WuHYelI3JYvujBroq7eLMVGXGWMLLCxKXaNQdE7FmnY9yFtK8AHkn9AKZMIIPv5zh4uExVMYmQdqoERjZzQRxcXFQkeAGjdAIOnl8K9Y5Vp3MvDaBlGlR_RGowusgIfDLB6F2jEtWa889cdEWDWt21kC0wW50UKmuzOWxwRMKEruFDazFk/s410/b4.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
c5c7ca20a5c578c510bc08e79862173bffb1062f7481ce7ce0dc894b33a3be10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v34d8"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="b4.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116438
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
b3.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOcltc1Q5X5cXB1mCMr4QpjHBfzdSZUC5Yhp68KfROwNSFkcdSAwOP0V7dOmVYUMV31PeD3MELWa66TYE47yoVg-bnie6n4ZmRsRZ60ceNJF2REJKTnsWj9om5BM7orrRw_ZGWAzLDR8zJwEiM... 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOcltc1Q5X5cXB1mCMr4QpjHBfzdSZUC5Yhp68KfROwNSFkcdSAwOP0V7dOmVYUMV31PeD3MELWa66TYE47yoVg-bnie6n4ZmRsRZ60ceNJF2REJKTnsWj9om5BM7orrRw_ZGWAzLDR8zJwEiMSIqwV6g2Mk8nbBy5NbSikVrMcnGpI8dKMMtCjdHrS5E/s410/b3.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
c06ffe50c5e0817d297f5aea110832622f6dcb57aeb6ff892b5f1c0a6400da6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v34d4"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="b3.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126343
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
20lat.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglvbE95R9dG_g5Ml4EzOkxSOUtnfeHoXZuBKmTkGdBe-97S9ccoMxVfnNeMcH6HhINLmkihGYMKyMX36QWCt3T2Zb5lVl8hiUfNl_apB2b4dHCt3bCJToKRn9mpeSiaTvC2hDsrqNJpB6RVi1l... 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglvbE95R9dG_g5Ml4EzOkxSOUtnfeHoXZuBKmTkGdBe-97S9ccoMxVfnNeMcH6HhINLmkihGYMKyMX36QWCt3T2Zb5lVl8hiUfNl_apB2b4dHCt3bCJToKRn9mpeSiaTvC2hDsrqNJpB6RVi1l3M_CFQZFPtW72hHDA0wMZjfkelHqzIMipz9vRY94FTM/s410/20lat.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
353b509a6357da78789a963c887a87a65b3b4e714ac56f8f5d693977f06d228a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v34c3"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="20lat.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131490
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
sirenix.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWKHGtJvVXJvJcoT1jhPT37OyuaeAl48w4Vm4SF_vnn-hSMbeUV59bREYtfyJldLDZVPcRNkycqqYTp6Kxdb00rBT8KhO6mtX-IaMKel_-NbzkD1YA1y__LrRCWRUip9LshGcH0Yh7R0jhCG2k... 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWKHGtJvVXJvJcoT1jhPT37OyuaeAl48w4Vm4SF_vnn-hSMbeUV59bREYtfyJldLDZVPcRNkycqqYTp6Kxdb00rBT8KhO6mtX-IaMKel_-NbzkD1YA1y__LrRCWRUip9LshGcH0Yh7R0jhCG2kLQ3BIbPy14KxC3bGeLQDu037Zkbfi4UrOMJ2gDB6aao/s410/sirenix.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
0fd984f26a896378ce481599662d1cce07efd2ef7cfb51264bb027521beab1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v34c1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="sirenix.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130500
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
iginio.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggLBM0tpc1VYRwO9g0y5goOKVJX4KZhnsTLL0SQWT02GQDbW9Z6JFEutZGNP4q09XYywv7RFyawdYuNxCE0rtu-J8I77S0_hiXGv5o773jXJI4BDebmH9bOmhOaopR6KQJoBO6o1y4wptctMee... 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggLBM0tpc1VYRwO9g0y5goOKVJX4KZhnsTLL0SQWT02GQDbW9Z6JFEutZGNP4q09XYywv7RFyawdYuNxCE0rtu-J8I77S0_hiXGv5o773jXJI4BDebmH9bOmhOaopR6KQJoBO6o1y4wptctMeeO1SpogSxuqh2O_9hzL1ODZPBlbsgFEr6QZjZMhZTlfQ/s410/iginio.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
5d5adb1a0d5db7f3c4ad9ebb6333cdeedea9350b958b58ab5e9ee1af1cb1f277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v34b0"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="iginio.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120155
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
mythix.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUsuJtn9TNbGV-Wb3DeL68p7xReItwxz7tuvaaCjaMabrsQGptQGCE7N9OZEai9Emf4pHGwy_zI4WUDRe0ZdV2rLP0OE8fJjEct8iS1dvoS4qwjX5iEu3zJtxWdy25628v9sucXV8siLXfUi_9... 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUsuJtn9TNbGV-Wb3DeL68p7xReItwxz7tuvaaCjaMabrsQGptQGCE7N9OZEai9Emf4pHGwy_zI4WUDRe0ZdV2rLP0OE8fJjEct8iS1dvoS4qwjX5iEu3zJtxWdy25628v9sucXV8siLXfUi_9qD0_I1Onmbhm8ro6ULyD6zTwJh9wOUInAOXGUqm_2u0/s410/mythix.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
98bb8344d1762e56654be781fa61925b24c6efdfd8bad6f13e9ac483427ae420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v34ac"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="mythix.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118162
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
anulowanie.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCHluwL16gvTXbn45ouuP0GtcGrr-KT0s6b8bklSXev3dSnVacf0LFxTQLP7uaNvPo-PJVxaG9am-2Iu3Bh4aEwd1RioYirf6nSRQSZCI8OnyGMNJqPbbk2zJU4fZi4jfo6gRyiukb39__wDs3... 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCHluwL16gvTXbn45ouuP0GtcGrr-KT0s6b8bklSXev3dSnVacf0LFxTQLP7uaNvPo-PJVxaG9am-2Iu3Bh4aEwd1RioYirf6nSRQSZCI8OnyGMNJqPbbk2zJU4fZi4jfo6gRyiukb39__wDs3Bx0dmauoYmJ4FUEJZmQhISZouBXh7OWwkwilLvJ1/s410/anulowanie.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
ab16af894679cd37654a6a445b386423ef407cd06e46b212ff41e3185537dda2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v33f7"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="anulowanie.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113269
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
rebot.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXvAxK3MADoRVguleSDUoRriTd-CbTz_7u_bUWwEmGI_v4rajQU9gzKkSVqjq7JdcmsD-xGsNiCGl4P2nMhQ0QPStvLUh4pkcd5CRQCiqFekqyYXuYGaNMY_N0Ud5eLzMgj8Rk4lqzRh3vTLay... 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXvAxK3MADoRVguleSDUoRriTd-CbTz_7u_bUWwEmGI_v4rajQU9gzKkSVqjq7JdcmsD-xGsNiCGl4P2nMhQ0QPStvLUh4pkcd5CRQCiqFekqyYXuYGaNMY_N0Ud5eLzMgj8Rk4lqzRh3vTLayYPrrEgpLWvu8s_9wPrYkS9UQdxkbVfOh_XRl2SzLBfc/s410/rebot.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
54f641410d1af33979705036863a34f565b6c92c5ce058edbb7b74adc542bcd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v349d"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="rebot.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133772
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
u.png
winxblogger.pl/infusions/user_info_panel/images/ 		741 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/infusions/user_info_panel/images/u.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
27a31183bf236e3d60f6cf71948dac650ab7323246ba7fdb6f72a7d2a422c652

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Mon, 07 May 2012 22:00:00 GMT
server
nginx
x-accel-version
0.01
etag
"2e5-4bf7964353800"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
741
expires
Fri, 22 Nov 2024 11:37:26 GMT
5.png
winxblogger.pl/infusions/user_info_panel/images/ 		612 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/infusions/user_info_panel/images/5.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
0f0ed284afcf94f728410e720ca9ac84107d90a676864c780b0a3ddd70d8e58b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Mon, 07 May 2012 22:00:00 GMT
server
nginx
x-accel-version
0.01
etag
"264-4bf7964353800"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
612
expires
Fri, 22 Nov 2024 11:37:26 GMT
discord.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWKVB_2c0q9a7ZXYgQQAZ-tH2mtuRt8jXLj9jEK9pkEYFU-Gbkg6uiD0lVJoccdT65yLqMYyQea_wSgGMC_f2jsAUTyfv5mVGKKgHVuDXin-TOaiWXBtqtGQkSg1OVkFQ7hXTuIufe3eB86uvY... 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWKVB_2c0q9a7ZXYgQQAZ-tH2mtuRt8jXLj9jEK9pkEYFU-Gbkg6uiD0lVJoccdT65yLqMYyQea_wSgGMC_f2jsAUTyfv5mVGKKgHVuDXin-TOaiWXBtqtGQkSg1OVkFQ7hXTuIufe3eB86uvYpWgy8Cc78s9MDXzbSSG9Nsv6Q_yRnmiAuHrokhO5DQ/s160/discord.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
fife /
Resource Hash
fdbc75fabcb2b0281c4758cf07d519669450673a959173d8dfa6fb250e8d9e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v11a7"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="discord.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23002
x-xss-protection
0
expires
Fri, 24 Nov 2023 11:37:26 GMT
jquery.nanoscroller.min.js
winxblogger.pl/infusions/sb_panel/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/infusions/sb_panel/js/jquery.nanoscroller.min.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
f46e8aea81be0e5d86904d49c8d3bf3d0353e51aa5e6f900a935d5c3b17e0b6b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Fri, 25 Nov 2016 17:45:10 GMT
server
nginx
etag
W/"583878a6-2897"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
autosize.min.js
winxblogger.pl/infusions/sb_panel/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/infusions/sb_panel/js/autosize.min.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
ad0f0ffdcd62a3c1918dd0e51b06f52be8941a74bd6702cf9708752a90bfd36c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Fri, 25 Nov 2016 17:45:10 GMT
server
nginx
etag
W/"583878a6-d5b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
ion.sound.min.js
winxblogger.pl/infusions/sb_panel/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/infusions/sb_panel/js/ion.sound.min.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
c8d8a3187542bd3eb4d28b763fbafc9a26ee9a87a8a87c606469eb07c6fe7fb0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Fri, 25 Nov 2016 17:45:10 GMT
server
nginx
etag
W/"583878a6-3210"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
dropzone.js
winxblogger.pl/infusions/sb_panel/js/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/infusions/sb_panel/js/dropzone.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
be75e383d4e92e15eea94d0e7153bbc7e0e947f1f5a427952cb49e43f23f494b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Fri, 25 Nov 2016 17:45:10 GMT
server
nginx
etag
W/"583878a6-fb90"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
facepalm2.gif
winxblogger.pl/images/smiley/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/images/smiley/facepalm2.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
afe13fdfe69ac42a4651d1bb9fcea96ff19915d8f3820861c2406367fc06f7a0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Mon, 02 May 2016 21:03:11 GMT
server
nginx
etag
"5727c08f-dbb"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3515
expires
Fri, 22 Nov 2024 11:37:26 GMT
cool.png
winxblogger.pl/images/smiley/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/images/smiley/cool.png
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
eaa8fd08caaf594d4e1aa390a51ef80046682b67a1b434be2358dc1770e470fa

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Thu, 24 May 2012 22:00:00 GMT
server
nginx
etag
"4fbeaf60-eb2"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3762
expires
Fri, 22 Nov 2024 11:37:26 GMT
mellow.gif
winxblogger.pl/images/smiley/ 		673 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/images/smiley/mellow.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
379f816d9ac3ac650af7ac86235f9453da85b6807e695c622609da3275f31aad

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Sun, 17 Jun 2012 22:00:00 GMT
server
nginx
x-accel-version
0.01
etag
"2a1-4c2b22bb39800"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
673
expires
Fri, 22 Nov 2024 11:37:26 GMT
naughty.gif
winxblogger.pl/images/smiley/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/images/smiley/naughty.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
5fd845b43b1b6af58cd1ac1d3b13f7159f4f84ad0a92b6bd969ab8a4dce3cc84

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Mon, 02 Jan 2012 23:00:00 GMT
server
nginx
x-accel-version
0.01
etag
"340-4b5938ac79c00"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
832
expires
Fri, 22 Nov 2024 11:37:26 GMT
wow.gif
winxblogger.pl/images/smiley/ 		806 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/images/smiley/wow.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
e7457de8d7c178427d41341fb21ad051a080f53ab863674e05aa8e2d01ebc65d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Fri, 25 Nov 2011 23:00:00 GMT
server
nginx
x-accel-version
0.01
etag
"326-4b2971ccf5c00"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
806
expires
Fri, 22 Nov 2024 11:37:26 GMT
default_gasp.gif
winxblogger.pl/images/smiley/ 		858 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/images/smiley/default_gasp.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
48aee36e61309b8ae577faf10f5c9c1a44bc88f54172b1ce387e33dd6baa068c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Fri, 29 Apr 2016 16:00:48 GMT
server
nginx
x-accel-version
0.01
etag
"35a-531a1bf07ac00"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
858
expires
Fri, 22 Nov 2024 11:37:26 GMT
msn-wink.gif
winxblogger.pl/images/smiley/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/images/smiley/msn-wink.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
b30f85c15d0504ea08eb20c6d0fc61481043ba4a3517292d813cc5aa7eb15caf

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Fri, 25 Nov 2011 23:00:00 GMT
server
nginx
etag
"4ed01df0-40b"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1035
expires
Fri, 22 Nov 2024 11:37:26 GMT
heart.gif
winxblogger.pl/images/smiley/ 		615 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/images/smiley/heart.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
9869b451dd0099492fac28d8cd828ede3521707a19d2322a1c0b7821404b468d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Fri, 25 Nov 2011 23:00:00 GMT
server
nginx
x-accel-version
0.01
etag
"267-4b2971ccf5c00"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
615
expires
Fri, 22 Nov 2024 11:37:26 GMT
ShoutboxLocale.js
winxblogger.pl/infusions/sb_panel/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/infusions/sb_panel/js/ShoutboxLocale.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
381206e52df7af68ee294e17f9207575a799d71137b450e016bffee224abd2c9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Sat, 26 Nov 2016 12:06:45 GMT
server
nginx
etag
W/"58397ad5-69d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
Shoutbox.min.js
winxblogger.pl/infusions/sb_panel/js/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/infusions/sb_panel/js/Shoutbox.min.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
781dc6873e6f9281ebb716328576e3bac657b0413d737a0257aad7d35476d121

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Wed, 12 Apr 2017 19:50:43 GMT
server
nginx
etag
W/"58ee8513-9328"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
pageup.gif
winxblogger.pl/themes/wow/images/ 		991 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/themes/wow/images/pageup.gif
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
7e47fe578a97f108f45f812f0887f44b35720249533f8eeb6fd051e29e2e9a50

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Fri, 08 Mar 2019 11:12:39 GMT
server
nginx
x-accel-version
0.01
etag
"3df-583934d0480bc"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
991
expires
Fri, 22 Nov 2024 11:37:26 GMT
lightbox.min.js
winxblogger.pl/includes/lightbox/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winxblogger.pl/includes/lightbox/js/lightbox.min.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
7f36de4455b10ca52ae3e585dc4cafd63851715da1ae3e4b2439f66ac045ebfd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
gzip
last-modified
Tue, 22 Mar 2016 17:54:40 GMT
server
nginx
etag
W/"56f186e0-2128"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sat, 23 Dec 2023 11:37:26 GMT
fallingsnow_v6.js
winxblogger.pl/includes/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://winxblogger.pl/includes/fallingsnow_v6.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
HTTP/1.1
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/news.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 11:37:26 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
js
www.googletagmanager.com/gtag/ 		217 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2F4DV29X49&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-133674826-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7d6ced7640648db3f5f10cd83d3f810d047aecba9480cf4eeaa09be2923c533f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79258
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 11:37:26 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-133674826-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 09:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6468
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 23 Nov 2023 11:49:38 GMT
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		469 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
36f4c116756db1f52c8dd899171aeddfd176016a61195ab5ee7b3d5954e9ee10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Origin
http://winxblogger.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 04:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192580
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 04:29:29 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 10:20:13 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4633
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 23 Nov 2023 12:20:13 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
header_background_thumb.jpg
winxblogger.pl/themes/wow/ 		342 KB
343 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/themes/wow/header_background_thumb.jpg
Requested by
Host: winxblogger.pl
URL: https://winxblogger.pl/themes/wow/styles.css?v=20210509010928
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
57b9998595d8313c2a4318dcdc17daa4efbfa60012af620f0d67a975d8f44e1e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://winxblogger.pl/themes/wow/styles.css?v=20210509010928
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Fri, 08 Mar 2019 11:58:00 GMT
server
nginx
etag
"5c8258c8-55939"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
350521
expires
Fri, 22 Nov 2024 11:37:26 GMT
prev.png
winxblogger.pl/includes/lightbox/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/includes/lightbox/images/prev.png
Requested by
Host: winxblogger.pl
URL: https://winxblogger.pl/includes/lightbox/css/lightbox.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://winxblogger.pl/includes/lightbox/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Tue, 22 Mar 2016 17:54:36 GMT
server
nginx
etag
"56f186dc-550"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1360
expires
Fri, 22 Nov 2024 11:37:26 GMT
next.png
winxblogger.pl/includes/lightbox/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/includes/lightbox/images/next.png
Requested by
Host: winxblogger.pl
URL: https://winxblogger.pl/includes/lightbox/css/lightbox.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://winxblogger.pl/includes/lightbox/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Tue, 22 Mar 2016 17:54:36 GMT
server
nginx
etag
"56f186dc-546"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1350
expires
Fri, 22 Nov 2024 11:37:26 GMT
loading.gif
winxblogger.pl/includes/lightbox/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/includes/lightbox/images/loading.gif
Requested by
Host: winxblogger.pl
URL: https://winxblogger.pl/includes/lightbox/css/lightbox.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://winxblogger.pl/includes/lightbox/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Tue, 22 Mar 2016 17:54:35 GMT
server
nginx
etag
"56f186db-211c"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8476
expires
Fri, 22 Nov 2024 11:37:26 GMT
close.png
winxblogger.pl/includes/lightbox/images/ 		280 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winxblogger.pl/includes/lightbox/images/close.png
Requested by
Host: winxblogger.pl
URL: https://winxblogger.pl/includes/lightbox/css/lightbox.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.174.119 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.fan-strefa.pl
Software
nginx /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://winxblogger.pl/includes/lightbox/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Tue, 22 Mar 2016 17:54:35 GMT
server
nginx
x-accel-version
0.01
etag
"118-52ea6e7fb2cc0"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
280
expires
Fri, 22 Nov 2024 11:37:26 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
water_droplet_3.mp3
winxblogger.pl/infusions/sb_panel/sounds/ 		0
0
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2F4DV29X49&gtm=45je3b81v9107362012&_p=1700739446200&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=480901588.1700739447&ul=en-us&sr=1600x1200&ir=1&_eu=EAAI&_s=1&sid=1700739446&sct=1&seg=0&dl=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&dt=Twoje%20zrodlo%20informacji%20i%20zabawy%20z%20Winx%20Club&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=766
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2F4DV29X49&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://winxblogger.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1605583620&t=pageview&_s=1&dl=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ul=en-us&de=ISO-8859-2&dt=Twoje%20zrodlo%20informacji%20i%20zabawy%20z%20Winx%20Club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1487154572&gjid=216733720&cid=480901588.1700739447&tid=UA-133674826-1&_gid=1105360163.1700739447&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=391369827
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://winxblogger.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://winxblogger.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=908447836&utmhn=winxblogger.pl&utmcs=ISO-8859-2&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Tw...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=908447836&utmhn=winxblogger.pl&utmcs=ISO-8859-2&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18032722-1&cid=480901588.1700739447&jid=928653159&_v=5.7.2&z=908447836
35 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18032722-1&cid=480901588.1700739447&jid=928653159&_v=5.7.2&z=908447836
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Nov 2023 11:37:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18032722-1&cid=480901588.1700739447&jid=928653159&_v=5.7.2&z=908447836
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5606327364837071
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
62d30020baaa4e31f3706412ca55ebf6c094c26b472d17094ac3b256a25d9fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137294
x-xss-protection
0
server
cafe
etag
4918935897969358540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 11:37:26 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 603C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5606327364837071
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
49206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 21:57:20 GMT
etag
16674218716276178799
expires
Wed, 06 Dec 2023 21:57:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
water_droplet_3.ogg
winxblogger.pl/infusions/sb_panel/sounds/ 		0
0
water_droplet_3.mp4
winxblogger.pl/infusions/sb_panel/sounds/ 		0
0
water_droplet_3.aac
winxblogger.pl/infusions/sb_panel/sounds/ 		0
0
water_droplet_3.wav
winxblogger.pl/infusions/sb_panel/sounds/ 		0
0
ads
googleads.g.doubleclick.net/pagead/ Frame E48A 		505 KB
119 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&adk=1812271804&adf=3025194257&lmt=1700739447&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&dt=1700739446730&bpp=6&bdt=632&idt=319&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6274079187665&frm=20&pv=2&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=346
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
667f76f1fd3bc581818c22e11cc7fbec4f16ec73701baac22a345482a95b9459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
121943
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 11:37:27 GMT
expires
Thu, 23 Nov 2023 11:37:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AB25 		724 B
578 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=280&slotname=6350132348&adk=1712210303&adf=2653041513&pi=t.ma~as.6350132348&w=1200&fwrn=4&fwrnh=100&lmt=1700739447&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1700739446736&bpp=1&bdt=639&idt=349&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=18&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=354
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
36c6d59a515f84cf72e78902b8e5f8cdb80eae13450a1b2ad2f28852cadb76fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
357
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 11:37:27 GMT
expires
Thu, 23 Nov 2023 11:37:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sb_getmessages.php
winxblogger.pl/infusions/sb_panel/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
69b6d8c117ecb62ed9a088dbd37a1982066cc03455f085dd2a77f9842417e49f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12425
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/reactive_library_fy2021.js?bust=31079756
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c763a547d9215f0d8fa9ff5883d146af4bcd67c3b8fcaffacc8aed0dabb22330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55849
x-xss-protection
0
server
cafe
etag
9776888754044768342
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 11:37:27 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 73A6 		47 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
3b191aa7339c8f93c2ab39c499c64cdf372e850a6cc1514b80e7d4370725b0dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 11:37:28 GMT
expires
Thu, 23 Nov 2023 11:37:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 181B 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=240&adk=691050123&adf=2706482820&pi=t.aa~a.562853736~rp.4&w=172&fwrn=4&fwrnh=100&lmt=1700739447&rafmt=1&to=qs&pwprc=6132498753&format=172x240&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1700739447820&bpp=1&bdt=1722&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280%2C166x600&nras=3&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
3262368329f730feb034b4f704daf15783f43d1aa98ad0de6f19381039f2d72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 11:37:28 GMT
expires
Thu, 23 Nov 2023 11:37:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BD05 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=250&adk=504623516&adf=1926020643&pi=t.aa~a.2581257609~rp.4&w=624&fwrn=1&fwrnh=100&lmt=1700739447&rafmt=1&to=qs&pwprc=6132498753&format=624x250&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700739447820&bpp=1&bdt=1722&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280%2C166x600%2C172x240&nras=4&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=487&ady=1492&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
fd4e437ca1519b1e76bc0d18b5cb690f03e0f308c7cea1732d1db4015466b8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 11:37:28 GMT
expires
Thu, 23 Nov 2023 11:37:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B580 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=60&adk=4240398711&adf=1308169379&pi=t.aa~a.2581287352~rp.4&w=624&fwrn=1&fwrnh=100&lmt=1700739447&rafmt=1&to=qs&pwprc=6132498753&format=624x60&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700739447820&bpp=1&bdt=1722&idt=0&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280%2C166x600%2C172x240%2C624x250&nras=5&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=487&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
d533604b44c5a6b6db8f9caa5d286ee9440ba0c982d2286fb0a2403e9cdd39c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 11:37:28 GMT
expires
Thu, 23 Nov 2023 11:37:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 11:37:28 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 1022 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
53230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:50:17 GMT
etag
16674218716276178799
expires
Wed, 06 Dec 2023 20:50:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 206C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
53231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:50:17 GMT
etag
16674218716276178799
expires
Wed, 06 Dec 2023 20:50:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 1054 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
53231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:50:17 GMT
etag
16674218716276178799
expires
Wed, 06 Dec 2023 20:50:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame C1CB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5606327364837071&plah=winxblogger.pl&bust=31079756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
53231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:50:17 GMT
etag
16674218716276178799
expires
Wed, 06 Dec 2023 20:50:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 1022 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 09:52:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 11:37:28 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 1022 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
14219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6702
x-xss-protection
0
server
cafe
etag
11213825687312121238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 07:40:29 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 1022 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CA94 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNW0sgOLhhVDMQUh-vKjsg_XmckLzGGuNh0SCGeKw6P87EaBjspipO9cL3Xwlf3enTg7pkZ_ud8NSEuo73D5Kl_9yLe0Ary08A2PhvkCW0612jT-de_IcHXLVYSUGtwJIMZ_deDbuzV_b047mLT9l-EcpIawJIjdSGkC1puQ3xAY81Ccgs8
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 11:37:28 GMT
expires
Thu, 23 Nov 2023 11:37:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 37FC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
14220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 07:40:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 37FC 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
14220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 07:40:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 37FC 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:58:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
185916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 07:58:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 37FC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:33:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:33:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 37FC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 37FC 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 11:37:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37FC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CDZgSzWyn2eLt6fsodffaQPqU35Ymud6E39yOMVDScVwQ8m1ysEgCaLNEGZfoiGwJC7UP6YhqSLqkKve_xJoxOh2oJE5v7nj9tXsIg6IeamACFvPM
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2960180833392817081
s0.2mdn.net/simgad/ Frame 37FC 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2960180833392817081
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1d2e43237d8cbc417103e01c27a048be3ed1ae7aa70ea41bf3548f4262f0e4a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 06:26:22 GMT
x-content-type-options
nosniff
age
450666
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80060
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:18:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Nov 2024 06:26:22 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7F34 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNWCwcCCbvzsPSRLssuzh9GxSGR9FjRBYWs0TS3x40ZeAy2maIzvhS0-Q3GzaLmNt6M9N524cPH8P81MGXS80uYF45Xz7qA-soOO9vMH5wjlktQ6z_ZMBJR7pCb6xXV7wU7z8t-tIaQI_Vr8BorF1sqxVxHDOc5XsuSbHVnffbcnvU8HgGA
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 11:37:28 GMT
expires
Thu, 23 Nov 2023 11:37:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
2960180833392817081
s0.2mdn.net/simgad/ Frame 2774 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2960180833392817081
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1d2e43237d8cbc417103e01c27a048be3ed1ae7aa70ea41bf3548f4262f0e4a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 06:26:22 GMT
x-content-type-options
nosniff
age
450666
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80060
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:18:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Nov 2024 06:26:22 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 2774 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
14220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 07:40:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2774 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
14220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 07:40:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2774 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:58:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
185916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 07:58:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2774 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:33:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:33:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2774 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2774 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 11:37:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2774 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Df2LF07t2QefWzh4mzPu2cIrzzc6BwMhNWehN6RD3wZig9g8MyQB61-3I-t9W8Gxm4APvKTe0EG7mtEFPrk-YCpH2Hp1ul9PhcRE1m3Zq1d2G27z0
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 688C 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvUChCy1fGlBRjgmJz1ATAB&v=APEucNVXKv490PvTugSEoUQW2_MbRh2V_zrYMUD_-eI0uDZLADnRdQ8_keqppAVDafnWHEKex_BEB3x-npgu9KbQS1lmlXTl0I6yGg9VsGajyud9igvDrnJSsQhzpm6wOpLxzfoY_Xj8JX-af38sY8R_AGD5VwItaj8glpCXfXA8MvM4_bFAZ-A
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 11:37:28 GMT
expires
Thu, 23 Nov 2023 11:37:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F040 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Nov 2023 07:40:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame F040 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
14220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 07:40:28 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F040 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
14220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 07:40:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F040 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:58:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
185916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 07:58:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F040 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:33:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:33:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F040 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F040 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 11:37:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F040 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuzrUAoD6cc-CzLoI07hDtrc0ZNbTIdGrWEXv_CWB4mA43PCMXa6vTHirKXZSDkAhzI2I5lciO930pQDXoJnC5GCGnp-4YuMDeZUOncfbUHaONcAA
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 40AB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
5539
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 10:05:09 GMT
expires
Fri, 22 Nov 2024 10:05:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 932D 		829 B
945 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
94ff637a8dcd9344d93deb1fed480020e608a0f125bcbd0e09a9dc8e88bf578e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4DbarfTz85WrALsTe85j3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://winxblogger.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4DbarfTz85WrALsTe85j3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 11:37:28 GMT
expires
Thu, 23 Nov 2023 11:37:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame CA94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJw2N6rej5hYm0HqCqQ81e4&google_cver=1
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJw2N6rej5hYm0HqCqQ81e4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNW0sgOLhhVDMQUh-vKjsg_XmckLzGGuNh0SCGeKw6P87EaBjspipO9cL3Xwlf3enTg7pkZ_ud8NSEuo73D5Kl_9yLe0Ary08A2PhvkCW0612jT-de_IcHXLVYSUGtwJIMZ_deDbuzV_b047mLT9l-EcpIawJIjdSGkC1puQ3xAY81Ccgs8
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrxZi5uk2HMlKbGAOjOdrTFzLMl8wcjTIatwhWBPjh5ddgDZOT470dfyrTiAeCuiYNukQncO%2F3mSASmYAKQjOmA2nLqr%2FRpmYkTOWCA%2BhTyR%2BTjORP7AJzsg9i9w%2FQKr9p%2BsOAW7ZdbaKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a91ed01a803563-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJw2N6rej5hYm0HqCqQ81e4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CA94
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV85eExfwHXcDABW8E-bgAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNW0sgOLhhVDMQUh-vKjsg_XmckLzGGuNh0SCGeKw6P87EaBjspipO9cL3Xwlf3enTg7pkZ_ud8NSEuo73D5Kl_9yLe0Ary08A2PhvkCW0612jT-de_IcHXLVYSUGtwJIMZ_deDbuzV_b047mLT9l-EcpIawJIjdSGkC1puQ3xAY81Ccgs8
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oADgzBGpSVEGMJPVBI%2FwcywuAnJPZ5bb4NXk6VAnLpvte5NJxVME%2Fkygqe8QOPPiwHxtIQaFWVdcZS3YMLLtOXLUT1DNdnsd2xyH5pbVJ33fDaCaSgxs5u8WDLuikAklIBbDreN8DDogw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a91ed0cedfc008-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame CA94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMHaBkB_gnA6uhBzzLKaac8&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMHaBkB_gnA6uhBzzLKaac8%26google_cver%3D1
43 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMHaBkB_gnA6uhBzzLKaac8%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNW0sgOLhhVDMQUh-vKjsg_XmckLzGGuNh0SCGeKw6P87EaBjspipO9cL3Xwlf3enTg7pkZ_ud8NSEuo73D5Kl_9yLe0Ary08A2PhvkCW0612jT-de_IcHXLVYSUGtwJIMZ_deDbuzV_b047mLT9l-EcpIawJIjdSGkC1puQ3xAY81Ccgs8
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
an-x-request-uuid
7ec0c7a2-5c95-4a4b-892f-b0adf0902c2f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.67.86.82; 176.67.86.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
an-x-request-uuid
f0ab7902-f716-4eaa-aa89-ce24927dda57
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMHaBkB_gnA6uhBzzLKaac8%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
176.67.86.82; 176.67.86.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CA94
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NzMyOTcwMDYyMTM3OTYwNA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NzMyOTcwMDYyMTM3OTYwNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNW0sgOLhhVDMQUh-vKjsg_XmckLzGGuNh0SCGeKw6P87EaBjspipO9cL3Xwlf3enTg7pkZ_ud8NSEuo73D5Kl_9yLe0Ary08A2PhvkCW0612jT-de_IcHXLVYSUGtwJIMZ_deDbuzV_b047mLT9l-EcpIawJIjdSGkC1puQ3xAY81Ccgs8
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
an-x-request-uuid
eb3f261c-9759-41c4-83e3-23e1662d129b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NzMyOTcwMDYyMTM3OTYwNA%3D%3D
x-proxy-origin
176.67.86.82; 176.67.86.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame EBA6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
185916
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 07:58:52 GMT
expires
Wed, 20 Nov 2024 07:58:52 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 62E7 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
185916
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 07:58:52 GMT
expires
Wed, 20 Nov 2024 07:58:52 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 7F34
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUdiukg0usFpql5YOvakCg&google_cver=1
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUdiukg0usFpql5YOvakCg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNWCwcCCbvzsPSRLssuzh9GxSGR9FjRBYWs0TS3x40ZeAy2maIzvhS0-Q3GzaLmNt6M9N524cPH8P81MGXS80uYF45Xz7qA-soOO9vMH5wjlktQ6z_ZMBJR7pCb6xXV7wU7z8t-tIaQI_Vr8BorF1sqxVxHDOc5XsuSbHVnffbcnvU8HgGA
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFKWXSD3gSdsUMMB07XeoPkRC6Yh3cXGi0F%2FIuSgFL6CTqAaWaLrrSSVaDnRueNNjjr7kWo3XgHlazH0XE6M4Xy4Lv4zXJWdbf4HGA6engO1SicJzr2QCvKfpeLEc4nDCs%2BbKyUZXM7pDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a91ed01a7d3563-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUdiukg0usFpql5YOvakCg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7F34
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV85eCNxT15T1nBMHODt9QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNWCwcCCbvzsPSRLssuzh9GxSGR9FjRBYWs0TS3x40ZeAy2maIzvhS0-Q3GzaLmNt6M9N524cPH8P81MGXS80uYF45Xz7qA-soOO9vMH5wjlktQ6z_ZMBJR7pCb6xXV7wU7z8t-tIaQI_Vr8BorF1sqxVxHDOc5XsuSbHVnffbcnvU8HgGA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6FrtKqhI%2BAUBmya6cckr2C8A2rJTvBJ%2FleqwX36CnBc4Jdng7on%2FKmVZgKFTonVQ%2FJ2aXe%2BCnS%2FeFlXeUl5Sd8hHTTnNZrzPDO8%2BZ2rTdBJOBiig3x4FcbI3LoeSFI9wonFZOgPxeGAYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a91ed0cedec008-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 7F34
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMbi6VhQzYHTgzVLrH3J7Es&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMbi6VhQzYHTgzVLrH3J7Es%26google_cver%3D1
43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMbi6VhQzYHTgzVLrH3J7Es%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNWCwcCCbvzsPSRLssuzh9GxSGR9FjRBYWs0TS3x40ZeAy2maIzvhS0-Q3GzaLmNt6M9N524cPH8P81MGXS80uYF45Xz7qA-soOO9vMH5wjlktQ6z_ZMBJR7pCb6xXV7wU7z8t-tIaQI_Vr8BorF1sqxVxHDOc5XsuSbHVnffbcnvU8HgGA
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
an-x-request-uuid
7cfa304c-297f-46a1-ab4c-c699ed9c8801
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.67.86.82; 176.67.86.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
an-x-request-uuid
957b024c-920b-4ea4-ba40-06e0c032a0b9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMbi6VhQzYHTgzVLrH3J7Es%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
176.67.86.82; 176.67.86.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7F34
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0NTgxOTIzMTUzNzI0ODA1OA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0NTgxOTIzMTUzNzI0ODA1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ_d3gIQgdansAQY16Hm_gEwAQ&v=APEucNWCwcCCbvzsPSRLssuzh9GxSGR9FjRBYWs0TS3x40ZeAy2maIzvhS0-Q3GzaLmNt6M9N524cPH8P81MGXS80uYF45Xz7qA-soOO9vMH5wjlktQ6z_ZMBJR7pCb6xXV7wU7z8t-tIaQI_Vr8BorF1sqxVxHDOc5XsuSbHVnffbcnvU8HgGA
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
an-x-request-uuid
d597b08b-5a07-43c1-b63e-d806c1f393d2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0NTgxOTIzMTUzNzI0ODA1OA%3D%3D
x-proxy-origin
176.67.86.82; 176.67.86.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0808 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
css
fonts.googleapis.com/ Frame 0808 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 09:51:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 11:37:28 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231115_RC00/ Frame 0808 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231115_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 19:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 11:42:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 19:05:48 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231115_RC00/ Frame 0808 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231115_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
sffe /
Resource Hash
db2c70f402911719d09cea8727a3f4eef8b97a491f1c6869181532539fb53fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 06:11:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
451570
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133825
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 11:42:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 06:11:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0808 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1D72 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
185916
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 07:58:52 GMT
expires
Wed, 20 Nov 2024 07:58:52 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F040 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22d1f3ed8b08e51f566ac920f481809024d7ec529e749d5123156a6364b2df60

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 688C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMjrT_Zeq96hz5W99XHuvxs&google_cver=1
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMjrT_Zeq96hz5W99XHuvxs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvUChCy1fGlBRjgmJz1ATAB&v=APEucNVXKv490PvTugSEoUQW2_MbRh2V_zrYMUD_-eI0uDZLADnRdQ8_keqppAVDafnWHEKex_BEB3x-npgu9KbQS1lmlXTl0I6yGg9VsGajyud9igvDrnJSsQhzpm6wOpLxzfoY_Xj8JX-af38sY8R_AGD5VwItaj8glpCXfXA8MvM4_bFAZ-A
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwVjV%2BEl42GbdQi6%2Fc8%2Fo2NZBAWCM73tJKgW2ZSHWm%2BOAm0wzp0lD1qPmDkRhKMFRsaq0RqHKtIYp0iqopgoS7GfNO4AbK93R%2BseMQF8P2Xger%2BdAx5Nf%2Fv7OWp7xsS6Gi8MUkRfljZZig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a91ed02a813563-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMjrT_Zeq96hz5W99XHuvxs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 688C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV85eCNxT15T1nBMHODt9QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvUChCy1fGlBRjgmJz1ATAB&v=APEucNVXKv490PvTugSEoUQW2_MbRh2V_zrYMUD_-eI0uDZLADnRdQ8_keqppAVDafnWHEKex_BEB3x-npgu9KbQS1lmlXTl0I6yGg9VsGajyud9igvDrnJSsQhzpm6wOpLxzfoY_Xj8JX-af38sY8R_AGD5VwItaj8glpCXfXA8MvM4_bFAZ-A
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tov4rWeg53tsIzx6x8tips7sjL0Ts4uRt6wyYo0f9OgjAcjoxKATfgFzN8RGtNeXDwrH5RshvZDpPdjUVV%2FDHNDidSvIOaB0eVJYIwsowZrhoDGuaVNrxYJHMgrrtl5H7LGBOfPcNQ83mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a91ed0ceddc008-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAJ5l_FaF0nfk8ZiA4VWQdA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 688C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENogqmg7Vp09KCBsNXsKzdQ&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENogqmg7Vp09KCBsNXsKzdQ%26google_cver%3D1
43 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENogqmg7Vp09KCBsNXsKzdQ%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvUChCy1fGlBRjgmJz1ATAB&v=APEucNVXKv490PvTugSEoUQW2_MbRh2V_zrYMUD_-eI0uDZLADnRdQ8_keqppAVDafnWHEKex_BEB3x-npgu9KbQS1lmlXTl0I6yGg9VsGajyud9igvDrnJSsQhzpm6wOpLxzfoY_Xj8JX-af38sY8R_AGD5VwItaj8glpCXfXA8MvM4_bFAZ-A
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
an-x-request-uuid
53c2663b-59cf-4e56-889e-83b13a00183e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.67.86.82; 176.67.86.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
an-x-request-uuid
c8067ad1-7f03-4fec-a0b2-83810631cee3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENogqmg7Vp09KCBsNXsKzdQ%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
176.67.86.82; 176.67.86.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 688C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NzMyOTcwMDYyMTM3OTYwNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NzMyOTcwMDYyMTM3OTYwNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvUChCy1fGlBRjgmJz1ATAB&v=APEucNVXKv490PvTugSEoUQW2_MbRh2V_zrYMUD_-eI0uDZLADnRdQ8_keqppAVDafnWHEKex_BEB3x-npgu9KbQS1lmlXTl0I6yGg9VsGajyud9igvDrnJSsQhzpm6wOpLxzfoY_Xj8JX-af38sY8R_AGD5VwItaj8glpCXfXA8MvM4_bFAZ-A
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
an-x-request-uuid
53f0165b-98ce-4fd5-aee1-cc36c8dc6aeb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3NzMyOTcwMDYyMTM3OTYwNA%3D%3D
x-proxy-origin
176.67.86.82; 176.67.86.82; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 932D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1583295395334079&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 40AB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
130560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 62E7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
130560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame EBA6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
130560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
/
track.adform.net/adfscript/ Frame 7220 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=69667956;rtbwp=ZV85dwAN9hcA-RP_AAXwF1W-41-7SXv-wItyMw;rtbdata=2uP2OEcU20IXDiq9JehIZX6PbI7G9XcO1-HDow43qYUMggRtXgRkLA6lzVbaIVSCnOLbdqyZz5sEsZ50j4vUJs8GvgRGt4CIi0DyJp1arwfK7ffrV4Rm-ccdOlpPtcEMsJNjdPi-S2AdXuzj-rsOrjzzdKl4Qviis63S34FvOmnzbRMUozWjDaeoa6EBuBrqcso7vQ5pGPepf_xMbeNyoIwbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Clv3edzlfZZfsN_-n5LcPl-CXYMSzoJRcvtC4heUCwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU2MDYzMjczNjQ4MzcwNzHIAQmpAlp3KTsNpYM-qAMByAMCqgTQAU_QTq2Qn-K-RRlQAQ8qKipygKXpbyoQP3I19akcmzVN4IZWyKLcRvRZ1AEL7O1IEBQ5C3scYbVReXsNwHywRy2OYfe9VTwzbBf8afHK5lO_w4CB2OKXxEjcTyAEynSQK0Ph-zatDTmA3MP7JqQm0fdypuAwibrDirU1iTPe4IxUU_gESqLdIwPAJLxFSHa8TL4zz29-tWiwNlEXKNpSK5LlD6ENzeTtJd8H2eCNr9MItnTFrHObYgHTVamJMXVWuIFeNGPskYEDua5TZHnqcA-ABqLFiuLWyoXyQaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_1_DQOsva_nW2TlImeTH6SLewiBig&client=ca-pub-5606327364837071&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ae9f355d0aede923fd15c0e55c81e2a7a81b9eecb562168b99e33be98f4ddcd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1652
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7220 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:33:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:33:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7220 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame 7220 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjid02UWlbfJIpzPNVHCQgWlzYxhAnBzCv0i8vHFEGaIxaFcSv7lGpz_IPG8fCTblyXfoY1zwKSem8EogP753N8_5H8A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7220 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 11:37:28 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1D72 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
130560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
index.html
s0.2mdn.net/sadbundle/8079234748677496062/ Frame 66C4 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
dc23a9ca238bb47b2b9d485dc4dcdc2ba5dbb6331be53fdd7d9bfa53c38932db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
483077
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2910
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:26:11 GMT
expires
Sat, 16 Nov 2024 21:26:11 GMT
last-modified
Fri, 01 Sep 2023 07:21:25 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame F040 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsthVAaVFWYpsUVduN5iQnJYVDctRHjYVWERBt51_ekOF79_PBNkMAiB2u0jgWm_zJQJ15eqleKRY0rsllrH71mwzwA8O7vYNZ2SB_Ckmq-rJjh2mQs-aydRdywCr0387uWZzpTEQZUBe1KwnK_pT70sDYK1eGh3gMkvwYSEd2wM5bOLhmzGP06Zet_L5P_TboEu6vMA1HtCXeonfoSVa_WEI-65QEen-MY6MJt7PEHTvH95TSugf7ADca_Ci7m-NCmOfcawlB2a7qzydZHabc7ga3-zZx36aTfrs2HsxoAT6D1IoYzR4LFOvasI_dZYzir6H5kJ6bOw5RzjFdhThqRQvDAzeGLv9xra-pSh40gIrsd472mO6xzolnolUapOKHCYJ3M6sNgPobZwiIfYcsBxgMKrn57pIgcShbQptCha5nrRg6a1lp7nN81hzlFa8XMkf1HVlI4O4X4-EOxW4ZLMzJO_G0hTThtuOItoEfqhvkBexVfY3Km56VgOtCuJtl5VMeb2L6GMM5TvXhUR1XWEiW_udST92HuAmLzrxxoLTbAtqgncpeU-O3LMwFc9GXwqX4YbuNI3W6fpq19IDDHvZWmHtxR0M2vH7xCGyhT3gJ6vzNHRTLSf-FMJYS4d6BJ5jsENzuXNChVz4SB2Yzvf0VFExbOeWQKJum84dP3RMz8D_sJF8vqQKmCM9Qth2rqFuY1qGs3srm_K3rpWhGabF35qibr1GftQx813cEGf26qVUCQ5SxTF6MHiueEnEzzC6AN5UBM1gTlIYNoFkUsg7NGrwAjH2BzjcGIkwHc6iFc6eAod8amf-tFqMc9HS3lRxANjEELvO4_On5pr_oBdZnZoVSt2bhWmA-CM6QqeSNwDFCxZbZ0aLFy_Or9z7DDCQhLoIw7e4ySk5nsVMocxVNqX4yp9XUXtdmfIItFV3pFYxti5Y2fAdB__soQfSWcivAybWHmJoR4PNjWFbxFKSYCpJXzWKcKBfiNNPS5t53Azwse37TBMkVjLPeKsBwBETVYJnKm78VzOajRZobk-IqBhw-HqVwL15VV58ZNgKhGB0f4UjlsFM4ticfu4U14s8a9uOlOkhKPzhbcGLPRMDcCoCb6s6Qb7wJlIiw1S0tWESwNfLlrTlsPVWmWk6B854hArdwQeGlA9CKlYcEti0qJQEpQ3toJKDjcRSeMdaxT3oiemvWqkF6Nr3ZLZVQOR9ZCB77pOHo1OAc_h-XssgUcbCnArV38DGypx2C-2ibkCRMLA5POXTO3hY7N8gu0qhX37T6kiVHybG5dlNlf61AYTJhtNjwcHW47ihMvdvxH42RKLiA&sai=AMfl-YSuK3zq9NFZVcBl04AFdCZFYLcT3TsfXVaC-CYKaNFCja3mMoCxUqRx7FpVD_ckwkKzIF07Ced2dM7OIrUrJl5iuE_l1afC7NXpAqIBCHlMNeMQq09UBxOwLj3uyymWaDzJXR2VxbTTkO_V5ffMvU56oSysTQbZS725wR3mtP7OucF4ydG2SytKyGJsW9uxRE1Pv9eUgVKAENUhycvsLtA4wndm2UYdbT7WIxBcseBE_4VY6D3grRVifVf-8D5e8YRW-Okil7YrInu5oQH2nmJ3svKGkaqnHvcijdlBzaLQtLjF1mcDZgXnpPHZGWau10xzPkJjbRcPRJ4q6qWJqVIQ1WzEKQVy096YpBPRf5qmfI8A-wcHZT3_AsdIA_qsIkITE932QLIhhG4llIGfcbjCt_ROr_exnNDjJjCT1SmEGgHiIOCJ3DgeD8Wdahz4posYfSracbqAWHaLyNrVhorWxi92WaYhHTrIzqJYcuJwHM4sGzxZ1sgmg3SpDdafp0BuZ6I&sig=Cg0ArKJSzNWjr64yRU08EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9uaXNzYW4ucGw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=231&cbvp=1&cstd=228&cisv=r20231109.67254&arae=0&ftch=1&adurl=
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 66C4 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38407
x-xss-protection
0
last-modified
Wed, 04 Oct 2017 18:33:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 11:37:28 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 66C4 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 11:37:28 GMT
index.js
s0.2mdn.net/sadbundle/8079234748677496062/ Frame 66C4 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8079234748677496062/index.js?1669980931599
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
c60de4bfd8e8bf8a066f133e14d1d79dac5f03bde31a8dcc3011617edcfbfc85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 06:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450031
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11508
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 07:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Nov 2024 06:36:57 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 7220 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69667956;rtbwp=ZV85dwAN9hcA-RP_AAXwF1W-41-7SXv-wItyMw;rtbdata=2uP2OEcU20IXDiq9JehIZX6PbI7G9XcO1-HDow43qYUMggRtXgRkLA6lzVbaIVSCnOLbdqyZz5sEsZ50j4vUJs8GvgRGt4CIi0DyJp1arwfK7ffrV4Rm-ccdOlpPtcEMsJNjdPi-S2AdXuzj-rsOrjzzdKl4Qviis63S34FvOmnzbRMUozWjDaeoa6EBuBrqcso7vQ5pGPepf_xMbeNyoIwbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Clv3edzlfZZfsN_-n5LcPl-CXYMSzoJRcvtC4heUCwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU2MDYzMjczNjQ4MzcwNzHIAQmpAlp3KTsNpYM-qAMByAMCqgTQAU_QTq2Qn-K-RRlQAQ8qKipygKXpbyoQP3I19akcmzVN4IZWyKLcRvRZ1AEL7O1IEBQ5C3scYbVReXsNwHywRy2OYfe9VTwzbBf8afHK5lO_w4CB2OKXxEjcTyAEynSQK0Ph-zatDTmA3MP7JqQm0fdypuAwibrDirU1iTPe4IxUU_gESqLdIwPAJLxFSHa8TL4zz29-tWiwNlEXKNpSK5LlD6ENzeTtJd8H2eCNr9MItnTFrHObYgHTVamJMXVWuIFeNGPskYEDua5TZHnqcA-ABqLFiuLWyoXyQaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_1_DQOsva_nW2TlImeTH6SLewiBig&client=ca-pub-5606327364837071&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
csi
csi.gstatic.com/ Frame 0808 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lpb4ct6w&c=4659511764219&slotId=2329755882109.5&qqid=CJzz65SE2oIDFTgH-QAdBX8DSQ&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231115_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f195.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0808 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C-Q2edzlfZdzbC7iO5LcPhf6NyATVjvjjcb7WzJ-GEv_LvfzHARABIO3YgQJg6eTJhdgaoAG67anmKcgBBakCRP3RllbEkD6oAwHIA5sEqgTtAU_QYjP39IZEhOnNKolkjiIn7PwEOXfmqdLY4LOZZOrFCFxnpedcW1H-xTPYZVIdC1uQ4groPMfoPDkpj5CfjxlPnwzQvM_GHlY5a-txuaESMKSoIHraClkMNUYm6b1W4rIBeYqYVsSAta9THPQVZwtDVelFs_yYmw0brdFaf0mNaFGUhV0PI-cF2GJuhTbW7rpnEzqVFzgJIuz8mtzXutig_0bHpohXkxGbkz8gbq_TClkv-YPRJaQ6slsBItDJ-R1irUUC7DtP32yk1UY9OZolgQMlpJb6W4LQhGpMisuZ-0zn6eHExDyIZrdJI8AE7JjJs7oE4AQDiAX7sqz1S5AGAaAGdoAHuqX6xQSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJQTLATz8LFFcgTxNKO4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1700739448529&ai=C-Q2edzlfZdzbC7iO5LcPhf6NyATVjvjjcb7WzJ-GEv_LvfzHARABIO3YgQJg6eTJhdgaoAG67anmKcgBBakCRP3RllbEkD6oAwHIA5sEqgTtAU_QYjP39IZEhOnNKolkjiIn7PwEOXfmqdLY4LOZZOrFCFxnpedcW1H-xTPYZVIdC1uQ4groPMfoPDkpj5CfjxlPnwzQvM_GHlY5a-txuaESMKSoIHraClkMNUYm6b1W4rIBeYqYVsSAta9THPQVZwtDVelFs_yYmw0brdFaf0mNaFGUhV0PI-cF2GJuhTbW7rpnEzqVFzgJIuz8mtzXutig_0bHpohXkxGbkz8gbq_TClkv-YPRJaQ6slsBItDJ-R1irUUC7DtP32yk1UY9OZolgQMlpJb6W4LQhGpMisuZ-0zn6eHExDyIZrdJI8AE7JjJs7oE4AQDiAX7sqz1S5AGAaAGdoAHuqX6xQSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJQTLATz8LFFcgTxNKO4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0808 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&eventType=canary_version_20231115_RC00&clientTime=1700739448531&ai=C-Q2edzlfZdzbC7iO5LcPhf6NyATVjvjjcb7WzJ-GEv_LvfzHARABIO3YgQJg6eTJhdgaoAG67anmKcgBBakCRP3RllbEkD6oAwHIA5sEqgTtAU_QYjP39IZEhOnNKolkjiIn7PwEOXfmqdLY4LOZZOrFCFxnpedcW1H-xTPYZVIdC1uQ4groPMfoPDkpj5CfjxlPnwzQvM_GHlY5a-txuaESMKSoIHraClkMNUYm6b1W4rIBeYqYVsSAta9THPQVZwtDVelFs_yYmw0brdFaf0mNaFGUhV0PI-cF2GJuhTbW7rpnEzqVFzgJIuz8mtzXutig_0bHpohXkxGbkz8gbq_TClkv-YPRJaQ6slsBItDJ-R1irUUC7DtP32yk1UY9OZolgQMlpJb6W4LQhGpMisuZ-0zn6eHExDyIZrdJI8AE7JjJs7oE4AQDiAX7sqz1S5AGAaAGdoAHuqX6xQSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJQTLATz8LFFcgTxNKO4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 0808 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lpb4ct76&c=4659511764219&slotId=2329755882109.5&qqid=CJzz65SE2oIDFTgH-QAdBX8DSQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.14m&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231115_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f195.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 0808 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CopycpADWcLHPtLm3A6PlIIFk2DElG6EswnbjGbzWeQggEHBPub7WiZ7nrnmEAjKVWhKQmvyqFgr32SVl2Hjjm441tlw&cry=1&dbm_d=AKAmf-CTV80ehe_n-6oXBhu6ln4um4noXCmln9rtTuiXKy8Tvd8TQNYHW-52UOhJdmR5XzWKYsjNgAaUdXN7fC4EA7lVfwCTfWJbYMf1tnVaktSF3RD2k43BcEIZ9dDUIVHR7pM2Sip8TuCZEIowJeuE7DAW17bnkzwS6QOtT8TPTKh8pNkGnUbPI91Norvrm5RBsR4vqWSIFC3E6zIUmf5BhCJZKJSjXQfEygWAAr8DrWAi-a0EuthGAykyx5h-RWWkKw2NWDHxr-iiJUcPHNXUD4yCW7lSXf_WvrcKwv7dzExJ5OVwh1bQslfQqU8bfIZ27iXSNpCsMzV_MYMnIUSVa0Booqv-xjq74oHZFt5P0DeDgI59ufswjMA1VbnDSGNsSS9KBjkilgIFRlOgYPG-jifA6-_DIEW4GuueGsKY45PJCamRqLoOfcDzFaaw0geUYt0yDYibtK_PBDrNBAmb0ZQxFn57WuRFhXIlhCZoAhmHgTfk99DaEhfrhEO7ioHiX5qLAFJDxIiqEKBPocCjz9vdLmbHAYGZzBjeaC9kwypR1r6RiAvQIpgrVVcTVzGJNPjXVxKsJmEU_I0pV_6Eb595dLdM0uI_nSwG-6i2t-cwBREhOZ8D9ev-RQuP_zei4bvyqDsbuDgjOXbEAfDH-etkc0enDuUgX3dbteNIYGsNrbko2ozW7tEzURouv_rEzJcHOfpFbjXRs0V34vz1I6ATeiS9hulSk48oje9h_Ljqn6Ha8zYDhzoHHpKyZ6bS_0bqtHGPl--4EdvvNDkTKZ0WX04tX5--NvoRloVCkXYIzHRX6951DJWmjQ7meUIscpqOmL5RGlM6FZMHj9fzJRt-TTpach3OcRB3hU81K8cogGbaHOHljtAVzJFStB33IzvvScwcQj_vQXK3aCZ-CN4nkQ4naU1u06ntWtrGJPbfkIM0-1laim7HX0wNPAca1r3qD4WF5ZkOO7zQUFX-Fa1_Nh5qOKxPZUGWW_BxB1_QcZlcPmoobAIplr6kykmLL47YXFqtpI0vqtTOd7uyPZI15mGFQaOcnP4G9yxCPwyI8oE-bmrnsIFq7tMFXIXJTrMKn7Wcociv2HOFkRRDVNT8_QSNhpmov-YHyrqgtdTDSFzHyXXpqAvErZjp96eXJVcEkaxkvwV1bohOyh3MQdyyVGtMQKTx1d0MeZkgUeYLSOkB1uZvyXYHu54iOa1QGR6cdFUaZPH0Q6fBKH_nhCBuwLMmRxESV08fhKFqoEIcu8VZy68umIAHyT4KcCXAY4hJqGS-axkzQ9FH0xcoeTmD1MnBSGOUPX8IEf2dST1OMFSz8xta2jW1byekG0ow29DzJwl_n8JoK0TtlQWIpljTLNUUVcm9p3fAHO8oL19EuOXmIi5t5pQ5U-P45KpQ3nCPHKl-6kJC7ZJBz15k0NOB4fBZT1bGAVXmYVSXA_bX6HVYvg8e2dVm4cgfwgRqCIFGGIdIJGt0A3n2iXGskucwNcJYg94C68Nc3Mbpz3gV8K1RxBbV4tzxpO0_q2DiBQvU2qSbDdPkO90kKYAPj8lflgJsYch5Va38H44Z6UmA096vWrLU9Qn6lW-mMQiIEvpAjz7gTDQjrJDv1fvVLtI9dAqaLth5L1rp3DU3bJNn4mDVh_MWaVM6L2Q95PnfXvrn1l8K7UNJ6p4EKwuLlof1EIZkNenf-Ke29fq2H_zx0DnYJBW40_DNJ897Z9kSLni94twle3nTIleqAh2ag8latOM3c8nqUxTaB-WWINX_zO8ehV7QBRIiQ---sumex45_Dh_AO8eFcHweCvNJZ_TAPCPZDxIRYYgA7ubv37QYK3l0-CQujkhIsq2pZ-8mm2rLHUCoyv_xcjtMT3Bx-Te3fa9y_-qgngCAX-1nJ6InY_4DaYpc3L4-QEhc8aL30TjQEfjf1s3Zz3OjaqcMGcA9H2iKMrth44uc5ZvulJYMW4n9XmRO0TUh8_1PT6LUZCaeS57IWVU_bHYfEPXtb4DaXPWSyiIjl5gJG3Ma0qSmHOarN4W9SpFzhcrV8PnVKIMa6pRZqL40lsoS-kyfkLxLjcqQG98UW4mmOIHr9NN9WnxQgksunZDKF97bysKCrIE2qV3MIsnvuRVDJPv8bIUI1PktFpw25MBJUsrec93wHnGKyiaIV0tdoPBupq8A5SJK9atai7lUPdHOtGXCrBtaNFA94kmmCrQ9bzII0I4ou5JK-PBBYwM1Jrzxl53DKSgJNZpboVxFwaImONucToC1DerCoWnr_73Kq3V-MfPzLP9cJXLikHhvDh_PQwEPpfKaU_IEQeaFrsfFIvbHkX028ubyVgGvyQCM-vbATMbfwf3iOmOvjwHJCHXy2M_-7ad7_9qyBmCt1HbD7smKC-Tm1vVX6WkWisYIuqOBLD8TDJHLSXkC9roBSYiULIOwUiHvqr4Rhlmj0fb0IGApL5DUJ_ZC1Hj8qQeszAxUtjuUOz4N1RxmYCcVM2Q2dpSy5suUST95CEAI8wPp9YBKUD6Ayrfbmpky8RgnCcranWZwekGyeEPzKzs15LPljST3biOrg6NVrWmFGT8oPy2AJmH2kRSKehGumJ_jRqAXKPch1dzMuSqrkZGm9_kGOBIUkA2fT-1Al0CJYlYstDjTxNhyiUs22RNqIajoAOtktET_m4iBPhtxG5v46UGif4ssTtvADAfjzU7jjfAy-TcNP76BkMYBjXvvqUCWTfo5By1khBSLvBSSqZF8A5vVr5-_tME20OAVjvmHvwWAT9QUDK7EzrYAO3O3Lr5Q4w7ef1AMQsNubZPduqG0hWQk3XNeC5MzJROCg7TDganxSHmhX9wVwZ_ZOSwL6ylXncScgkkgHtFh7MPIEacyMTsSFhWjqjgeP7P3vFYUMDl5Z0l9q7we4SNwsJ_SW3_Lf8mx-PutIFv1EconNL57jQT8yh6Xi-LzaS6BKtHS4NDnSj3_9RflCUjMxgG4ehbOa3fL_mvkQh6kexiZGkOA5p7gs5w0JsFDuYbWrgAbYQH4ixqKP9bwxsM2XNOxDfSwwpxqppdBRqQpsNOazkaBXPgps3CknUyLD7wZpZglDu8FdgG_ONhgHzmMhKwAgVYfnTazQlI0Pk32jwMILwpiXLoyWkUw9HrsgMbuRCz6iFNuuVJghyjPcmtG1_q2_ef3HUjEtKwUgHi-1yiAqkHRNsKPu_T5x1lGZlowX8hoIAEcfrwgXtqwQgj_Nhb24mZLvmaWbLkZSgmkJ5m2XuaafuJVJ9NS4EpprCneMJzywm_Ta3HY-xfZCtKN5ub4Oj94MutdgPjNuL8COe6AOkdU6QRUTI8BKe3S0_7rr1Kv1PpvZLXgg0lv4FevqDzD8VpT7rjR37bC3-nKnRJsBMvCenTbIqlYyKv29zPp6-qMGY9wCw13xbwvGBVDkOMMO6PFjWgRfUb0dFhQHmany_kGcV4N6vGYKFjPL35TAjjRMUhZD-wvYPga5qGjGaKqxLSGm8lJbylaTvL0i8eT5qnue8Fm93XKiG-7QiTMluyVWianWQ7OKTzYJ3ZNS3T2totjsvVBEvaC84mXTaEkKRKAWg114IGXSlCcaAmefOV4_A4-APhTuJyRY1RztT6gCyN20RBFKCfo3jXokldhQrVZdOUXOZAVts3D7-Ce43Ohi6esqtAIxWa-aV-_i_Dja-w5u_INReR_oIz3_yy3x8zFCihqd4DHQ9TfZArw4RBLjKvLPIF2wLNWlxyOp_kkrWssT8_hW8ZKt3GLOnFf7OmENx7REskYKRsFHQ0FrFEv6xcdn03Ds3-i5MVY7KL8hFSAZmNp3QVIszdGXT4&cid=CAQSTgDICaaNIIMpd5vQ8df52ni4dJk4cSXVLBC5eMXtxIwelXfEuGFkE4w2-ybYQQeYTBT56aRR2k3lOMWHUe08IAzuy7X9vwCNPy6pjeMdcRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231115_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
cafe /
Resource Hash
c24aa43250663b368b73484541671010cd272d5d721a0ac5bb34480c802a5aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17375
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 37FC 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
063027125816da88f8f7e130ad5b6268d7b25d5f81eca5c7bc0d199fb4b718ec

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2774 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d997ff6a42a19429d36c36f2350c9338a260553c6857a2ee60ff593bc398a9df

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame 37FC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuR9nvTpPZnw2BLVtiC3O4JWj3GJ0mABr2dvHngK1I2fAIs4mm0R0o_dcxK0OsQC7cK6qIhViT4CYT3YYQUiDLqjtNY5CV4AjJMmBU1etra_eFh8lLqP53LbEDhf2cN21TbsljXzyfA0QjYoZ6wD_ubdo2PK6UeaW_tGYg_l8CIL_yld7oEMY60nfmgLs8UV5-MfzkfuHAPfI_n1Koybq6wfFroVjSniCZuE4V0M_2Z5yDLHfpM18FPOfHArG5j5ctUFec9RzMqBODHttLpC4ab92XHgW-zeWt50qxUM5aBlU05i9oIHUVXNvueZ5sKo-ytlWGCrDKT7TLfot1WiXxt2IoghUes6ISd0dnoS_cCCEACrALkWSbGkOQ0gLHSYeqLrAPCGHKUqQpZeLbXtzeLNheXkD5OS1odazRsbAb2Frpp_8rCuP1V-Cz9yyS35JQZmoCweQVD___hpAKSYxA1z_HzUlrho82HogR_BduwcLWcnPsXP_74eMGQ8NDYuhqT96z7mNVN7y9w4XDJ79MR5kawqyjuxpRHuhXI2cODl2iuDM95zMTuLclxlV0mAqMaryDmeRLYWbBKu9P39JVPtH1_61oVceEqPj4R2wOuwzXCoBLsLjiYhSAHoNXdxhy09S15dOhduSMH9lzk8W2QkoCdkArSsrOTouJvZQ1fplOqZOsmcKAzkl15Imoxd3nCpFI-IX556gShfEgAsrFMHfqIpTI6sdiOHdFxc6t3ElyChPW1dx-NrqGmmerEtgQYVZehBr7_4YTVfYLho687LjjW-vNAw70eIcGqjpbj-0hC1-vA8FoEbNDJiQT5SZRxA25B7YDKoyVTtVy8SMGPwBZClUnZX1p1JLxNIQNOBxlFtysQf0S8xuzJFUmJ53SC_ReVXghxfwmsVdAOW2fNoO2aWSJ-gMG1zMSbPPDCApIw0LeJgS9F-NdDUo23BmcnhuWg8ZpIXeaThEyOIEM1inMZPeVTb8moXYvJFIFeLGPFkZaj-asClWroV1dHNaHfBquxXiOK7rPlO3fChrGiLkm963eU2ILyEBFgA9epR8tR6-fJYTS14SN2EcEr9RIS61bgqstOUHqM7e3719HBW-TImQQRSZP1JE6YPGc19oMX8EuddsXYvxykF7gppwKmp0f4RJzCnXTBQVPB3opY5fvvoBdnz96emlJCxxJjL_CC8KmhsdZdz06OMThYQ2Ug7wac93tElSEcbs_ux7qY4865lQ6HhUGl6O93phMkoF7jb2ZDf3RI0r74krznZmragP9XJbRIeeYikqqPFkcw4wQ&sai=AMfl-YQUajd0RE8hD32upcX0uxW1MgYqKEBvhzyom5f-QkMtnvStIDAWAhtBM4V1Ljt0xwC-dZM9ZbKIfMAGESH3ECYBts4MwCWDekppApU8S6PKpgrHuLboGdZb-R4zARDVbwEu97_lABQeH1ksJ6VJrYtq7WNXehvSgL9N1m6kKF8duGn4efhGphjUJYGGcZBlx7CJsqF9HdjJfiNtFzupdKGVjvds9GJkypO-bps7ynBSXkfBZp61ys9wCOe1P0D4QP_FayBhAPbMwesP1FiCq9zvp_M9hG1tHaby8Y4inxuWdeMl9a8lq67UBY2TTm3J8Bm4up-Vexz__P7PONir7wAzUgRK2RKVKOykeCdQ1_v9Fbpn8n5qzT1GxTFDE66RX1f6K73N4hXsoJn49JH7MGHZN-g0teW9_aytyUm2_UuCVCF5YYXgfNRDUcyPpGk2waG8JHmp5rSLlOVxcLK1NCDXbTsu66UYe-IogoUccNAUS7LzWaCVfOjTwSllvAv08jidz5I&sig=Cg0ArKJSzECiF4-is5LBEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly92aWdhbGV4LnBs&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=651&cbvp=2&dett=2&cstd=0&cisv=r20231109.47687&arae=0&ftch=1&adurl=
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 2774 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstuM6EgpR7PL02Rp3pq6Y9_5BPGCZO2BM_opGJ_4M3Ti5pkdZlVMp_-iAP1bBqhFypmr0smctDgdeWh2MictZ7PBHyMxvKQYoIJkNsff5U7ULpZTXuXQnmlI1OvfNKTTyMuoB9zq2lGninsnv9JzzQbEk4v7Pw_0oPGeMf-MIBYrPwOIMMk-Ggiq-Sdh1eH8A3q13xhV5N__YAq5VddLpWLxGWPI5SQIPoCwKEFg7Pvzt3gJRnTpHNn9gFKj2fm93ZFjpAma4QdwGNvlwMR4kP6sXYa6cMr0FDl9fCYs1-WslnujWbmeTzHcBiLifSVUyh8t07VNcwSBpLTwJVPBVDY6Uhe1c9LKKV2LM2KiU_3uqOTZfTz8v4rKu4vjTaWr8MLw7jOS6PP1tVb5k03KYV8_eu-VvenMKWzjrhs3cm05BM-rK2Vg2_Xwqovtzm67lFgzX1LqW7yAO3bDJjHq39i8y1SxrtSXOdEO4AeCDMDeM1aBqW9a-DbccoLWe-lwwpNLjjyREc32AGWSWTfue5U6yRpUPjDFaA2CFo7UTIbbn75Zo4tRZfC2pApkTMhKK5zzKSNViZ30WxIaALko7Yjfurw0_qjzpn1krkvoWOa_AT01pBGZ_Zt-bK2ip6fyoxRZfAYXUZZG7DcJBcwFIE_13OYXYLKQ0Fq_ZLRTgN5trMxBBqIulxvbIlZiUsGf8xhHNlZHjnUZ1SHOJk2FzhLICUdsxJTXqVQ2BnwRXj_1lPfqYGyhgoxYQC6n44rjQvFIzbWDhaqYi3Lt1krEuPS8ADVO2Dr1pLVxuLewLOoIaUzKeA0ygtPXzLcOFBx2j5gdciSE8VtpS4hC1nzX_UZ1NSC90qowvF4hhUVxX76s_fdxuXo3WOB6-XzCPVThFqWnn6AT47DJ5RdAJ-cf-ikT3z-MeIlSA8yFc7enJG1UyJcIal-6zr_zhJ9Hh-6wuJtru9dwKn7IoEu2zRWwIv1-CNbeTQK0zkH2dHi6F2lew4tgTYvd24iDFqZGB_70fmdVqIjtIOR9vkKWpGKgWD41DBk1zA96bpz4CJ5xOY7Tzu6i_wf392VX0T1lNDFt3IAZLgYv1kdNGOdaFnCz9kCM6km7PHLL9xhVXnKzUzTupswfe7Kmaep1tVBi3deVKA0YVX_p-8BSLAng3BPinqDTiMZYlj2lmMqYXdQwGz4FkBTX_tUtIKWQQyzmejAQMgTrJKT7coMsVcpjXJnB-JQWvxu13F4DFsDUC9y8hDX06PxMSQoL3mr0uItHKRYzsP1UNYPLNdUCkbia53K2cQg8wc&sai=AMfl-YRfM0Q4qdqvOqxpulxnwDWMKgDAfEw7mwT2Sok8bgdsOX9ydyeMdH3uLRBXEkdE23vtOkYYbPB6Gt8eJ_HaxALzQxmqhWOp43nbRXsK1ZGY7yB8u5R-5aNr5HXOvdwRpAfVuofQRLImIhkRyjX3CdYWcLdDqkOZiOnEM5ycaDY3TxCDPupBMegDu-VXTj5DS3-e_YeuOUrhGTUf8Snmg7XvDqLY_1pSPYruDMuNMdbi9Qp9Wqnl7fkIkp2VamvmkzvHbabeYEEkpqE78x-HRb2lRY0O8-SUdfijNBIN704hUO4zNvBC-1lnV4VXryDa-GYU-3ZcEO-EKMwRXk5Gafo4qaQIxuSu0Vd3nVqi7f73CxfbJ4K5ZScXHDqNryXTXo8vWlcumJip4vlhi-qiXWdCAQEA9EO87TY8xyPuZLN14h-Kr0VA3bbiArzAlqyNowjrplLbupb5ZWY1abDZq8-wpyw9oos0bkV4EGxagnLa-X10FDgn7fB8fA4Ec1KUjIKI6kU&sig=Cg0ArKJSzA3q4KrlM3dQEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly92aWdhbGV4LnBs&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=622&cbvp=2&dett=2&cstd=0&cisv=r20231109.57465&arae=0&ftch=1&adurl=
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sb_getmessages.php
winxblogger.pl/infusions/sb_panel/ 		0
0
generate_204
tpc.googlesyndication.com/ Frame 40AB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JwBhRA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
_728x90_f1.jpg
s0.2mdn.net/sadbundle/8079234748677496062/ Frame 66C4 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8079234748677496062/_728x90_f1.jpg?1669980931512
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
30d828f12f19ead5d82aa48065f2f44155e312f8d29993f2cc0f5eb344e28f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 21:26:11 GMT
x-content-type-options
nosniff
age
483077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61733
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 07:21:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 21:26:11 GMT
view
ad.doubleclick.net/pcs/ Frame F040 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsthVAaVFWYpsUVduN5iQnJYVDctRHjYVWERBt51_ekOF79_PBNkMAiB2u0jgWm_zJQJ15eqleKRY0rsllrH71mwzwA8O7vYNZ2SB_Ckmq-rJjh2mQs-aydRdywCr0387uWZzpTEQZUBe1KwnK_pT70sDYK1eGh3gMkvwYSEd2wM5bOLhmzGP06Zet_L5P_TboEu6vMA1HtCXeonfoSVa_WEI-65QEen-MY6MJt7PEHTvH95TSugf7ADca_Ci7m-NCmOfcawlB2a7qzydZHabc7ga3-zZx36aTfrs2HsxoAT6D1IoYzR4LFOvasI_dZYzir6H5kJ6bOw5RzjFdhThqRQvDAzeGLv9xra-pSh40gIrsd472mO6xzolnolUapOKHCYJ3M6sNgPobZwiIfYcsBxgMKrn57pIgcShbQptCha5nrRg6a1lp7nN81hzlFa8XMkf1HVlI4O4X4-EOxW4ZLMzJO_G0hTThtuOItoEfqhvkBexVfY3Km56VgOtCuJtl5VMeb2L6GMM5TvXhUR1XWEiW_udST92HuAmLzrxxoLTbAtqgncpeU-O3LMwFc9GXwqX4YbuNI3W6fpq19IDDHvZWmHtxR0M2vH7xCGyhT3gJ6vzNHRTLSf-FMJYS4d6BJ5jsENzuXNChVz4SB2Yzvf0VFExbOeWQKJum84dP3RMz8D_sJF8vqQKmCM9Qth2rqFuY1qGs3srm_K3rpWhGabF35qibr1GftQx813cEGf26qVUCQ5SxTF6MHiueEnEzzC6AN5UBM1gTlIYNoFkUsg7NGrwAjH2BzjcGIkwHc6iFc6eAod8amf-tFqMc9HS3lRxANjEELvO4_On5pr_oBdZnZoVSt2bhWmA-CM6QqeSNwDFCxZbZ0aLFy_Or9z7DDCQhLoIw7e4ySk5nsVMocxVNqX4yp9XUXtdmfIItFV3pFYxti5Y2fAdB__soQfSWcivAybWHmJoR4PNjWFbxFKSYCpJXzWKcKBfiNNPS5t53Azwse37TBMkVjLPeKsBwBETVYJnKm78VzOajRZobk-IqBhw-HqVwL15VV58ZNgKhGB0f4UjlsFM4ticfu4U14s8a9uOlOkhKPzhbcGLPRMDcCoCb6s6Qb7wJlIiw1S0tWESwNfLlrTlsPVWmWk6B854hArdwQeGlA9CKlYcEti0qJQEpQ3toJKDjcRSeMdaxT3oiemvWqkF6Nr3ZLZVQOR9ZCB77pOHo1OAc_h-XssgUcbCnArV38DGypx2C-2ibkCRMLA5POXTO3hY7N8gu0qhX37T6kiVHybG5dlNlf61AYTJhtNjwcHW47ihMvdvxH42RKLiA&sai=AMfl-YSuK3zq9NFZVcBl04AFdCZFYLcT3TsfXVaC-CYKaNFCja3mMoCxUqRx7FpVD_ckwkKzIF07Ced2dM7OIrUrJl5iuE_l1afC7NXpAqIBCHlMNeMQq09UBxOwLj3uyymWaDzJXR2VxbTTkO_V5ffMvU56oSysTQbZS725wR3mtP7OucF4ydG2SytKyGJsW9uxRE1Pv9eUgVKAENUhycvsLtA4wndm2UYdbT7WIxBcseBE_4VY6D3grRVifVf-8D5e8YRW-Okil7YrInu5oQH2nmJ3svKGkaqnHvcijdlBzaLQtLjF1mcDZgXnpPHZGWau10xzPkJjbRcPRJ4q6qWJqVIQ1WzEKQVy096YpBPRf5qmfI8A-wcHZT3_AsdIA_qsIkITE932QLIhhG4llIGfcbjCt_ROr_exnNDjJjCT1SmEGgHiIOCJ3DgeD8Wdahz4posYfSracbqAWHaLyNrVhorWxi92WaYhHTrIzqJYcuJwHM4sGzxZ1sgmg3SpDdafp0BuZ6I&sig=Cg0ArKJSzNWjr64yRU08EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9uaXNzYW4ucGw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=634&vt=11&dtpt=403&dett=3&cstd=228&cisv=r20231109.67254&arae=0&ftch=1&adurl=
Requested by
Host: winxblogger.pl
URL: http://winxblogger.pl/news.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
track.adform.net/adfserve/ Frame 7220 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=69667956;rtbwp=ZV85dwAN9hcA-RP_AAXwF1W-41-7SXv-wItyMw;rtbdata=2uP2OEcU20IXDiq9JehIZX6PbI7G9XcO1-HDow43qYUMggRtXgRkLA6lzVbaIVSCnOLbdqyZz5sEsZ50j4vUJs8GvgRGt4CIi0DyJp1arwfK7ffrV4Rm-ccdOlpPtcEMsJNjdPi-S2AdXuzj-rsOrjzzdKl4Qviis63S34FvOmnzbRMUozWjDaeoa6EBuBrqcso7vQ5pGPepf_xMbeNyoIwbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBeihy17cMAys1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Clv3edzlfZZfsN_-n5LcPl-CXYMSzoJRcvtC4heUCwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU2MDYzMjczNjQ4MzcwNzHIAQmpAlp3KTsNpYM-qAMByAMCqgTQAU_QTq2Qn-K-RRlQAQ8qKipygKXpbyoQP3I19akcmzVN4IZWyKLcRvRZ1AEL7O1IEBQ5C3scYbVReXsNwHywRy2OYfe9VTwzbBf8afHK5lO_w4CB2OKXxEjcTyAEynSQK0Ph-zatDTmA3MP7JqQm0fdypuAwibrDirU1iTPe4IxUU_gESqLdIwPAJLxFSHa8TL4zz29-tWiwNlEXKNpSK5LlD6ENzeTtJd8H2eCNr9MItnTFrHObYgHTVamJMXVWuIFeNGPskYEDua5TZHnqcA-ABqLFiuLWyoXyQaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_1_DQOsva_nW2TlImeTH6SLewiBig&client=ca-pub-5606327364837071&adurl=;js=1;adfxid=1x;7902;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Fwinxblogger.pl
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6c4fd4fcef70e9f50847cfdc11451199ab57b481a103f21dda9650d21f9cc443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3162
expires
-1
csi
csi.gstatic.com/ Frame 0808 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lpb4ct7h&c=4659511764219&slotId=2329755882109.5&qqid=CJzz65SE2oIDFTgH-QAdBX8DSQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231115_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f195.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 0808 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231115_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 22:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Nov 2024 22:32:49 GMT
file.mp4
r5---sn-f5f7kn7z.c.2mdn.net/videoplayback/id/93442e4ad872fcd1/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732275448/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0808
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/93442e4ad872fcd1/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732275448/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r5---sn-f5f7kn7z.c.2mdn.net/videoplayback/id/93442e4ad872fcd1/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732275448/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r5---sn-f5f7kn7z.c.2mdn.net/videoplayback/id/93442e4ad872fcd1/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732275448/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7ED09004F35836AE5131C646AA245133656C1FF8.24D6262ADC3F8F4A3CCABE3126F498D0D42F86BA/key/cms1/cms_redirect/yes/mh/2Y/mip/176.67.86.82/mm/42/mn/sn-f5f7kn7z/ms/onc/mt/1700739047/mv/u/mvi/5/pl/24/file/file.mp4
Protocol
HTTP/1.1
Server
74.125.108.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw07s04-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 11:37:29 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4066536
Last-Modified
Wed, 15 Nov 2023 12:05:38 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 23 Nov 2023 11:37:29 GMT

Redirect headers

date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
641
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r5---sn-f5f7kn7z.c.2mdn.net/videoplayback/id/93442e4ad872fcd1/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732275448/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7ED09004F35836AE5131C646AA245133656C1FF8.24D6262ADC3F8F4A3CCABE3126F498D0D42F86BA/key/cms1/cms_redirect/yes/mh/2Y/mip/176.67.86.82/mm/42/mn/sn-f5f7kn7z/ms/onc/mt/1700739047/mv/u/mvi/5/pl/24/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBA6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BkDGFdzlfZd3bC7iO5LcPhf6NyAQAAAAAOAHgBAI&bg=!RkWlRQrNAAZxrfrxUa07ADQBe5WfOLIDRi2vowLLep2gtciDNP1H4zh-LWLE9i2V56UYZnQGzCYFwol--Jyf8TglydyMAgAAAadSAAAAAmgBB5kDBuTTHb3ivTv9n66R7LeiHnInxICxcBpOYXU4dQnDwoYXywxr9IsktczmeCS178hEQA24hM4ymws7v5J_TN3QoEPNjIzMA-wPDwdVhAT0HERnzjDaiLxCmsTCHVdyhugguw3pTG-f0RCwBfousRViE_fyAo9Wgg6ia8IvUYgVii2rFDvw65LLHvZVYIkMtQBGhK-Eq3wJn84mgTjB214Sg-9nVC-a04HlIKWiYggQoShGS5N0JFmm-rbc5B2b7eOU4i7KAhIYuAEIwtGPugQXqelMELFeBNsD8Mn1urnf4mji0JeIy-07eMgdMQYrMdBLn5x0C42Lrkf3Hw-CoNz4dyiiq3_3iKu6qMjykj7BtOSH2Fh45GwFNWclP5UMPVtreCtFF7k-ZWfe7yb03DfPDDRcoZ1ofeal3wGnyA8x5FfZg6ZwKD7r6u7hnuK6tPAbmoo6cR-1oEAB0jZHgO6jF0JJLKNq2-X4PgNg4tIznzhJxy-qf020mFZX4OfaFnCY6j3B0XX377DbzYZ2KfjO_Dx8nwTkrGmlRejoODQHoA0pn3qr7AqUPoRQnY8zQNlr4iF-SOW2iGtgSyHAPHE4AKHifeZIKWXfakDaWWuQqMUIdgJyspl0RsWOIpXPFr6WAsdaVtbtJ8oSJfMKC9eMR3K87jP2es-7b9mQFS8Z3t_pCsNJB3mna_1WLRC2Fy5IUuGEZOIICHtkufji9YEekP1ljugmeE_LCCt-OX5498FHf6I8SxwignLDWS0YIovQeAFQihjs-d1ukAlbeTubJPs1TlJOHSw0AVEC7mf2D3fNZu4eRsTBnRGG_IUUOljbDh-6cvpPlSP75rlGrXn7hGmL0WVmvLL6VlU1QPB6zlh3LH4DGSFY2MUHg_jy4SkFDOy45jUH36EAoRBNWUN8OdXAGM3I0zF4jnv8co16ZaRRmE6AljZd7i4drWvYPqvBROFL7R__PCRnZv0bVRghtU_BUziEyRK-xr7IBHvXO_Q6iDx_4MITd0RXr7YcdV-Vk2svcGpTVg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_728x90_f2.jpg
s0.2mdn.net/sadbundle/8079234748677496062/ Frame 66C4 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8079234748677496062/_728x90_f2.jpg?1669980931512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
02232988d3ac3e928fdc8c56515e2b4756ef764919d1f398b045094a75c62b8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 07:52:35 GMT
x-content-type-options
nosniff
age
445493
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64219
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 07:21:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Nov 2024 07:52:35 GMT
inlgis.php
system360.inistrack.net/d/ Frame 7220 		43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://system360.inistrack.net/d/inlgis.php?inisTrack=df-b-vPb-&bannerid=189918&OXLIA=1&zoneid=600808&rnd=29352
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.253.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-253-16.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AC07 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
50435
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Thu, 23 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7220 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a63d519d4a91e5d1cc93aaf4206fb0f327a082c7f13077a038c1ad04efff3fa8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62E7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BVgSqdzlfZd7bC7iO5LcPhf6NyAQAAAAAOAHgBAI&bg=!7u2l7aLNAAZxrfrxUa07ADQBe5WfOE0KTwRUtfbS1TWhMkUw4OvUwmEt_V8vYEgMKjyNiNWJAbbTX9jFZELZGbCDOUsQAgAAAdNSAAAABGgBB5kC_aNpjadmfxKiOFLVBAQJ6BhdyDSG8rZ9RlWUZ3o2-nwpPvhJdlJm1yKL3jT8Z5AMItnKops7h5-aRvk2kIhYNOWMi7RbeR-j0oy0yjfjkFB-fzCFfqOjy-34CWpf_5TmylPSmBvMVCS--PuzVP3GYSFO-6Rvpquj9_xrfSBB05fcc4n9MuArwJ1AsSRVESGzQbrVNQhpAdhr0bUjgI9Zh3IpnDMKAp06-Znie6c2F5kkJtPnlvX3rG7qPwP9KMlZnA-peTtjGVNnPEC-HbJii5n_VX281StmiaysNWxyFrCvxC5TiT81fYS0HWWCgJd8mX0Qv_LRSjo3ZnIYhBGDeXrzXddf4rNdcV-iAo8SCHyazBoNtcwz7e0x31Jnf3B2Wvs0XMVgEmrTqPppSGB1pPiQrOaX0ITQCYtYrnF0-kwVvuNxJIO6O1ifC8SqRb1BFZb0Boju8vKOO17zxOfD2xs8-fbe0tMS9LJ-flrVNNrRViS6mOlBI6fW-iKNXNhLDJlouP_4XkJTJ-RF2S4nKWMq_-R39eCsVtliSQYXVDbGj_-B_9jBANYhtexN2SlxLRRT60KwjqsFph4-4rE2rFKf15K2aQX85OOaRv10oQAnPmXhePPWBsVObXgifJ9l38_2rZyFg0cAuD8yF6YPBOXFSKH-OSV89aUKn5OXQ6s_bzXa7unE1UC2iPLxu2uZSEo3jZLiAaOfv-J8FmYGwUquf9iu_NxNVON8hnuSp2WTnTjanO4QdG8OY5b0dglMD6przabvoQpZsQGx6WIio6dZxGmg51tf1hAQwKIn1MCb65302K1jfJBMgPwnMvXxTUtFeFm-nmzb17RFyfGpD3-2Xp0KaWfKu7Z9PAWqnUgK6c-bpPAbtuAeQT91gdYrTJojuZVLlI-kNh4H6IBGkmVL1mZ1eS98MpLaiOLJIJw2jJ1Ky5Qb4Q2ODvug0IMgvwnRBZaHkSPHX00m93-PY63ID1fYlnrlL-so1-Gqf9zIZUJ_624GFAlJHmKq5g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 7220 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78825f2c0d076c5ece3f855790f01561ee9f71e52babe220c3931299bd51e6ed

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:21 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame B9C5 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
467035
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 01:53:33 GMT
expires
Sun, 17 Nov 2024 01:53:33 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D72 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1jL7dzlfZd_bC7iO5LcPhf6NyAQAAAAAOAHgBAI&bg=!19Sl1JvNAAZxrfrxUa07ADQBe5WfOKKOgA2D2CtX636XuVaYbxJdKtzZXoZ8e1cMCusfIThDuFj2bRvRNSCDJat5YAJmAgAAAaNSAAAAA2gBB5kDB8ibmrUyGhiLMm-0l9ZVfEdpGF4B6DLOD81a59D2C8aN5ueDY-pYmsQ9dUfI0D-c2MCmYAbxX25l_wXHNvUkpcFJ2isgyxEYyjoc_vhwrF34JX43e8QsKXY41SlkuNez9Nbiy0nBCTKyblsg3PSL6vxW8MPv1CJj9mS2qXLG3Hf1ciFcknBN27k2IQ-fbYiAX8mNLfsRWrwHPorz8bK-qXWAnW6cB_6KrrlVi2onORFcZbGwsvOd5PQbDNdn0hK96cJS0jhYyzk0pwjFNsc_cYqsZVwodW-668VyRTFSTYt7bfi1dSP0vR8Gmn23gZDVxcbUvMvtGzq0CRG6y3SbXGR870mshg5oddhcLC5NdS-YQuNrjAtKYi5sYN2-9lHDZCmtw7mdyvP0qia7VzzUYU_jhgwS7dJc36x1lfhGdBPSVYYW_ZNaIfji2hoasLkSucb60LbeeY_M_KuoReeackJvO9qjGmppESYLpl-v_tlY96vT8l5xekhc0Tk_uwnl05jXSZOISVlD0XnOUPjV__tYhE9fD-ovytqnPcNXWydiYFKO_OZOThZ08UpSg2VKEkuEU-DeLyC7mKwKQVNIfZVlVa30xcGy0I32HdnYfHAG33BToaBnhjlDkqXBvlsPevaL712zfkr4bgRJVNxXyeGt6BS3cohfgfslDTLKeTt-YrsWHNl11pmUvdqRmU4ScdxZMHZsTQHtGR6I_ezFXHhEMa5kVTSb96hXHCsqvF9_agxpGzvWRRhXVUml1_-_7Fe08yZ_1sB9bWYEkOmcLxkomG2rDLQunIXI0QgY6IF41FLBnZ8jB7ucl6x94n5EQ0JUXWsQsLwar-bfKlsu7bvaIumJ9iVwbHf5Dr__Api7_fP_b5vYyiC-DPGuIoWtKzZqPzHMXbsejs-KyhMICBLVSmWkBMZxPJtpK5mYprQ2JXN7znboTX9TDUbWn3pL_tWg3kqbgPYfET-wSCmVk8pKRBt4MpQTmRGJ10BvbYgFo34tXB9Eh2IDkA_9Wmn6SG8joZmyhuE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AC07
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENqAri-kr1_PRt9M7igbjII&google_cver=1&google_push=AXcoOmRJjlKbTmgdEdqWNQSeUU-QxdKtyduWySJV5F_9OVuZEyVdVmPub-uHIUnEmMg_TqGwFfMEjwT155kdzXfGfBgDCwsWO9GUm...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzU4NTgzODYwNTQyNjI2NjIyMw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1YWkcpldrLlq8pLNS5sk0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1YWkcpldrLlq8pLNS5sk0&google_cver=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN1YWkcpldrLlq8pLNS5sk0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame AC07 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAu5CW6MvF-YAT05UiPNE_4&google_cver=1&google_push=AXcoOmSSh22mSZZFOuoCWv5jASKIkWO7l57bHG5BR7iTiPEfjz8FrnbUzWRjKo-29K6F4pDkoFysVBMyOvzs3UOmjsOW5qT3MB_lfaKr3qgiEtEjh1ByzjaDjy9BD7Z_tSvW-znFnfLe5kN0mARrmZX_GeulecA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams02-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame AC07
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMsaItrg3ImnCaSuwTz0Bls&google_cver=1&google_push=AXcoOmRgL7605uVgkrzkM1RzZjrbVymDVvUTh9y78jDZWH57I4N_tQddsuRaKkvrHfNY2EoquzokEqXwY_V2XwJIJWgHztvGHHDHz...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMsaItrg3ImnCaSuwTz0Bls&google_cver=1&google_push=AXcoOmRgL7605uVgkrzkM1RzZjrbVymDVvUTh9y78jDZWH57I4N_tQddsuRaKkvrHfNY2EoquzokEqXwY_V2XwJIJWgHztvGHHD...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMsaItrg3ImnCaSuwTz0Bls&google_cver=1&google_push=AXcoOmRgL7605uVgkrzkM1RzZjrbVymDVvUTh9y78jDZWH57I4N_tQddsuRaKkvrHfNY2EoquzokEqXwY_V2XwJIJWgHztvGHHDHzlZdxTTPYu2WWZJAyKc5MtsPC8iK1j5pWM8W-W-EdDGrCjuOeqNp1QlC1jg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRgL7605uVgkrzkM1RzZjrbVymDVvUTh9y78jDZWH57I4N_tQddsuRaKkvrHfNY2EoquzokEqXwY_V2XwJIJWgHztvGHHDHzlZdxTTPYu2WWZJAyKc5MtsPC8iK1j5pWM8W-W-EdDGrCjuOeqNp1QlC1jg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82a91ed5ce5334d3-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1758
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMsaItrg3ImnCaSuwTz0Bls&google_cver=1&google_push=AXcoOmRgL7605uVgkrzkM1RzZjrbVymDVvUTh9y78jDZWH57I4N_tQddsuRaKkvrHfNY2EoquzokEqXwY_V2XwJIJWgHztvGHHDHzlZdxTTPYu2WWZJAyKc5MtsPC8iK1j5pWM8W-W-EdDGrCjuOeqNp1QlC1jg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRgL7605uVgkrzkM1RzZjrbVymDVvUTh9y78jDZWH57I4N_tQddsuRaKkvrHfNY2EoquzokEqXwY_V2XwJIJWgHztvGHHDHzlZdxTTPYu2WWZJAyKc5MtsPC8iK1j5pWM8W-W-EdDGrCjuOeqNp1QlC1jg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82a91ed47c3b34d3-WAW
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame AC07 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGUgDFF3wBZyxfb_qXEtzyE&google_cver=1&google_push=AXcoOmSwA_ZAGN1NFoAmBCpltzECGHlFENUHRWhg6yp3VBpDhfjJZho5Em3UBawmc2Xt3vTjs2HyWTH0Zy1NqrSLLXvaLvAUH_lrBd-rvkx_a5D-FpsjC5PXy-BuRyXlLaYEbiQYmgrTutyPYS8-ufCpousvIA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame AC07 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJikk6_e5ZY8bWXQ54PnW3k&google_cver=1&google_push=AXcoOmS7QSQj74zjkAJ2en2eFdSFcck3b-3yIUJYAltLJRABSSdEQDtpMldYi2eOpQfzLqBKZb8vmkEyVAY6s-9502yHo-KJGBQiAkKlVpfzRrV0Snugb06Pi8mS-f3cwvXYBWfED_RdwFXQ3GA9Tf5U4WRmn1M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.149.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-149-147.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame AC07
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEpL1ApZEn0zUM8_uG-oXCw&google_cver=1&google_push=AXcoOmSbzfk1qCsBSIyGohZlSJwo9DXwjPlShEfm_7zAPQCou6oXwESPPWnVrQniq7eFZRpMtZYXoxc6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzMjk2NzI4MzA5NTYwMDc0NA&google_push=AXcoOmSbzfk1qCsBSIyGohZlSJwo9DXwjPlShEfm_7zAPQCou6oXwESPPWnVrQniq7eFZRpMtZYXox...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzMjk2NzI4MzA5NTYwMDc0NA&google_push=AXcoOmSbzfk1qCsBSIyGohZlSJwo9DXwjPlShEfm_7zAPQCou6oXwESPPWnVrQniq7eFZRpMtZYXoxc6duyqrI7Y2gWYMwyb2ZIs5BTkf20EHGeHqnRtfEgaqMiIfwGfYzF1B1_mq6eN0izssH7AF6mLZjcVEA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzMjk2NzI4MzA5NTYwMDc0NA&google_push=AXcoOmSbzfk1qCsBSIyGohZlSJwo9DXwjPlShEfm_7zAPQCou6oXwESPPWnVrQniq7eFZRpMtZYXoxc6duyqrI7Y2gWYMwyb2ZIs5BTkf20EHGeHqnRtfEgaqMiIfwGfYzF1B1_mq6eN0izssH7AF6mLZjcVEA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame AC07
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEGWaQtmcmkxdNtfsgf8Dzc&google_cver=1&google_push=AXcoOmR1A1szZ84XvN23opUYERynG-48ffPeaBq0-S_An_gq0QdoXxgqnoKdT8Sb6QMb_LWIRS-3bMkC6GH6...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR1A1szZ84XvN23opUYERynG-48ffPeaBq0-S_An_gq0QdoXxgqnoKdT8Sb6QMb_LWIRS-3bMkC6GH6uEO0aJiDdBd9A3I8IN_H4CmEWKF65vNA3-PA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR1A1szZ84XvN23opUYERynG-48ffPeaBq0-S_An_gq0QdoXxgqnoKdT8Sb6QMb_LWIRS-3bMkC6GH6uEO0aJiDdBd9A3I8IN_H4CmEWKF65vNA3-PAohxxBTkH6NfmbzrEPNZkCsZVce4zpMvbjjWjvQ0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR1A1szZ84XvN23opUYERynG-48ffPeaBq0-S_An_gq0QdoXxgqnoKdT8Sb6QMb_LWIRS-3bMkC6GH6uEO0aJiDdBd9A3I8IN_H4CmEWKF65vNA3-PAohxxBTkH6NfmbzrEPNZkCsZVce4zpMvbjjWjvQ0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame AC07 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2DQT-YLAK76NHGEDag675deR-dhmV7OjptS8HqbnxeV0LsvSuYjkeRqk-xqJbn-ZrN7lm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
nissan_logo.png
s0.2mdn.net/sadbundle/8079234748677496062/ Frame 66C4 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8079234748677496062/nissan_logo.png?1669980931512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
c2e88cefccd9563873efaebe5633bf2bb67f3a5550826ee161a0047b16051da8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8079234748677496062/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:12:09 GMT
x-content-type-options
nosniff
age
455119
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20402
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 07:21:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Nov 2024 05:12:09 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame B9C5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
130561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
/
track.adform.net/csimpr/ Frame 7220 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=69667956&csi=Q8gwe_6mNZGSdB7LwDANUt9wBSX7AVQZKQ4szyaDRJTrygPkIxxfk8JnS7WC7G_3wM9mAaKddmNPzHxZE6mjeWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
61416275.jpg
s1.adform.net/Banners/61416275/ Frame 7220 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/61416275/61416275.jpg?bv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a0912faa68cb6ec945e65cb161ceea88efab1d53e88cc7d03929905dfabb78b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 11:37:29 GMT
last-modified
Fri, 17 Nov 2023 11:36:28 GMT
server
nginx
x-amz-request-id
tx0000027aada04e4f4406e-00655d3be2-32959e94-default
etag
"10272d28bd5afc1d44316c5de6a03e7a"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
41171
adview
googleads.g.doubleclick.net/pagead/ Frame 7220 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNgp8dzlfZZfsN_-n5LcPl-CXYMSzoJRcvtC4heUCwI23ARABIABg6eTJhdgaggEXY2EtcHViLTU2MDYzMjczNjQ4MzcwNzHIAQmpAlp3KTsNpYM-qAMByAMCqgTNAU_QTq2Qn-K-RRlQAQ8qKipygKXpbyoQP3I19akcmzVN4IZWyKLcRvRZ1AEL7O1IEBQ5C3scYbVReXsNwHywRy2OYfe9VTwzbBf8afHK5lO_w4CB2OKXxEjcTyAEynSQK0Ph-zatDTmA3MP7JqQm0fdypuAwibrDirU1iTPe4IxUU_gESqLdIwPAJLxFSHa8TL4zz29-tWiwNlEXKNpSK5LlD6ENzeTtZ90mS1VzdJvEbSIXf3ROmQzHXwqDH23_f0pZ4ZJCj60bDnWQLLWABqLFiuLWyoXyQaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NjA2MzI3MzY0ODM3MDcxGAA&sigh=qoQ1UXCSRUE&uach_m=%5BUACH%5D&cid=CAQSPADICaaN8082doEAVo7h5xXFDVuEj2XLoxWqwGh4r16oC3KgcQ44VHVu8wIiwNS1CCZpnGCe_AsCNH5QJxgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5606327364837071&output=html&h=600&adk=1398050571&adf=3545918959&pi=t.aa~a.3889952422~i.6~rp.1&w=166&fwrn=4&fwrnh=100&lmt=1700739447&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6132498753&ad_type=text_image&format=166x600&url=http%3A%2F%2Fwinxblogger.pl%2Fnews.php&ea=0&fwr=0&pra=3&rh=139&rw=166&rpe=1&resp_fmts=4&wgl=1&fa=27&dt=1700739447801&bpp=1&bdt=1704&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D852719c64e4f687f%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ&gpic=UID%3D00000cd8b3bbeb3e%3AT%3D1700739447%3ART%3D1700739447%3AS%3DALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6274079187665&frm=20&pv=1&ga_vid=480901588.1700739447&ga_sid=1700739447&ga_hid=1605583620&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1126&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C42532523%2C44785292%2C31078297%2C31079756%2C44807763%2C44808148%2C44808284%2C44809055%2C318512602&oid=2&pvsid=1583295395334079&tmod=1134467605&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 23 Nov 2023 11:37:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B9C5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BG6CFeDlfZd_uJMuy2fcPjImJwA4AAAAAOAHgBAI&bg=!ra6lruHNAAZxrfrxUa07ADQBe5WfON2bhUM6qx8LGl9wHxLV_OmBkwDekOKSXZrawc8H6HzmkAL0k5E1tQ6EFrKrL4a-AgAAAFNSAAAABWgBBwoALa9IDmUNt9TEpOd5FK323fwhBdMJA-bN2weZiI0OxWrNQU2ws5L4wyhKK5NthJkDDTuI7y_b7bhnSf3xa_Sl-C4WGq-XMeCkbuQe7IfT3ZReUM5I7MDpaR_g9vuZ7axcTFA9glntmowxVWuRJWvGrJyENPiCInJ6_J_H0MZoKWZ29pq-NJwlkOiNHce1QuanyW_xoSiIioYaspQq6C9-v7O3Vaqw3I7E4Ov9FjpO9dQpbi9ieHhTRm51Pua_z22io4nzFeVAuSHwl4e0F795Hb58QUe2vBz1ocCwlsScD5hol22YvZaWU81pGEJk8tJ0wXXhtA-q0p6fNl1Yj8587cF6J5m3ll-fxjAbscf60CjP4MaP5Q3jwfMduIZRpCXprXaqBUO9WOd-0AQnJcL4OXLjHAXSByK-_OQDgOzWHB2jyaeZA7HqU-tHturUwi1GYB2Or8-imCm_tjX2kdOQhZRJJTpxgG5-3CxVwN3yxh78cYFxPgiJGtroXKl2QNY-uUweZtItoZ1rgkueqVdqGLgijvcDksO7vmb7ZmThWtIpmNye8Us-8Pd07mORsu6BbvtQL-Wr3rFnYRHGKDZkhY2ETaUJE3ko-96gb5DdhDVO8zfHzJwLBtiHyhG5NmcE_e7DlEvFn3lXkAXaTH63loEGP-wFWRjepz56lvBgwa1WymLJ6b3MN_Xhplkh4OQFQU61c5tTIh7RaaqRI7-JFdbKtAFMvLgKjMjAlCebq4NLycGbWyErWGstezhMoJS0yDaiMMrUfn2VChwJdLs9CVUHYgirgdhGenH6ScQ5HyG5Xwp9lsc3jakX-pNdFPrzRzGpZdYLflBM42HmpSUewZ3wTmBaLrYIBCXYXUxDDVSTI2ihZA_ecEZjVg074anwwv8ELQnLaUEarRfjeCT8PSCwwHAn8rmWMenDG7cbLYUyRXHdvJe_CYIz4CQfahkBgfC0OC7SB87lucL4asKogl50XRmcPnESjViI6iLEtoHFHZ1SWtmtlhb-BOGM-r8APKKPTY_H3WQ3mjU6c2QYs9bMXMiMCoUWAr9JRlbQpUEAebxEQfJJpa76T090jotnkUrS7WKyq8MoZqRz_0s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1583295395334079&bg=!FxSlFFvNAAZxrfrxUa07ADQBe5WfOE8u2DWcUpU5eVG7pZFvPzoqwTdSkBQPl74ge0nEmqhl9c7AV-TnFZp08dnM8AGtAgAAAflSAAAABGgBB5kCwtViZdM0ZIR4ruhK5ZGx4xb3fRzAiVM4IeSGgunJLKOgOVbOj_-fCVP-Af5T6HpRa4x0_efBc4u9BcL8EYW0C1_kQ2YOMcsEnhGkllgz8puLeWwVh4H1buiokxLcgqu2hhEgoAxfExI9xTDWJ_D7bokW9s_xwd6fAJRPKmJXvp9LYMJhC-RlFHCNBuBcQYHsJs6ztMVrlHmz_EEatu0rGdULz6vCmSVfxD6WNsBNo5HiSXD63T5Ukn85X8Da964eh9JJHO2sIi_RLSWJwd8OVrjfKHke-LPFuRUowb4CIDVIrzF_jtOu5QsRfaLP0JgIIO9w2bhYN6pl1XQb_8fkc9tpzij3RUxgocNtzjz1s5x6KjcTPUsSF36lV1W7vo3FgAXIwfqD1hYISmYl8V2VEuUzGPjktFobShJSYLGzZUGV4pxW4o22x7bMLIm4ttM17ldaD8VqsPCBnMmYW5ZyNse72dLcVCLdkjiGoppbQeWnCPYHjA9FDKfilEDbxWD57Uolh_nbLfA0dqUTOYx2eO4rT7MFsN8foHkktXuNld3MP6gPqo6zGSHyclFNcfXFboj3V3dmpt3NtDvCYCuxepwThVjtlHc4ssBHJHXoTVNuEk5NYJFktOYeBtWi7qR2pGcSLbG-MMFxgzRjxwgjTfueDfdhLwQ09D_vdRufFXXQByr7XAcVQZSarPXZ2CL9WZR_GqCcLFZWX5f-ngSdjiEqWaxPzHUASGmLjMVdjah2v2lFzjfQP4Fj7lhUi1sShkdMmeFak85RefN9mTuSy7RuOvpbZYi46Pn5sr4_3-CDXimSUOfX5ti9r4wE7gNFFURlyibapV6bpA2xmxvmrXIrB9mWyfA2WHIBO6oZZtFdJTLGF9n2b5sFU5j9Qoiu47MkCji0kE6hl8gmQkHLj122UuwDaKxxbNCw0FxPzrNmgqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://winxblogger.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame F040 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJ2LGz8Fwr3-PwiFy6AZ3R3hgzr_SH_PghiK34Ee-D5tm661qoI7OJSs6CDrKtg_ZLSuI0wBjAYE4LQ3yyy1S4dW-lYI4SswhSla1D5ya4YYfyKyxsiZofg3xvExLw6dC60vQdzoOq_LsV&sai=AMfl-YRVN0WwDfBawPynzf6Yltzihzrksdg_Ypwsvm8AJu2R3MIZA-QX3XF37WmjSa0pHdNnDUp1cvcPjB-lMeQ3PSosGR-2dLXJVHEP0aq-3UAby-bZMSAqaJwhhiob5mozANnflWFJI9mgxoPs9Wyk&sig=Cg0ArKJSzNdXK_hBQd5TEAE&cid=CAQSTgDICaaNIIMpd5vQ8df52ni4dJk4cSXVLBC5eMXtxIwelXfEuGFkE4w2-ybYQQeYTBT56aRR2k3lOMWHUe08IAzuy7X9vwCNPy6pjeMdcRgB&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=714,1003,1003,1003,1003&tos=714,289,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1700739448123&rpt=530&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r5---sn-f5f7kn7z.c.2mdn.net/videoplayback/id/93442e4ad872fcd1/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732275448/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0808 		401 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-f5f7kn7z.c.2mdn.net/videoplayback/id/93442e4ad872fcd1/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732275448/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7ED09004F35836AE5131C646AA245133656C1FF8.24D6262ADC3F8F4A3CCABE3126F498D0D42F86BA/key/cms1/cms_redirect/yes/mh/2Y/mip/176.67.86.82/mm/42/mn/sn-f5f7kn7z/ms/onc/mt/1700739047/mv/u/mvi/5/pl/24/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.108.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw07s04-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 23 Nov 2023 11:37:29 GMT
date
Thu, 23 Nov 2023 11:37:29 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4066535/4066536
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4066536
last-modified
Wed, 15 Nov 2023 12:05:38 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
activeview
pagead2.googlesyndication.com/pcs/ Frame 2774 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8MGM6FXgqDJRDs5AxBTFNDSRco_GxM85jE51IOQPAujziIBvUDHvp71ZVWj9b56TuJfkHhLLreB9632GGYt__HfqfC2SCCwzyFK5IGLetdiuOA0o81MEUNd3oTNYIrh6wKepnB-a2kD-r&sai=AMfl-YRhLxtEV6IcQJ5yQ36GCrWJJEnXkLByYEhlfIFkO742Rv-grpgCxFrRGUmYpaJ06NW33qko03SKkg2Qjw4aaRdfDMmtAEscK4PEe_fuIE353UTScBQvulqt_vkkAkcFNNN_AMBcFMR_1qy9-S5y&sig=Cg0ArKJSzMBugMZ0NGSfEAE&cid=CAQSTgDICaaNIIMpd5vQ8df52ni4dJk4cSXVLBC5eMXtxIwelXfEuGFkE4w2-ybYQQeYTBT56aRR2k3lOMWHUe08IAzuy7X9vwCNPy6pjeMdcRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1700739448093&rpt=526&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 37FC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdhZdDGnWPsoGzYCLaTf7a5dr8QOZvcmjGv6tGDLtVSsa4kdCMPrufV51lny2pjwfgY48-i0LRaAEzg8alwIFe7wMIIcEIiQbamjU16NxmEsk6h8Tw35kYxLUdU-x3mFurBBi9MUBx4C4P&sai=AMfl-YRPhU5SdImme3PaZHEKmMLHalKX4OSFdwdTynGvbDL8opklOwoRNCxzsIT6JBe-wHxpg0tO8_1IWjHRNOkhoZmLIqqvwykp1dg97RNGdPyr_GX8QH9fGVYpMOSWBHGK_loavE_tm8kehx08SlFh&sig=Cg0ArKJSzFSHtcpCZ6r4EAE&cid=CAQSTgDICaaNIIMpd5vQ8df52ni4dJk4cSXVLBC5eMXtxIwelXfEuGFkE4w2-ybYQQeYTBT56aRR2k3lOMWHUe08IAzuy7X9vwCNPy6pjeMdcRgB&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1700739448059&rpt=621&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 0808 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lpb4ctfn&c=4659511764219&slotId=2329755882109.5&qqid=CJzz65SE2oIDFTgH-QAdBX8DSQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1967&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1cx&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231115_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f195.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 11:37:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sb_getmessages.php
winxblogger.pl/infusions/sb_panel/ 		0
0
sb_getmessages.php
winxblogger.pl/infusions/sb_panel/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
winxblogger.pl
URL
https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.mp3?1700739446568
Domain
winxblogger.pl
URL
https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.ogg?1700739446763
Domain
winxblogger.pl
URL
https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.mp4?1700739446820
Domain
winxblogger.pl
URL
https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.aac?1700739446877
Domain
winxblogger.pl
URL
https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.wav?1700739446933
Domain
winxblogger.pl
URL
https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446446
Domain
winxblogger.pl
URL
https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446447
Domain
winxblogger.pl
URL
https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446448
Domain
winxblogger.pl
URL
https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446449

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| gtag object| dataLayer object| Modernizr object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| flipBox function| addText function| addText2 function| insertText function| insertTextSB function| show_hide function| flip function| correctPNG object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _gaq object| adsbygoogle number| offsetxpoint number| offsetypoint undefined| ie boolean| ns6 boolean| enabletip object| tipobj function| ietruebody function| ddrivetip function| positiontip function| hideddrivetip function| autosize object| ion function| Dropzone string| SB_PANEL_INFUSION_DIR string| BASEDIR string| SITE_URL number| sid_last number| seid_last string| notificationSoundName number| userID string| LOCALE_ALERT_SPAM_1 string| LOCALE_ALERT_SPAM_2 string| LOCALE_ALERT_EDYCJA_WPISU_NIEPOWODZENIE string| LOCALE_PROMPT_PODAJ_POWOD_BLOKADY string| LOCALE_NOWYCH string| LOCALE_WIADOMOSCI string| LOCALE_WIECEJ string| LOCALE_ROZWIN string| LOCALE_ZWIN string| LOCALE_CHAR_LEFT_TEXT_START string| LOCALE_CHAR_LEFT_TEXT_ONE_CHAR string| LOCALE_CHAR_LEFT_TEXT_ONE_2_TO_4_CHARS string| LOCALE_CHAR_LEFT_TEXT_ONE_5_MORE_CHARS string| LOCALE_UPLOAD_READY string| LOCALE_UPLOAD_LIMIT string| LOCALE_UPLOAD_WRONG_EXTENSION string| LOCALE_UPLOAD_SERVER_ERROR_IMGUR_CONNECTION string| LOCALE_UPLOAD_SERVER_ERROR_IMGUR_FAILED string| LOCALE_UPLOAD_SERVER_ERROR string| LOCALE_SESSIONLOST_TITLE string| LOCALE_SESSIONLOST_BODY string| LOCALE_POWEROFF_TITLE string| LOCALE_POWEROFF_BODY function| ShoutboxUI function| ShoutboxConnection function| ShoutboxNotifications number| INTERVAL_VALUE_MIN number| INTERVAL_VALUE_MAX number| INTERVAL_VALUE_START number| intervalValue boolean| messageReceived object| lightbox function| getCookie function| setCookie boolean| browserSupportPassiveEvent object| gaGlobal object| gaplugins object| gaData object| _gat object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| recaptcha function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms object| googletag object| google_image_requests

28 Cookies

Domain/Path Name / Value
winxblogger.pl/ Name: PHPSESSID
Value: 1gfuauqbme2kius2pjamf5iff4
winxblogger.pl/ Name: fusion_visited
Value: yes
.winxblogger.pl/ Name: _ga_2F4DV29X49
Value: GS1.1.1700739446.1.0.1700739446.0.0.0
.winxblogger.pl/ Name: _ga
Value: GA1.2.480901588.1700739447
.winxblogger.pl/ Name: _gid
Value: GA1.2.1105360163.1700739447
.winxblogger.pl/ Name: _gat_gtag_UA_133674826_1
Value: 1
winxblogger.pl/ Name: __utma
Value: 1.480901588.1700739447.1700739447.1700739447.1
winxblogger.pl/ Name: __utmc
Value: 1
winxblogger.pl/ Name: __utmz
Value: 1.1700739447.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
winxblogger.pl/ Name: __utmt
Value: 1
winxblogger.pl/ Name: __utmb
Value: 1.1.10.1700739447
.winxblogger.pl/ Name: __gads
Value: ID=852719c64e4f687f:T=1700739447:RT=1700739447:S=ALNI_MY_DvvabxwZ2GtBi30iLZmRCrvkTQ
.winxblogger.pl/ Name: __gpi
Value: UID=00000cd8b3bbeb3e:T=1700739447:RT=1700739447:S=ALNI_MY_ebA0GCHf1keYdS8jJax9tG5zHQ
.casalemedia.com/ Name: CMPS
Value: 1147
.doubleclick.net/ Name: IDE
Value: AHWqTUk7-_WpMHwXNKUGmfCKQnISP8iNPfR1CFXKw4m_ymG9aTUL039A9s_uSKeebfs
.casalemedia.com/ Name: CMID
Value: ZV85eCNxT15T1nBMHODt9QAA
.casalemedia.com/ Name: CMPRO
Value: 1147
.adnxs.com/ Name: uuid2
Value: 6877329700621379604
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In2q0LGr!]tbPl1M>e)ZlrFUfJ+tGXxpG<#wvo?lesdYOQ?h?hX-HKDK%jOywfJMtelK3If)y3KL9D3I?-L(2c@-
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi6Pfo1TTyfgoyfaIezd7Pmz4ymzbumElOCPlEbhmVHYyw-TFA
.adform.net/ Name: uid
Value: 7932967283095600744
.adform.net/ Name: TPC
Value: 1700739448831
system360.inistrack.net/ Name: inisTrack_o-600808-189918
Value: %7B%22actionId%22%3A%2233EgYQungfMNfTJSN1M9HgmXbkMeWO7M%22%2C%22inisTrack%22%3A%22df-b-vPb-%22%7D
.inistrack.net/ Name: OAID
Value: 01000111010001000101000001010010
.inistrack.net/ Name: _OXLIA[189918]
Value: s4kqyh-600808
.tribalfusion.com/ Name: ANON_ID
Value: amntmIy4ZawFBA9MAIAno9x7xErTQMD1VYaWyMLSmiE1DfNZbtECUbQJS7xliQnBEY4CrFwhwh7r1uT44wfgluKs4p
.turn.com/ Name: uid
Value: 7585838605426266223

20 Console Messages

Source Level URL
Text
network error URL: http://winxblogger.pl/includes/fallingsnow_v6.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://winxblogger.pl/infusions/sb_panel/js/ion.sound.min.js(Line 4)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript error URL: http://winxblogger.pl/news.php
Message:
Access to XMLHttpRequest at 'https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.mp3?1700739446568' from origin 'http://winxblogger.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.mp3?1700739446568
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://winxblogger.pl/news.php
Message:
Access to XMLHttpRequest at 'https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.ogg?1700739446763' from origin 'http://winxblogger.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.ogg?1700739446763
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://winxblogger.pl/news.php
Message:
Access to XMLHttpRequest at 'https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.mp4?1700739446820' from origin 'http://winxblogger.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.mp4?1700739446820
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://winxblogger.pl/news.php
Message:
Access to XMLHttpRequest at 'https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.aac?1700739446877' from origin 'http://winxblogger.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.aac?1700739446877
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://winxblogger.pl/news.php
Message:
Access to XMLHttpRequest at 'https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.wav?1700739446933' from origin 'http://winxblogger.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://winxblogger.pl/infusions/sb_panel/sounds/water_droplet_3.wav?1700739446933
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://winxblogger.pl/news.php
Message:
Access to XMLHttpRequest at 'https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446446' from origin 'http://winxblogger.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446446
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://winxblogger.pl/news.php
Message:
Access to XMLHttpRequest at 'https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446447' from origin 'http://winxblogger.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446447
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://winxblogger.pl/news.php
Message:
Access to XMLHttpRequest at 'https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446448' from origin 'http://winxblogger.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446448
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://winxblogger.pl/news.php
Message:
Access to XMLHttpRequest at 'https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446449' from origin 'http://winxblogger.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://winxblogger.pl/infusions/sb_panel/sb_getmessages.php?s=708243&e=17701&_=1700739446449
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
bid.g.doubleclick.net
blogger.googleusercontent.com
c1.adform.net
cm.g.doubleclick.net
csi.gstatic.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
r.turn.com
r5---sn-f5f7kn7z.c.2mdn.net
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
stats.g.doubleclick.net
system360.inistrack.net
tpc.googlesyndication.com
track.adform.net
winxblogger.pl
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
winxblogger.pl
104.18.24.173
104.18.36.155
142.250.184.193
142.250.184.226
142.250.185.106
142.250.185.202
142.250.186.162
142.250.186.164
142.250.186.34
142.250.186.38
142.250.186.66
142.250.186.70
15.197.193.217
172.217.16.200
172.217.18.14
172.217.18.3
172.217.18.97
18.195.149.147
195.201.174.119
216.239.34.36
216.58.212.195
3.64.253.16
37.157.4.29
37.157.6.235
37.252.171.85
46.228.164.11
51.89.9.254
64.158.223.140
74.125.108.138
74.125.206.157
02232988d3ac3e928fdc8c56515e2b4756ef764919d1f398b045094a75c62b8d
03ad59358ef2b84eb761dd53f1f833f6c38e4133d400696d865c5a919e5b1cf1
063027125816da88f8f7e130ad5b6268d7b25d5f81eca5c7bc0d199fb4b718ec
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f0ed284afcf94f728410e720ca9ac84107d90a676864c780b0a3ddd70d8e58b
0fd984f26a896378ce481599662d1cce07efd2ef7cfb51264bb027521beab1bd
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12a9f18acd28472457adff45ab9aceeb6fcca9a135fc2b86d40948c57a67450d
13d8f1eb962cc2e1d74a42e1a849f771e47485c43ef7bd40fce77e35659f475b
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1ce670159ecf00c9471c1c44536894d1909dcaf84ba99a49b03663cad12d2483
1d2e43237d8cbc417103e01c27a048be3ed1ae7aa70ea41bf3548f4262f0e4a3
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
22d1f3ed8b08e51f566ac920f481809024d7ec529e749d5123156a6364b2df60
22e607b23b395e7e219814b750c211523b1787ce05ffc0b9e92a8c152fccd24b
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
27a31183bf236e3d60f6cf71948dac650ab7323246ba7fdb6f72a7d2a422c652
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d469de1cd51429c908aaa4331848c64a24eac62b627fde52bb36297bf4925b8
30d828f12f19ead5d82aa48065f2f44155e312f8d29993f2cc0f5eb344e28f23
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3262368329f730feb034b4f704daf15783f43d1aa98ad0de6f19381039f2d72b
34e7750a5f9a4ecf6f29de266511eb555ebb09bcc15a3e6c9ff3717f5a07eaf5
353b509a6357da78789a963c887a87a65b3b4e714ac56f8f5d693977f06d228a
36c6d59a515f84cf72e78902b8e5f8cdb80eae13450a1b2ad2f28852cadb76fb
36f4c116756db1f52c8dd899171aeddfd176016a61195ab5ee7b3d5954e9ee10
379f816d9ac3ac650af7ac86235f9453da85b6807e695c622609da3275f31aad
381206e52df7af68ee294e17f9207575a799d71137b450e016bffee224abd2c9
3b191aa7339c8f93c2ab39c499c64cdf372e850a6cc1514b80e7d4370725b0dd
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3fd44c0e160a006d47adff4203edebcc447c3f7493a5d6dd9152f173def605ae
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48aee36e61309b8ae577faf10f5c9c1a44bc88f54172b1ce387e33dd6baa068c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f641410d1af33979705036863a34f565b6c92c5ce058edbb7b74adc542bcd0
5595963bca2af38bc8e44b3447f2fbe26d3d552b151e0d2cba04530609cf6676
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57b9998595d8313c2a4318dcdc17daa4efbfa60012af620f0d67a975d8f44e1e
5d5adb1a0d5db7f3c4ad9ebb6333cdeedea9350b958b58ab5e9ee1af1cb1f277
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5fd845b43b1b6af58cd1ac1d3b13f7159f4f84ad0a92b6bd969ab8a4dce3cc84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62d30020baaa4e31f3706412ca55ebf6c094c26b472d17094ac3b256a25d9fcc
667f76f1fd3bc581818c22e11cc7fbec4f16ec73701baac22a345482a95b9459
66e230ecb484909ae191a9deb540f0fe77093eb0b3cbcf01f24c9d0e032b9e2c
69b6d8c117ecb62ed9a088dbd37a1982066cc03455f085dd2a77f9842417e49f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4fd4fcef70e9f50847cfdc11451199ab57b481a103f21dda9650d21f9cc443
6f3a7d1043bb0e537165a5afc802540648b2306512b30bd2d5e996f709d9e6c0
7073208a0d6da775cdd2bd1aa02a9055b30e1135b135e58bf8731d76b5aefccd
781dc6873e6f9281ebb716328576e3bac657b0413d737a0257aad7d35476d121
78825f2c0d076c5ece3f855790f01561ee9f71e52babe220c3931299bd51e6ed
7a0912faa68cb6ec945e65cb161ceea88efab1d53e88cc7d03929905dfabb78b
7d6ced7640648db3f5f10cd83d3f810d047aecba9480cf4eeaa09be2923c533f
7e47fe578a97f108f45f812f0887f44b35720249533f8eeb6fd051e29e2e9a50
7f36de4455b10ca52ae3e585dc4cafd63851715da1ae3e4b2439f66ac045ebfd
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
94ff637a8dcd9344d93deb1fed480020e608a0f125bcbd0e09a9dc8e88bf578e
9869b451dd0099492fac28d8cd828ede3521707a19d2322a1c0b7821404b468d
98bb8344d1762e56654be781fa61925b24c6efdfd8bad6f13e9ac483427ae420
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a63d519d4a91e5d1cc93aaf4206fb0f327a082c7f13077a038c1ad04efff3fa8
ab16af894679cd37654a6a445b386423ef407cd06e46b212ff41e3185537dda2
ad0f0ffdcd62a3c1918dd0e51b06f52be8941a74bd6702cf9708752a90bfd36c
ad97836f732309bb3257c0d126b8f86c38134d7804938c6f0b4cc61eeaffd99c
ae9f355d0aede923fd15c0e55c81e2a7a81b9eecb562168b99e33be98f4ddcd0
afe13fdfe69ac42a4651d1bb9fcea96ff19915d8f3820861c2406367fc06f7a0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2db252474ffe030a6092cc60010b934a7ecff1c8e48312b46919d78a41cd29a
b30f85c15d0504ea08eb20c6d0fc61481043ba4a3517292d813cc5aa7eb15caf
b5ca4fc54dabc860359194ae4625220d008444d0e10d72339dc190aa5e312839
be75e383d4e92e15eea94d0e7153bbc7e0e947f1f5a427952cb49e43f23f494b
c06ffe50c5e0817d297f5aea110832622f6dcb57aeb6ff892b5f1c0a6400da6d
c24aa43250663b368b73484541671010cd272d5d721a0ac5bb34480c802a5aeb
c2e88cefccd9563873efaebe5633bf2bb67f3a5550826ee161a0047b16051da8
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5c7ca20a5c578c510bc08e79862173bffb1062f7481ce7ce0dc894b33a3be10
c60de4bfd8e8bf8a066f133e14d1d79dac5f03bde31a8dcc3011617edcfbfc85
c763a547d9215f0d8fa9ff5883d146af4bcd67c3b8fcaffacc8aed0dabb22330
c8d8a3187542bd3eb4d28b763fbafc9a26ee9a87a8a87c606469eb07c6fe7fb0
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5
cbc83abcada9ec38b17218c387fc8fe5167fc90bb4d6a7f6ea6934a4ba768fc4
ccf90ef3e1ecae3a2fd54bfa61d9d277107e9e747c18664f2d5327c05c332d1f
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d49583241cf039c23e97c81cf2a34b307281e02431fb4537951c60347ce3d88f
d533604b44c5a6b6db8f9caa5d286ee9440ba0c982d2286fb0a2403e9cdd39c2
d997ff6a42a19429d36c36f2350c9338a260553c6857a2ee60ff593bc398a9df
db2c70f402911719d09cea8727a3f4eef8b97a491f1c6869181532539fb53fe7
dc23a9ca238bb47b2b9d485dc4dcdc2ba5dbb6331be53fdd7d9bfa53c38932db
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7457de8d7c178427d41341fb21ad051a080f53ab863674e05aa8e2d01ebc65d
eaa8fd08caaf594d4e1aa390a51ef80046682b67a1b434be2358dc1770e470fa
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edd26c3dc592bc41c44c85a9ff73d725406c7fe3d9a971c84ebf29c89f12abf5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f46e8aea81be0e5d86904d49c8d3bf3d0353e51aa5e6f900a935d5c3b17e0b6b
fc4ab1568eb006230c29a132d2d34ee81d00b88168fbc9a4e51eb8e98829fc17
fd4e437ca1519b1e76bc0d18b5cb690f03e0f308c7cea1732d1db4015466b8fe
fdbc75fabcb2b0281c4758cf07d519669450673a959173d8dfa6fb250e8d9e95